Hot!Tool or method to combine redundant polices

Author
austinmas
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/01/19 01:39:07
  • Status: offline
2019/07/11 00:36:58 (permalink)
0

Tool or method to combine redundant polices

Hi Guys,
 
We have a couple of firewalls on which the policy count has exceeded 20k. Could someone please let me know if they know of a tool or a method to combine these policies. I tried to check if Forticonverter could be used but it doesn't have an option to import a Fortigate configuration. 
Thanks
 
 
#1

1 Reply Related Threads

    emnoc
    Expert Member
    • Total Posts : 5247
    • Scores: 347
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Tool or method to combine redundant polices 2019/07/11 05:00:38 (permalink)
    0
    1st look for policies that has no "hits". These are signs of duplicate, or poorly written, or not required
     
    Next, check the address book for duplication in hosts. These can be eliminated or corrected thru policies and address-groups
     
    Ken Felix

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #2
    Jump to:
    © 2019 APG vNext Commercial Version 5.5