Hot!Tool or method to combine redundant polices

New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/01/19 01:39:07
  • Status: offline
2019/07/11 00:36:58 (permalink)

Tool or method to combine redundant polices

Hi Guys,
We have a couple of firewalls on which the policy count has exceeded 20k. Could someone please let me know if they know of a tool or a method to combine these policies. I tried to check if Forticonverter could be used but it doesn't have an option to import a Fortigate configuration. 

1 Reply Related Threads

    Expert Member
    • Total Posts : 5247
    • Scores: 347
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Tool or method to combine redundant polices 2019/07/11 05:00:38 (permalink)
    1st look for policies that has no "hits". These are signs of duplicate, or poorly written, or not required
    Next, check the address book for duplication in hosts. These can be eliminated or corrected thru policies and address-groups
    Ken Felix

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    Jump to:
    © 2019 APG vNext Commercial Version 5.5