Firewall Rules Report
The Firewall Rules Report shows the top firewall rules triggered
on this firewall, grouped by different categories.
On the top right side of the Report screen, there will be three combo boxes. They are:
- Top 5
- Filter by
- Export as
Top 5
The Top 5 combo box lets you choose the level of detail in the reports. By default, the top five values are shown. To show more than 15 values, the
report uses only tables. There is an option to display the Graph only.
- Top 5 (graph & table)
- Top 10 (graph & table)
- Top 15 (table only)
- Top 20 (table only)
- Top 25 (table only)
- Graph only
Below each graph click the Hide Table link to hide the
table. Click the Show Table link to see the table again.
Filter by
The Filter by combo box lets you choose the field of filter in the reports. There will be three field values for filtering. They are:
- Source
- Destination
- Protocol
- Summary
Export as
The Export as combo box lets you choose the format of the reports for export. There will be two formats for exporting. They are:
Click on the PDF to export this report to PDF. Click on the CSV to export this report to CSV format (comma separated values).
The Top Used Rules table shows the
used Firewall rules and number of log counts that have triggered the firewall rules. The table shows the Rule Number or ID of the used rule, and the Count of log entries that have triggered the paritcular rule. Drill down from the rule to see the hosts, protocols,
user, status, message, total bytes consumed by the rules and count that triggered the firewall rule. The drilled down report also displays the total bytes consumed by the rules.
The Top Unused Rules table shows the
Firewall rules that have not triggered. The table shows the Rule Number or ID of the unused rule. Drill down from the rule to see the description of the unused rule.
Top Unused ACEs
In the case of Cisco devices, the table shows the unused ACL and the exact unused ACEs. Drill down from the ACL to see the description of the unused ACEs.
The Top Rules - Protocol Group Based graph shows the
top protocol groups that have triggered firewall rules. The table below
the graph shows the protocol group, the rule triggered, and the number
of hits. Drill down from this graph to see the top hosts, the top protocols
and the top conversations that triggered the firewall rule in that protocol
group.
The Top Rules - Host Based graph shows the top hosts
that have triggered firewall rules. The table below the graph shows the
host, the rule triggered, the number of hits. Drill down from this graph
to see the top destinations accessed, the top protocols and the top conversations
for each host that triggered the firewall rule.
The Top Rules - Destination Based graph shows the top
destinations for which firewall rules have been triggered. The table below
the graph shows the destination host name or IP address, the rule triggered,
and the number of hits. Drill down from this graph to see the top hosts,
the top protocols and the top conversations that triggered the firewall
rule.
The Top Rules table shows the overall top firewall rules that
have been triggered across this firewall. The table below the graph shows
the rule triggered, and the number of hits. Drill down from this graph
to see the top hosts, the top protocols and the top conversations that
triggered the firewall rule.
|