Rule Consolidation Report

It is recommended that you run the Removable Rules Report before running the Rule Consolidation Report.

The rule consolidation report displays security rules on the firewall that may be safely consolidated without changing the behavior of the policy.

To be considered for consolidation a rule must meet the following guidelines:

• Action must be the same
• The recommendation must not change the behavior of the policy to qualify for consolidation
• If users and applications do not apply, then must match two out of three (Source, Destination, and Service)
• If users OR applications apply, then must match three out of four (Source, Destination, Service and either Users or Applications)
• If users AND applications apply, then must match four out of five (Source, Destination, Service, Users, and Applications)
• If device is zone based, and the rule exists in multiple logical policies, then it does not qualify for consolidation
• If one or more rules are between two rules eligible for consolidation, and at least one of those rules shadows the rule that would otherwise be recommended for consolidation, then it does not qualify for consolidation
• If any rule that would otherwise be recommended for consolidation, contains a "negated" column, then it does not qualify for consolidation

To create and schedule this report, complete the following steps.

1. On the toolbar, click System > Reports.
2. Click Create > Rule Consolidation Report.

3. Complete the General section.

1. The Name and Description fields are prepopulated, but can be changed.

2. Select a Cluster or Device to associate to the report.

4. In the Options section, click Object Details to include object details in the report, such as IP address/netmask for network objects, group member and group member details, and service protocols and ports.
5. Complete the Scheduling Properties section.
1. Select a Recurrence from the list, and then select the Enable check box.
2. Enter a Description (or purpose) for the schedule.
3. Depending on the Recurrence type selected, additional required field boxes will appear.

Repeat Interval is used to determine how often the report should run during the set Start/End Time. For example, a report set to run daily for a 30-day period with a repeat interval of 2 will run every two days during the set period.

4. Set a Start Time and End Time. Click the calendar icon to set a day, and the clock icon to set a time.

6. Complete the Email Notification Settings section.

1. Select the Users to include. Enter the first few letters of the user's name to search the All Users list.
2. Enter other recipients in the Additional Email Addresses field. Use a semicolon to separate multiple email addresses.
3. Select a Report Format output of PDF or CSV.
4. Optional. Click the Use .ZIP file for email attachment toggle key to enable this feature.
5. Optional. Click the Sign and encrypt email toggle key to enable this feature.

Email encryption must be setup to utilize the sign and encrypt email feature.

7. Click Save.