mailing list archives
Re: firewall rule lifecycle management
From: marty () supine com (Martin)
Date: Thu, 1 Sep 2005 10:14:29 +1000
$quoted_author = "Bruce Smith" ;
From my PIX experience, clear rule counters every month. After a while, look
for the rules that have zero counts and then remove them. Can be scripted
and searched with grep.
that's a neat way of picking up dormant rules, but you'd still need to
review them manually to identify rules that should no longer be in place
even if traffic is still matching them.
In the 60's, people took acid to make the world weird. Now the world is weird
and people take Prozac to make it normal.
firewall-wizards mailing list
firewall-wizards () honor icsalabs com