Hi guys,
For anybody that's done serious rule consolidation on your edge firewall, what strategies do you use to slim down your access-control policy? Do you find a way to check the hit counts on individual rules first and then try to make decisions from there? Do you simply parse your rule list slowly and try to find redundant rules? Some combination of the two? Verify that a lot of these addresses even exist anymore? I'd love to hear about your experiences in this area if you have any!
No comments:
Post a Comment