The policy tightening feature gives the visibilities of "any to any" rules, which source and destination are used, and the actual traffic from overly permissive rules.
What is our primary use case?
- Overly permissive rules need more visibility, and we have given the "any to any" access in some cases.
- Looking for the solution which will provide details and description of the policy, like providing the source and destination addresses that are used from particular rules.
How has it helped my organization?
Policy optimisation helped reduce the policy count of the firewall. Therefore, the visibility of firewall policies improved.
What is most valuable?
Policy tightening feature: It gives the visibilities of "any to any" rules, which source and destination are used, and the actual traffic from overly permissive rules. Therefore, we are able to tighten the policy of the firewall.
What needs improvement?
I would like to suggest that cloud visibility feature is provided in the next release. We would be able to understand how traffic flows from the source to destination.
For how long have I used the solution?
One to three years.
Which solution did I use previously and why did I switch?
Which other solutions did I evaluate?
Yes, Skybox was there, but the GUI and some of the features are missing.
Which version of this solution are you currently using?
firewall security management