- Table of Contents
-
- 04-Policies
- 01-Security policy
- 02-Security policy redundancy analysis
- 03-Security policy hit analysis
- 04-Security policy optimization
- 05-Attack defense
- 06-Connection limit
- 07-uRPF
- 08-IP reputation
- 09-NAT
- 10-NAT66
- 11-AFT
- 12-Application audit
- 13-Bandwidth management
- 14-Server load balancing
- 15-Outbound link load balancing
- 16-Inbound link load balancing
- 17-Transparent DNS proxy
- 18-NetShare control
- 19-Server connection detection
- 20-Application proxy
- 21-Load balancing common configuration
- 22-Global load balancing
- Related Documents
-
Title | Size | Download |
---|---|---|
03-Security policy hit analysis | 22.70 KB |
Security policy hit analysis
This help contains the following topics:
Introduction
The Policy Hit Analysis page displays security policies that have not matched any packets in the policy creation order. Policies created first come first in the list.
A security policy is not hit if either of the following conditions exists:
· No packets match the filtering criteria specified for the policy.
· The policy is redundant because another security policy with less strict filtering criteria were created earlier than the policy.
Restrictions and guidelines
Match counting or statistics collection must be enabled for security policies for the system to perform policy hit analysis.
Perform policy hit analysis
1. Click Policies > Security Policies > Policy Hit Analysis.
2. View, modify, or delete security policies that have not matched any packets.
Table 1 Policy hit analysis configuration items
Item |
Description |
Time range |
Select a time range for the analysis from the menu at the top right corner. Options include: · Today. · Last 3 days. · Last 7 days. · Last 1 month. · Last 3 months. · Last 6 months. · Last 12 months. · Last 3 years. |
Edit |
To modify a security policy, click the Edit icon for the policy. |
Delete |
To delete a security policy, select the policy and then click Delete. |
3. After policy modification or deletion, click Activate to have the security policy configurations take effect immediately.