Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hi ,
Can you please give me an ideea how to evaluate the policies on a ScreenOS firewall.
I have seen on other firewalls from other vendors they have some counters on each rule. if it is hitted zero times it should be removed.
How is this implemented on ScreenOS firewalls?
Regards.
You add counting to the policy on the Advanced tab of the web interface. Or by adding the keyword "count" to your set policy statement.
Once activated you will see an icon for the counter in the web interface. Selecting this will show the numbers.
Hi,
I have checked "counting" but what can I see is only how much traffic passed the firewall using that rule not how many times it was accessed.
As I have told you some other FW vendors have the option to show how many times a rule was hitted.
Regards,
Traian.
I dont think this is possible in juniper firewalls.
A work around is to save the traffic log to SYSLOG and then view the policies used most.
This will however need manual efforts.
Thanks.
Hardeep
You can use the following command set for this:
get pol id x1 | in "log count"
...
get pol id xn | in "log count"
The logging should be enabled in the policy(ies).