About Policy Analyzer and Optimizer
AIOps for firewalls leverages artificial intelligence (AI) and machine learning (ML) to streamline and enhance the management and security of network firewalls. By using dynamic baselines and advanced forecasting models, AIOps can detect policy anomalies and predict potential issues before they escalate, ensuring proactive maintenance and stability. One of the key functionalities of AIOps is the Policy Analyzer and Optimizer. See AIOps Insights to know more about the various other functionalities that AIOps provides.
Secure Firewall Threat Defense devices with extensive policies may have numerous duplicate or shadowed rules. Such bloated policies with unoptimized rulesets can lead to excessive consumption of device memory, delayed loading of rules, and long search duration, resulting in inefficient security policy enforcement, reduced network speeds, and extended deployment durations.
Policy Analyzer and Optimizer is an intelligent Security Cloud Control Firewall Management service that analyzes firewall policies, detects rule anomalies, and helps you understand where a policy can be optimized. Policy Analyzer and Optimizer support both access control policies and Network Address Translation (NAT) policies for Cloud-Delivered Firewall Management Center and supported Security Cloud Control-managed On-Premises Firewall Management Center data sources.
In addition, this feature can do the following:
-
View policy health and optimization opportunities for the selected management center data source.
-
Analyze policies on demand or rely on scheduled analysis that runs every 24 hours.
-
Download analysis reports as PDFs after analysis completes.
-
Use Access Control Policy Analyzer and Optimizer remediation workflows where supported.
-
Use Network Address Translation Policy Analyzer and Optimizer findings and AIOps insights to investigate NAT policies that contain optimizable rules.
Common Policy Analyzer and Optimizer concepts
Policy Analyzer and Optimizer uses these shared concepts across access control policy analysis .
|
Concept |
Common behavior |
Policy-type difference |
|---|---|---|
|
Data source |
A Cloud-Delivered Firewall Management Center or an On-Premises Firewall Management Center selected in Policy Analyzer and Optimizer. |
The Access Control tab can be used for supported On-Premises Firewall Management Center data sources. The Network Address Translation tab is available only when Network Address Translation Policy Analyzer and Optimizer is enabled through AIOps for the selected data source. |
|
Sync |
Fetches current policy inventory and metadata, including newly created, deleted, or modified policies. |
Sync does not, by itself, create a new analysis summary. If the policy changed after the last analysis, run analysis again or wait for scheduled analysis. |
|
Analysis |
Evaluates selected policies and produces policy health information, observations, and report data. |
Access control Policy Analyzer and Optimizer evaluates access control rule and object findings. Network Address Translation Policy Analyzer and Optimizer evaluates NAT rule shadowing and redundancy. |
|
Reporting |
Provides a downloadable analysis report after analysis completes. |
Access control Policy Analyzer and Optimizer also provides remediation reports after supported remediation is applied. |
|
Remediation |
A workflow that stages selected changes and applies them only when you select Apply Remediation. |
Available for access control policies. Network Address Translation Policy Analyzer and Optimizer does not provide an Apply Remediation workflow. |

) button on the top-right corner to manually refresh the page to see new policies.






Feedback