To add. If you query your unused objects from within your smatview dashboard, in a clean up effort, beware on what you remove. You could have created an object and performed auto static NAT on it with auto proxy arp enabled, but then created another object for the valid natted IP and used this in the rulebase instead of the original object. With the object not being used in the rulebase the query will show it as unused, removing it will kill your auto proxy arp for the natted IP.
-GS -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Hugo van der Kooij Sent: Friday, November 09, 2007 4:46 PM To: [email protected] Subject: Re: [FW-1] Rule most used -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Din Cox wrote: > Eventia Reporter can provide what you are looking for. It can be used to > determine which rules are used the most, which rules are used > infrequently and which rules are never used. Just keep sharp if you decide to remove these 'unused rules'. A customer shot himself in the foot that way. That rule allowing traffic from Gateway to SmartCenter was not used for months. So it was decided to remove it. A few weeks later thay did test the no-break and it broke. After they fixed the power they saw no traffic from that gateway It turned out the log connection was dropped. Just because nothing is shown does not always mean it is not in use. Some session can live for months. Hugo. - -- [EMAIL PROTECTED] http://hugo.vanderkooij.org/ PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc A: Yes. >Q: Are you sure? >>A: Because it reverses the logical flow of conversation. >>>Q: Why is top posting frowned upon? Bored? Click on http://spamornot.org/ and rate those images. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHNNUJBvzDRVjxmYERAt78AJ9vuRYFyN1Xmtmw02UESV+XoJK4zQCfUmSm ObnnwbB6XcFOU3XXsspeyZw= =28kZ -----END PGP SIGNATURE----- ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
