This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

iView2 policy usage accept firewall rule reporting for UTM?

Am I right that in policy usage only deny rules are reported/visible?

In case you want to look for the best order of rules or if you're looking if rules are not needed anymore this report is completely useless...

I'm using UTM 9.3 OS.



This thread was automatically locked due to age.
  • Hi,

    Greetings.

    Our iView reflects reports for Accept/ Deny rules both. I am not sure what is your exact requirement. But if this is something you are missing, pfa screenshot.

    Now, reports will never provide you information about rules that are not needed anymore, this should be self managed as UTM cannot conclude which Rules are unnecessary.

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • The problem is that allowed policies are not shown/recorded generally!

    and also

    If I use view all:

    We're using UTM 9.355

    regards

  • Hi,

    I reproduced this in our lab with the same firmware version and I am not able to find the allowed policies. Provide me some time to get in touch with the Dev. Team to get an update for you. 

    Meanwhile, if you have a valid subscription for support, i request you to report this. This can be a Bug.

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Hello ,

    For now, Allowed Web Traffic reporting is available only for Cyberoam & SFOS.

    Regards,

    Ishan

  • Any news here?

    iView2 is able to log blocked rules but is not able to log allowed rules with an utm...why?!?

    iView1 is not able to export all pages in a pdf report and there will be no updates in future - there was also no in-place upgrade to iView2 possible...

    Sorry but this is really useless for me...

    Product placement and marketing is always good but real world shows something other...

  • Currently reviewing version 03.01.2 of iView, to see if it would suffice as a tool for reviewing our UTM9's as dictated by the PCI-DSS requirements and I am puzzled why the "accept rules" are still missing in "Reports -> Netwerk & Threads -> Rule Usage".

    All firewall rules have logging switched 'on' on all UTM's and when I check the live logs on iView at "System & Monitor -> Monitor -> Live Logs" I do see the packet filter accept entries flying by:

    2019:05:08-11:48:42 utm-01-1 ulogd[11898]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="76" initf="la...