What is the main function of Policy Optimizer?
What is the main function of Policy Optimizer?
The main function of Policy Optimizer is to convert port-based security rules to application-based security rules. This optimization helps in improving security by reducing the attack surface and enhancing visibility into the applications being used. By converting the rules, the Policy Optimizer aids in safer enablement of applications and better management of security policies.
Policy Optimizer provides a simple workflow to migrate your legacy Security policy rulebase to an App-ID-based rulebase, which improves your security by reducing the attack surface and offering visibility into applications so you can safely enable them. Policy Optimizer identifies port-based rules so you can convert them to application-based whitelist rules or add applications from a port-based rule to an existing application-based rule without compromising application availability. It also identifies over-provisioned App-ID-based rules (App-ID rules configured with unused applications). Policy Optimizer helps you prioritize which port-based rules to migrate first, identify application-based rules that allow applications you do not use, and analyze rule usage characteristics such as hit count.
Should be D What are the benefits? Allow for Converting port-based rules to application-based rules Allow and deny access to all other applications, which improves security posture (Security Policies have less Attack surface). To identify and clean up Unused Apps.
Policy Optimizer provides a simple workflow to migrate your legacy Security policy rulebase to an App-ID based rulebase, which improves your security by reducing the attack surface and gaining visibility into applications so you can safely enable them.