Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 27 subscribers
  • Views 15765 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What does unused policy mean?

Phaser

What does unused policy mean? A lot of action on the sophos are embedded and just have no idea what they are rules wise. So when I add a rule never seems to be used and see the unused policy in the dashboard.  



This thread was automatically locked due to age.
  • 0

    Hi John,

    Would you be able to take a screenshot and upload it here of what you're seeing? That would help greatly!

    Emile

  • 0 in reply to Emile Belcourt
    Active Policies
    0Business
    0User
    2Network
    2Total
    1Unused
    0Disabled
    2Changed
    1New
    Prevalent Malware

    Not sure if this is acceptable. Just trying to understand what the theory is or rule as to when it says on the dashboard unused policy? What are the rules on why their not used.   

  • 0 in reply to Phaser

    Ah, I see what you mean now. I believe the Unused section is when policies have been unused for a substantial period of time and you can narrow down which ones can be deleted safely.

    Basically a clean out assistance, not sure if that's exactly what it's for but I have 2 policies showing in there that I'm quite happily able to say they haven't been used since their conception :)

    Emile

  • 0 in reply to Emile Belcourt

    Hello

    Makes sense and think there is so much secret sauce in these that it looks at your added policy and says" have that covered already" so does not use. Very thorough box just better documentation would be nice so you don't waist time on policies it already covers.

    Best regards

  • 0

    Hi,

    I had the same issue with a policy as unused, which is silly. I moved the policy around the path list, no affect. the policy was blocking certain countries, which is not part of any other policy or sub-policy. So unused was a useless meaningless statement, why was was it unused?

  • 0 in reply to IanMorehouse

    Thanks for the feedback. They should have some documentation on that since it is a feature? Also a test button you hit and see if the thing is good to go or bypassed by internal hot sauce covering it already. Watched a bunch of videos but they just do not get to that and why they do not work or accepted in compiling to use with the other rules.

    best regards

    jm

  • 0

    "Unused" simply means that the byte count inbound AND outbound has remained unchanged for a "period" of time. I am not sure what that "period" is at the moment. However, do not blithely assume that the rule is redundant and unnecessary. I've seen circumstances (of my own and other's creation) in which the rule reports "unused" but that is the result of a misconfiguration.

    For example, a rule created with "Match known users" active on a firewall without "user authentication" configure will show up as "unused".

     

    Regards,

    Gary Gunderson  - XG Architect