Know where an object is in use
Know where an object is in use. By selecting the object you have the option to report on which rules, policies, etc. are added.
This will allow cleaning of objects, making it easier to manage and maintain them.
This should also include the ability to locate unused objects across the UI and delete them if they are no longer needed.
XG Fan commented
I think these requests should be merged:
Andreas Rieger commented
Easy to Implement for Sophos i'll think. Here is the SQL command to search Hosts inn Firewall rules:
psql -U nobody -d corporate -c "SELECT h.hostid,s.fwruleid FROM tblhost h join tblfwsource s on h.hostid = s.hostid WHERE h.hostname='Hostname-placed-here' ;"
psql -U nobody -d corporate -c "SELECT h.hostid,d.fwruleid FROM tblhost h join tblfwdest d on h.hostid = d.hostid WHERE h.hostname='Hostname-placed-here' ;"
With SOPHOS SG is possible do it, why with SFOS is not possible?
Fortigate, Cisco ASA, etc ... all of them have this feature. When I need to delete an object is very hard search where the object is used.
Report showing what firewall rule Host and Services are used in. This would be helpful to keep Host and services up to date. It is a pain to see an IP host but not be sure if it is used in any rule. If it is it would be nice to be able to see what rules it is used in. Same with services.
is it possible to display e.g. Hoste IP/Host FQDN items or groups, how and where the object is being used/linked in the XG?
Rodrigo Finger commented
Deploy in the Sophos firewall to show in which rules an object is linked (host and services). This is very useful when I want to delete the object.
Show usage of certificates.
We had to renew our wildcard certificate due to normal expiration. We have bound the new cert. to all rules we could find using the old one. After all, we haven't been able to delete the expired cert, cause the UI told us it is still in use within an http-policy. In fact, it was in use in a deactivated business-policy and within the "admin-settings".
It would be nice to have...
a) a better error message with concrete details where the cert. is used, or
b) The possibility to list all occurances directly from a certificate
Or at least add a button "Where Used" to list all rules this object or rule is used. Like CheckPoint firewall.
Add new botton (Delete unused items) to keep clean the firewall.
Need a way to check how many firewall rules an IP host is associated with.
Christian Wurm commented
Good idea, I would totaly suggest this, too. I also created an idea for this: https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/34379830-full-text-search-on-dropdown-menus
UTM like search in firewall policys:
Searching for used objects in the policys is an nightmare on the XG firewall. Please bring an UTM like serch, where you can type in, what you want to search and then all the policys with the serched object will be displayed.
At the moment it is an nightmare, when you have several hundreds of rules and you want to find all rules for an specific object. And yes, in bigger companys you will have several hundred of policys.
Son L. commented
I also would like this feature. I would recommend color coding objects in use red or orange if a sort/filter cannot be done.