Have anyone tried removing a rule/route and reapplying the same policy to resolve an issue? I have a time-clock that is seen hitting my FW and leaving the network, but there is no return traffic. We have multiple time-clocks and all of the others are working expect for this particular one. All the time clocks have static IPs with rules like "Static IP of time clock, next-hop is time-clock's server, allow port 443".
Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.