I'm still looking for your precious help on writing a best practice
on "hardening netscreen firewalls
My supervisor is asking to write down about cleanup rules
so could you please tell me if the following is correct or how I can Improve it .
Firewall administrators implements the cleanup rule in order to log the traffic which is being dropped.
The logs produced by the cleanup rule are normally used to perform troubleshooting activities or can then be fed into event analysis systems like a SIEM to improve visibility into network activity.
A cleanup rule should be placed at the end of a policy zone to zone
ns-> set policy id 100 name "Clean-up Rule" from "ZONE-A" to "ZONE-B" "Any" "Any" "ANY" deny log
ns-> set policy id 100