I am creating a firewall rule for a large environment from scratch and I am using adaptive mode. Now, if i keep all the adaptive rules dynamically created by the clients it'll take up a lot of space, even while tuning this. Is there a way for me to just take the rules I have now and convert them into something that is human understandable so I can pass it off to another group to analyze the rules?
Hips learned rules which are reported to epo could be put into a different/new firewall policy and be analysed from there (given epo access rights to look into the policy set). Otherwise than that a tool would be needed to be build.
To minimize the scrap rules created by dynamic learn a best practice is to use adaptive only for brief periods when you have time to monitor the rules that are created.