On the Plan security page, when you click the wedge or the edge in the topology diagram, you can view the list of the services and flows for that particular segment. Click Recommended Firewall Rules to view the rules defined on it. The members of the source or the destination are listed under the following types of rules:

  • Physical to Physical: This tab lists all the rules associated with the physical and Internet IPs. The rules can be for physical-physical, physical-Internet, Internet-physical, or Internet-Internet entities.

  • Virtual: This tab lists all rules where at least one of the endpoints is a VM.

For each firewall rule, the following details are available:

  • Show members of the group: Click the + sign next to the name of the entity to see the members of the group.

    Note:
    • The members are not shown for the groups belonging to the Internet category.

    • If a security group has both virtual and physical IPs, the physical and the Internet IPs are not shown in the list of the members of that particular group.

  • Source

  • Destination

  • Services

  • Protocols

  • Action

  • Related Flows: Click the number of the related flows to see the list of flows with the corresponding flow information.

  • View Applied Firewall Rules: Click the + sign next to the Related Flows column to view the applied firewall rules corresponding to the similar sets of flows.

You can export the recommended rules as XML or CSV based on your requirement. Refer to Exporting Rules for more information on these artifacts.