US Patent 8065719 Method and apparatus for reducing firewall rules

A method and apparatus for reducing obsolete firewall rules are disclosed. The present invention addresses the issue by using existing network routing information as well as firewall rule configuration information to help analyze firewall access logs to identify obsolete and unused firewall rules so that these obsolete firewall rules can be removed. In one embodiment, the present invention is capable of periodically identifying the unused rule set for each external partner network and removing these obsolete rules with no impact to the current operation.