Duplicate Rules

The Duplicate Rules tab lists shadowed and redundant rules with anomalies:

• A Fully Shadowed rules is one that will never evaluate network traffic because another rule that precedes it over shadows this rule.

  

• A Fully Redundant rules is one that is just a part of another larger rule, such that removing this redundant rule does not have an impact on the network traffic, because the traffic evaluation that this rule must perform is already performed by another rule.

  

Note	Expand each observation to review the affected rules before you stage a remediation. Each rule in the list is displayed with a set of attributes; click the settings button on the top right to select which rule attributes you would like to see along with the rule.

After you stage the selected duplicate-rule remediations, you can still Undo them before clicking Apply Remediation. It is recommended that you disable rules first to measure the impact and delete them later, because deleting them permanently removes them.

You can enable the disabled rules any time by navigating to the Cloud-Delivered Firewall Management Center or the On-Premises Firewall Management Center on which the rules are present.