Not sure this feature is there or not, but didn't able to find. In Policy/Compliance Audit report it gives all alerts and scoring done based on that.But there should have an option to suppress alerts with comments. There will be two use case of this---
1. First use case-Let say based on a policy, 10 firewalls are showing as violating the policy. Out of which may be one firewall, which could have a business justification to that particular configuration. So, there
need to have a suppression option with comments which will be shown in the report with Justification and at the same time will excluded this instance from overall security/compliance rating.
2. Second use case is -The infrastructure and configurations are audited by third party frequently , let say every month. They normally run tools like Nipper or something and will give a low score non compliance
report to justify. Now each and every time the same exercise need to do with large number of firewalls and huge number of rules vs Change request, tickets etc etc for justifying the same. If there could have
this facility , then it would be very easy for us to generate the report and provide it to them where once justification given , will remain in DB and will come in every report.Not sure if others are facing the same
issue or not or how they are managing, but for us it is something we are having challenges.Though we try to keep in some excel or some other arrangements but rankly not so salable or helpful so far.
