A list of requests for the policy auditor, I realize you guys are probably already tracking the first one.
- Ability to run audits on a port by port basis without having to create a rule for every interface
- Regex tester based off the regex engine ncm policy auditor is using
- Ability to export and import rules through the user interface rather than having to use SQL
- Ability to have reports run and export to chosen format and store export or email export after the fact. Right now it only emails reports in HTML which is blocked by our email system. MHTML is preferred but we can only get this by breaking the report up into small pieces and running each one then exporting. Otherwise trying to run an enterprise wide report takes an hour to generate and ultimately the RDP session times out and the report is lost.
- If we must still make rules for each port make sure that rules are still categorized when using the policy creation interface. Its nice that you can categorize rules but when you go to apply the rules to a policy they are no longer in a category, they are all listed in bulk. You can imagine the impossibility to have 5 different interface rules for each type of interface and then trying to find those rules out of a list of 1000's to build your policies, its a nightmare.
- Fine tuning of audit engine. When trying to audit with multi-line condition regex's, any configuration that has more than 72 ports tends to lock up the policy auditor requiring those switches to be manually audited.
I will say that the MHTML reports we do get are awesome, the admin team and management love them!
-TCK
