Filter
Top Products
16-34
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 16 Managing Firewall Access Rules
Viewing Hit Count Details
• Hit count statistics are based on ACL, not on interface. If you select Enable ACL Sharing for
Firewall Rules on the Security Manager Administration Deployment page (see Deployment Page,
page 11-9), any shared ACL provides statistics that are combined from all interfaces that share the
ACL.
• If you enable network object group optimization, as described in Optimizing Network Object
Groups When Deploying Firewall Rules, page 12-35, you might not get good hit count information.
• If you enable ACL optimization, as described in Optimizing Access Rules Automatically During
Deployment, page 16-43, the hit count results might have problems matching ACEs from the device
to access rules. Thus, when you select an access rule, you might not get any hit count results for it.
• FQDN network/host objects are ignored. You cannot obtain hit count information on these objects.
• Hit count and last hit time information is cleared when a device is restarted.
Before You Begin
Hit count reports are subject to the following limitations:
• Hit count reports are device-specific. You can generate the report for one device at a time from
Device view only. Ensure that you deploy policies to the device before generating the reports.
• If you enable object group search on an ASA 8.3+ device, you cannot use the Hit Count tool. Object
group search is configured on the Access Control Settings Page, page 16-21.
• Although you can select rules that include FQDN network/host objects, the objects are ignored in
the hit count results.
Navigation Path
(Device view only) From the Access Rules Page, page 16-9, right-click the Hit Count cell for a rule in
the table and choose Show Hit Count Details.
The Hit Count Details window opens as a pane at the bottom of the access rules table. Click the expand
button on the right side of its title bar to view the hit count details in a separate window.
Related Topics
• Understanding Access Rules, page 16-1
• Table Columns and Column Heading Features, page 1-46
• Using Category Objects, page 6-12
Field Reference
Table 16-7 ACE Hit Count Details Window
Element Description
Choose You can choose how to view the hit count information: Expanded
Table or Raw ACE (both are explained below).