View AFA group data

A group is a set of devices, in which no information about the relationships between the member devices is provided, or when the devices are not connected in a tiered network. AFA manages a group's policy as a single unit, providing a bird's-eye view of your group-wide risk exposure.

In addition to user-defined groups, AFA includes a built-in group called ALL_FIREWALLS. This group consists of all devices in the system, and you can generate reports for it like any other group.

For more details, see Manage groups.

Note: For additional information on Cisco User Awareness – How to Define a User/User Group in a Rule, see this AlgoPedia Knowledge Base article.

Viewing User-Defined Groups

To view a user-defined group:

  1. Click Groups in the main menu.

    The Groups menu appears in the main menu, displaying all of the groups defined in AFA. Groups for which the last report generation failed appear in red. Groups for which real-time monitoring or log collection have failed appear in orange.

  2. (Optional) Use the search filter to select the desired group.
  3. (Optional) To filter out the groups with issues, do one of the following:
    • To filter by only the issues you specify:
      1. Next to the Issues link, click .

        The Display issues regarding window appears.

      2. Clear the check boxes of the issues you do not want to appear in the filtered results.
      3. Click outside the window.
    • To filter all issues (default), click Issues.

      The device tree appears with only devices with issues and their group. If you specified which issues should appear, only those issues appear.

      To revert to the standard view, click the Issues link.

  4. Select the required group.

    The group appears in the workspace.

    For details of the information displayed at the top of the workspace, see Group Information Fields.

    You can view the individual devices in the group by selecting them in the in the menu.

Group Information Fields

This field...

Displays this...

Latest Report

A button that brings you to the last successful report generated for this group.

Date and Time

The date and time when the group was last analyzed.

Number Of devices

The number of devices in the group.

Back to top

Viewing the ALL_FIREWALLS Group

To view the ALL_FIREWALLS group:

  1. Click Devices in the main menu.

    The Devices menu appears in the main menu, displaying all of the devices defined in AFA. Devices for which the last report generation failed appear in red. Devices for which real-time monitoring or log collection have failed appear in orange.

  2. In the devices list, click ALL_FIREWALLS.

    The ALL_FIREWALLS group appears in the workspace.

    For information on the fields displayed at the top of the workspace, see Group Information Fields.

    Back to top

Viewing Group Reports

Group reports provide information for a group of devices. Group reports are provided for the ALL_FIREWALLS group and for groups manually defined in AFA.

AFA provides the following options for viewing group reports:

Back to top

Group report page references

The following pages are available in group reports:

Page

Description

HOME page

Provides a general overview of the report, including a list of devices in the group, changes to the devices, risks, and policy optimization.

RISKS page

Provides a high-level executive summary of the risk analysis findings.

Note: Available only with the AFA Risk and Compliance Module

REGULATORY COMPLIANCE page

Access a variety of automatically-filled compliance reports for this group.

Note: Available only with the AFA Risk and Compliance Module

POLICY OPTIMIZATION page

Find out what you can eliminate from each device's policy to optimize it and make it more efficient and maintainable.

BASELINE COMPLIANCE page

Indicates whether group members' configurations comply with certain baselines.

POLICY page

Provides access to the wealth of detailed information collected and identified during the analysis.

CHANGES page

Displays the changes in rules, objects, and the resulting changes in allowed traffic and risks, over all the history of AFA reports for devices in this group.

Back to top