Configuring Rule Recertification and Expiration

There are several rule recertification and expiration parameters that the App Administrator configures in the Rule Lifecycle Management App (RLM) Settings () tab. These parameters determine, for example, which rules to retrieve, the duration of the recertification, and how often RLM refreshes the status of rules that are in-progress.

In this section, configure the following rule certification parameters:

  • Days before rule is expired: RLM retrieves rules with an expiration that matches this value.
  • Number of days for new certification: Duration of the rule recertification. For example, set this value to 365 days to renew the certification for another year.
  • Owner Response Time: When the owner must make a certification decision and has already received notification, this is the number of days that RLM waits before resending a reminder email notification to the App Administrator.
  • Tickets Interval: Frequency (in minutes) in which RLM retrieves information about the tickets from SecureChange. You can view these tickets in the Pending tab.
  • Auto Decertify: Enable the toggle to automatically decertify rules. RLM opens a decertification ticket if all of these criteria are met:
    • Owner response time has expired.
    • Rule is expired.
    • Rule log (on the firewall device) is enabled.
    • Rule last hit (timestamp when traffic was matched to the rule) is none or greater than 365 days.
    • Rule was not modified in the last year.
    • Rule will be disabled only if the Rule Decommission Workflow toggle is enabled.

  • Rule search fields: Determines how RLM associates Rule Owners to rules. You can define associations according to the Source, Destination, or both values.

    For example, consider these Rule Owners and the rules that they manage:

    Rule Owner

    Source IP

    Destination IP
    Alice 1.1.1.1 2.2.2.2
    Bob 1.1.1.1 3.3.3.3
    Sally 4.4.4.4 1.1.1.1

    For the rule with IP 1.1.1.1, if you select Source, Alice and Bob will own that associated rule in RLM. If you select Source and Destination, Sally will be associated with that rule too.