On This Page
Configuring Rule Recertification and Expiration
There are several rule recertification and expiration parameters that the App Administrator configures in the Rule Lifecycle Management App (RLM) Settings () > Setup menu. These parameters determine, for example, which rules to retrieve, the duration of the recertification, and how often RLM refreshes the status of rules that are in-progress.
In this section, configure the following rule certification parameters:
- Recertification Trigger: RLM retrieves rules for recertification with an expiration that matches this value.
- Certification Lifespan: Duration of the rule recertification.
For example, set this value to 365 days to renew the certification for another year.This value must be greater than the value for Recertification Trigger.
- Auto Decertify: Enable the toggle to automatically decertify rules. RLM opens a decertification ticket if all of these criteria are met:
- Owner response time has expired.
- Rule is expired.
- Rule log (on the firewall device) is enabled.
- Rule last hit (timestamp when traffic was matched to the rule) is none or greater than 365 days.
- Rule was not modified in the last year.
- Rule will be disabled only if the Rule Decommission Workflow toggle is enabled.