3.4 Ensure Hit count is Enable for the rules

Information

The Hit Count setting shows the number of hits for the rules if enabled. When a new connection crosses a Firewall, hits are incremented for the matching rule.

Rationale:

The Hit Count is a very useful feature which helps in finding the unused rules, which can be reviewed and removed or update the rules accordingly as per the requirement.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Go to the following path in Smart Console and Enable the Enable Hit Count setting.

Navigate to Global Properties > Hit Count
Checked the 'Enable Hit Count' setting

See Also

https://workbench.cisecurity.org/files/2828

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION

References: 800-53|CA-3, 800-53|CA-9, CSCv7|11.2

Plugin: CheckPoint

Control ID: 4123cb07deffc5d0e6b0497e46e4e4a715b43e9bcf09ceda076fd927330f1393