Implement Best Practices and Recommendations

Enhance your organization’s security posture with AIOps by identifying deviations from Cisco Secure Firewall best practices. Run assessments on your devices, generate reports, and receive insights that guide you toward optimal performance.

  • Assessment: Evaluates your firewall configuration across multiple categories. Each check determines alignment with Cisco Secure Firewall best practices. The report summarizes the total number of checks performed. It categorizes the results as Passed or Requires review.

    Checks that require review indicate deviations that could impact firewall efficiency and security. Each failed check presents an opportunity for improvement. Addressing these checks contributes directly to optimizing firewall performance.

  • Recommendation: Provides specific recommendations to address identified issues, ensuring optimal firewall performance. These include detailed information such as the nature of the problem, symptoms, impact, and required actions.

The best practices and recommendations checks are developed with input from Cisco's Technical Assistance Center (TAC) and Customer Experience (CX) teams. This input helps address trending issues, incorporate industry best practices, and enhance the reliability of recommendations. Implement these recommendations to resolve issues, align with best practices, and optimize firewall performance.

Key Features

Feature

Description

Automated Assessments

Runs periodic evaluations of firewall devices against Cisco best practices.

Checks Summary

Displays how many checks passed and highlights those requiring review.

Trend Visualization

Shows the number of checks over time, helping you compare passed and failed checks across assessment cycles.

Device Reports

Provides device-specific results and percentage of improvement potential.

Review Category and Check Control

Enable or disable review categories or individual checks for future assessments.

Before you begin

Ensure that Best Practices is enabled under Settings. For more information, see AIOps Settings.

Procedure

Step 1

In the left pane, click Monitor > Insights & Reports > AIOps Insights > Best Practices and Recommendations.

The Assessment Summary provides a high-level overview of assessment results. It includes two tiles:

  • Checks summary: Displays the total number of checks and highlights those requiring review.

  • Best practices assessment trend: Helps you track assessment outcomes over time. The Y-axis represents the number of checks, and the X-axis shows assessment dates. You can hover over data points to view summary statistics.

Step 2

In the Device reports section, you can view the list of all available device reports. Filter devices by Device status, Review categories, or Assessment status to narrow down results.

Assessment Statuses: Each device report has an Assessment Status, which indicates the current state of the assessment.

  • In progress – An assessment is actively running. After completion, a report will be generated.

  • In queue – The previous assessment is outdated, and a new one has been scheduled.

  • Updated – The assessment is complete, and the latest report is available for review.

  • Error – The assessment could not be completed due to an error. The report will be automatically generated after 24 hours. If the issue persists, contact Cisco TAC for assistance.

Step 3

From the three-dot menu icon next to each device:

  1. Click Run assessment to initiate a new assessment.

    Note

    Periodic assessments run automatically, but you can also run assessments manually at any time. For large-scale deployments with more than 50 devices, you must run assessments manually due to processing limits.

  2. Click Download report to export the Best Practices assessment summary report in PDF format.

Step 4

Click on a Device name to view a detailed report for that specific device.

  • Check the Show passed checks checkbox to view successful checks in the detailed view. This provides full visibility into all checks.

  • In the Best practices assessment section, view the Total checks, how many Passed and Require review.

  • Expand each check to view the remediations and corrective actions.

Step 5

Enable or disable an entire category from future assessments. You can also disable individual checks within a category.

  • Disable the toggle to exclude a review category or check from future assessments.

  • Enable the toggle to include it in future assessments.

Note

Disabling a category or check does not affect the actual feature or its operation. The feature continues to function normally, but it is excluded from Best Practices assessments.