Implement Best Practices and Recommendations

Enhance your organization's security posture by identifying deviations from Cisco Secure Firewall best practices. AIOps allows you to run assessments on your devices, generate reports, and receive actionable insights to help you achieve optimal performance.

Assessment: Evaluates your firewall configuration across multiple categories. Each check determines alignment with Cisco Secure Firewall best practices. The report summarizes the total number of checks performed and categorizes the results into Passed and Failed. Failed checks indicate deviations that could impact firewall efficiency and security. Note that each failed check represents an opportunity for improvement and contributes directly to optimizing firewall performance when addressed.
Recommendation: Provides specific recommendations to address identified issues, ensuring optimal firewall performance. These include detailed information such as the nature of the problem, symptoms, impact, and required actions.

The best practices and recommendations checks are developed with inputs from Cisco's Technical Assistance Center (TAC) and Customer Experience (CX) teams. These insights help address trending issues, incorporate industry best practices, and enhance the recommendations' reliability. By following the provided recommendations, you can resolve issues and align with the best practices, thereby strengthening your organization's security framework and optimizing firewall performance.

Procedure

Step 1	In the left pane, click Monitor > Insights & Reports > AIOps Insights > Best Practices and Recommendations. The Assessment Summary tile displays: The total number of device assessment reports generated. The total number of checks performed. The number of Passed and Failed checks. The Best practices assessment trend graph helps you track assessment outcomes over time. The Y-axis represents the number of checks, and the X-axis shows assessment dates. Hover over data points to view summary statistics.
Step 2	In the Device reports section, you can view the list of all device reports. Device name: The device for which the assessment was conducted. Device status: Severity of the insight, categorized as Critical, Warning, Informational, or Passed. Failed check: Number of failed checks and the percentage of improvement potential. Failed assessment category: Category of the failed check. Assessment Status: In Progress: The assessment is ongoing. In Queue: A new assessment is scheduled due to outdated results. Updated: The assessment is complete, and results are available. Error: There was an issue generating the assessment. Hover over for troubleshooting tips.
Step 3	You can search for device reports by Device name or apply filters based on: Device status Failed check categories Assessment status
Step 4	From the three-dot menu icon next to each device: Click Run assessment to initiate a new assessment. Click Download report to export the Best Practices Assessment Report in PDF format.
Step 5	Click on a Device name to view the assessment report. In the Best practices assessment section, view the failed and passed checks. Expand each check to view the recommendations and corrective actions.