I have 30 Cisco PIX and ASA firewalls. Each Interface has ACLs applied with hundreds of Access Control entries.
I would like to know which ACE are inactive for let say last thirty days and should be removed. Any help?
Additionally Any automated tool for that which can do this job and report which ACE are lying in configuration and not getting any hits and should be removed.