In large organizations where firewall policies develope over a long period of time, sometimes the result of merging rules from two or more firewall, organizational and contract chages etc; rules can get quite unmanageable. I am wondering if Cisco firewall management software has tools that would help in these situations.
Being able to answer simple questions like "To what IP addresses is TCP 1521 allowed" is one thing. Being able to do complex merge and union operations is another. Even the ability to export into Excel with group object members expanded would allow some of this type of management even if the software itself did not offer it.
So.... anybody know what Cisco has in this regard?