Technical Tip: Security Rating shows 'Configuration has too many entries to check'
| Description | This article describes when running a Security Rating check, and encountering the following message:
This device is exempt from the requirements for the following reason: Configuration has too many entries to check. |
| Scope | FortiGate. |
| Solution | When running the Security Rating, the following message appears:
The error message is an intended limitation to prevent high memory consumption by
This usually happens on devices with very large configurations, such as many firewall policies, address objects, and groups. When the configuration becomes too big, the Security Rating engine cannot process all entries. As a result, some checks are skipped, and the device is marked as exempt, preventing a full security assessment.
Tip: Regularly cleaning up unused objects and old policies can help improve Security Rating results.
For more information, reach out to Fortinet TAC by opening a Support case.
Related article: |
