In some scenarios, it is necessary to check the unused policies in FortiGate to cleanup or for security reasons. Unused policies are policies without any traffic hits. To view them, navigate Policy & Object -> Firewall Policy and select Security Rating Issues in the bottom-left corner.

Select the Security Rating Issues option in order to select unused policies in the FortiGate. 

Select unused policies to highlight the policies. Navigate with the right and left buttons that appear. Additionally, the last time the policy was checked for the usage will be shown. 

Check the exact time the policy was last used by selecting 'edit' on a specific policy. For example:

The security Rating Issues also show other options like the following:

• Policy Inspection Mode shows the policies that have incorrectly used a inspection mode for security profiles.
• Audit Log Settings shows the policies that have UTM logging selected instead of All logging.

It isalso possible to filter on policies with 0 bytes to see this info, in case there is no Security Rating entitlement:

In v7.6, the Unused policy option is renamed to 'Not Recently Used Policies', as shown below:

Note:

The statistics will reset after the FortiGate has been rebooted.