I've recently migrated our primary firewall from an ASA to a FortiGate
600. Don't get me wrong, I love Cisco but the FortiGate firewall has
been a HUGE improvement and I don't regret the change for a moment!
However, there was one thing about the ASA...
Yeah, 7 is a little bit better than 8. If I go much lower than 7, then
it's not recording the changes I made (I was testing by just moving 1
rule above the other) but even without anyone making changes I'm getting
these 0: get system status0: diagnos...
Is there a way to keep stuff like cidc276-da2-fwc0 # 0: config firewall
policy0: move 761 after 7660: endbut not have the background stuff like
this0: get system status0: diagnose ip address list0: config system
admin0: show full-configuration0: end0...
Not as easy to use as the ASA was, however pretty much exactly what I
want. Kind of a pain to turn that on and off for every change your going
to make but definitely gives you a good CLI log of exactly what you did.
