The AI Assistant grants administrators full access to the entire knowledge base, allowing them to ask any query and receive precise, accurate responses. This streamlines the process, saving both time and effort. Additionally, the AI Assistant enhances the user experience by offering relevant citations and reference links to help documents, guiding administrators toward the intended outcome with ease.

Administrators can simply type their query into the AI Assistant's chat interface. The Assistant will respond with a clear answer, along with citations and reference links to help documents for additional guidance.

Tip	Sample prompts: What are the steps to configure a new firewall policy? Where can I find documentation on rule optimization? How do I renew an expired rule in my firewall settings?

The AI Assistant identifies gaps and inconsistencies within firewall rules, providing administrators with detailed insights into anomalies or potential issues. This allows administrators to quickly address security vulnerabilities, ensure compliance, and optimize the overall effectiveness of their firewall policies. The rules can be:

• Mergable Rule: Rules that can be combined or consolidated because they share similar criteria or actions. For example, if two or more rules apply to the same source, destination, or protocol, but have redundant or overlapping conditions, they can be merged to reduce complexity and improve the overall efficiency.

• Expired Rule: Rules that are no longer active because they have passed a predefined expiration date or time limit.

• Object Overlap: An element in a field of a rule is a subset of one or more elements in the same field of the rule. For example, the source field might include a network object for 10.1.1.0/24, and another object for the host 10.1.1.1. Because 10.1.1.1 is within the network covered by 10.1.1.0/24, the object for 10.1.1.1 is redundant and can be deleted, simplifying the rule and saving device memory.

• Duplicate/Redundant Rule: Two rules apply the same action to the same type of traffic and removing the base rule would not change the ultimate result. For example, if a rule permitting FTP traffic for a particular network were followed by a rule allowing IP traffic for that same network, and there were no rules in between denying access, then the first rule is redundant, and you can delete it.

• Shadowed Rule: This is the reverse of a redundant rule. In this case, one rule will match the same traffic as another rule such that the second rule will never be applied to any traffic because it comes later in the access list. If the action for both rules is the same, you can delete the shadowed rule. If the two rules specify different actions for traffic, you might need to move the shadowed rule or edit one of the two rules to implement your desired policy. For example, the base rule might deny IP traffic, and the shadowed rule might permit FTP traffic, for a given source or destination.

1. The AI Assistant continuously monitors and analyzes your firewall rules. You can prompt the Assistant to analyze current policies for gaps or inefficiencies (e.g., "Analyze rules for redundant configurations").

2. The AI Assistant flags any redundant, duplicate, or conflicting rules that could be optimized. It provides suggestions on merging or updating rules to streamline firewall performance.

3. Based on the analysis, the AI Assistant recommends optimizations, such as removing obsolete rules, adjusting configurations, or tightening access control for better security.

Note	If the AI Assistant detects expiring rules or performance issues within a policy, it automatically generates alerts to prompt timely actions from the administrator.

You can click on View Details.

Tip	Sample Prompts Identify any inconsistencies in my firewall rules. Show me gaps in current firewall policy configurations. Are there any redundant or conflicting rules in my firewall setup?

Resolve Policy Abnormalities

Administrators can address policy rule gaps efficiently using the AI Assistant. With its help, they are able to:

• Disable all the policy rules that are redundant, shadow rules, and expired.

• Remove all the policy rules that are redundant, shadow rules, and expired.

• Merge all the policy rules that are redundant.

Note	In case performing any of these actions does not resolve the issue, you can create a support ticket to contact Cisco Support Team.

The AI Assistant streamlines the process of ticket creation and management, enabling administrators to handle support requests efficiently and effectively. With this integration, administrators can generate support cases directly through the AI Assistant when they encounter unresolved issues or require additional assistance beyond the AI’s recommendations.

Key capabilities include:

• Automated Ticket Creation: The AI Assistant automatically suggests creating a support ticket if its solutions don’t resolve the issue. Administrators can also manually create tickets with a simple prompt.

• Manage Tickets: Administrators can track and update the status of their tickets to “Close” within the AI Assistant.

By incorporating ticket creation and management into the AI Assistant, organizations can reduce delays in troubleshooting, help create a support case with support teams, and enhance the overall efficiency of issue resolution.

Note	Only customers using CDO and Cloud-delivered Firewall Management Center can contact support through the AI Assistant.

Open Support Case

The AI Assistant creates a support ticket based on the context of the conversation. This support case is created in the Support Case Manager and the ticket details are shared with the user.

By following the steps below, administrators can quickly and seamlessly create a support ticket through the AI Assistant.

1. Navigate to your tenant’s dashboard and click on the AI Assistant icon located in the right top corner.

2. Initiate a conversation by typing your query/issue in the text box.

3. The AI Assistant will suggest troubleshooting steps or solutions based on the issue presented.

4. If the AI Assistant’s recommended solutions do not resolve the issue or if further help is needed, the Assistant will prompt you to Open a Case.

   You can also manually request the creation of a support case by typing “create a support case”.

5. The AI Assistant will generate the case and provide you with a case details.

   Note	A confirmation email will be sent, including a case number for reference.

Tip

Sample Prompts: I need to report an issue with my firewall. Can you help me open a support ticket? Please escalate this problem to your support team. How do I file a complaint about this product? I need to speak to someone about a malfunctioning firewall. This product is giving me trouble, I need to open a case.

Manage Support Case

Administrators can quickly view and update a support case through the AI Assistant. The status of a support ticket can be:

• List cases: The AI Assistant can list all the open and closed cases for the tenant.

• Close: Mark the support case as resolved once the issue has been addressed.

• Retrieve: Access the details of an existing support case for review or reference.

Support Case List

Administrators can easily access a comprehensive list of all previously created support cases within their tenant using the AI Assistant. By simply asking the assistant to retrieve past cases, they can view case numbers, statuses, descriptions, and other essential details for each case.

To retrieve cases:

1. Navigate to the AI Assistant, in the text box, ask the AI Assistant to retrieve the list of support cases.

2. Alternatively, you can retrieve the list of cases directly in the Support Case Manager section.

Tip	Sample prompts: I want to know my support case history. How many support cases we have?

Support Case Status

Administrators can check the status of their support case via the AI Assistant.

1. Navigate to the AI Assistant, in the text box, ask the AI Assistant to retrieve the status of support cases.

2. Alternatively, you can track the progress of the ticket directly in the Support Case Manager section.

Tip	Sample prompts: I want to know my support case status. What is the status of my case?

Support Case Close

Administrators can close their support cases via the AI Assistant.

To close a case:

1. Navigate to the AI Assistant, in the text box, ask the AI Assistant to close thecase.

2. Alternatively, you can close the ticket directly in the Support Case Manager section.

Tip	Sample prompts: I want to close my case. How do I close my ticket?

The Cisco AI Assistant's alert and notification system is designed to keep administrators informed of critical actions, updates, and changes within their security environment. By leveraging real-time alerts and scheduled notifications, users can manage security incidents and optimize policies proactively.

The alerts and notifications are accessed via the AI Assistant icon located in the top-right corner of your tenant dashboard. When new alerts or notifications are available, a number indicator will appear on the icon, displaying the total count of unread items.

Clicking the icon opens the Notification Center, where you can view a comprehensive list of all alerts and notifications. The list can be easily filtered by status, including Read, Unread, and by Severity, allowing you to prioritize critical actions and stay informed.

The default status of the notifications are unread. The administrators can mark the notifications as read and delete the notifications as required.

The notifications are triggered for:

• Policy analyzer and optimizer: The AI Assistant routinely scans policies within your tenant and provides recommendations for optimization. Once the scan results are available, the Assistant will notify the user through a system-generated notification, ensuring timely awareness and action.

• Policy rule creation: Upon initiating policy rule creation, the rule is initially set to "disabled" by default, requiring you to manually enable it. The AI Assistant will then notify you once the rule is successfully enabled.