Hi, @David Sweeting The rule’s title is “Server-level firewall rules should be tracked and maintained at a strict minimum”.
It means you should keep the list of firewall rules to a bare minimum, only the ones you must have for a functioning environment.
It just gives you the ability to track any changes to your firewall rules.
Then in SQL VA, you set them as a baseline and track changes.
From that point on, the rule will be in a healthy state unless a change is made to the firewall rules
Please let me know if you need any additional information.
Regards
Geetha