Cisco Cisco Firepower Management Center 4000

Admin/Access Admin/Network Admin

Select the 

 tab on the rule Edit page.

The Networks page appears.

Optionally, click the 

 prompt above the 

 list, then type a name or 

value.

The list updates as you type to display matching conditions. See 

 

for more information.

Click a condition in the 

 list. Use the Shift and Ctrl keys to select multiple conditions, 

or right-click and then click 

. 

Conditions you select are highlighted.

You have the following choices:

To filter traffic by source network, click 

.

To filter traffic by destination network, click 

.

Alternatively, you can drag and drop selected conditions into the 

 or 

 

list.

Conditions you selected are added. Note that you can add the same condition as both a source network 
and a destination network.

Optionally, click the add icon (

) above the 

 list to add an individual network object.

You can add multiple IP addresses, CIDR blocks, and prefix lengths to each network object. Optionally, 
you can then select the object you added. See 

 and 

 for more information.

Optionally, click the 

 prompt below the 

 or 

 list; then 

type an IP address or address block and click 

. 

The list updates to display your entry. See 

 for more information.

Save or continue editing the rule.

You must apply the access control policy for your changes to take effect; see 

.

FireSIGHT

Series 3, Virtual, ASA FirePOWER

Any except DC500

The geolocation feature of the FireSIGHT System identifies the source and destination geographical 
locations (countries and continents) of traffic on your monitored network. To ensure you are using 
up-to-date geolocation data to filter your traffic, Cisco strongly recommends you regularly update the 
geolocation database (GeoDB) on your Defense Center. For information on GeoDB updates, see 

. For further information on the geolocation feature, see