Cisco Cisco Firepower Management Center 2000

recommendation-filtered views of the Rules page in read-only mode. On the Rules page, you can further 
filter the read-only recommendations, sort the display by column, and show details of individual rules. 
See 

 for more information on working with rules on 

the Rules page.

Adding the FireSIGHT Recommendations layer also adds a Rules sublink beneath the FireSIGHT 
Recommendations link in the navigation panel. The Rules sublink provides access to a read-only display 
of the Rules page in the FireSIGHT Recommendations layer. Note the following in this view:

When there is no rule state icon in the state column, the state is inherited from the base policy.

When there is no rule state icon in the FireSIGHT Recommendations column in this or other Rules 
page views, there is no recommendation for this rule.

Note that when a rule in the FireSIGHT Recommendations layer has no recommendation, its rule 
overhead rating was higher than the setting for 

 when 

recommendations were last generated. See 

 for more 

information.

See 

 for more information.

Protection

When you select 

 in the navigation panel, you go to the Advanced Settings page. On this 

page you can enable or disable advanced settings in your intrusion policy and access advanced setting 
configuration pages. The Advanced Settings page provides a summary of the effective states for all 
advanced settings in your intrusion policy. For example, if SSL Configuration is set to Disabled in one 
layer, then set to Enabled in a higher layer, the Advanced Settings page shows SSL Configuration as set 
to Enabled. Changes made in the Advanced Settings page appear in the top layer of the policy. See 

 for more information on working with advanced settings on 

the Advanced Settings page.

When you expand 

 in the navigation panel and then select any user-configurable layer, you 

go to the Layer summary page for the layer. On this page you can enable or disable advanced settings 
and access advanced setting configuration pages for the layer. You can also modify the layer name and 
description and configure whether to share the layer with other intrusion policies. See 

 for more information. 

If you want an advanced setting to inherit its state and configuration from the base policy or a lower 
layer, set the state to 

. Note that the Inherit state does not appear when you are working in the 

Advanced Settings page. You can switch to the Layer summary page for another layer at any time by 
selecting the layer name beneath 

 in the navigation panel.

When you enable an advanced setting, a sublink to the configuration page for the advanced setting 
appears beneath the layer name in the navigation panel, and an 

 link to the configuration page for the 

advanced setting appears on the Layer summary page for the advanced setting you enabled. When you 
disable an advanced setting within a layer or set it to 

, the advanced setting sublink and 

 link 

no longer appear.

You can display the configuration page for an advanced setting from the Layer summary page by first 
enabling the configuration if it is disabled and then clicking on 

. When the advanced setting is 

enabled in the layer, you can also display its configuration page by clicking on the sublink named for the 
advanced setting in the navigation panel under 

.