Cisco Cisco ISA570W Integrated Security Appliance Quick Setup Guide
© 2012 Cisco Systems, Inc. All rights reserved.
Page 5 of 27
N
OTE
if you enabled services such as Intrusion Prevention (IPS), Anti-Virus, and Application Control on
the ISA500, you will need to apply the security services on these zones. For more information,
see the Cisco ISA500 Series Integrated Security Appliances Administration Guide at:
the ISA500, you will need to apply the security services on these zones. For more information,
see the Cisco ISA500 Series Integrated Security Appliances Administration Guide at:
www.cisco.com/go/isa500resources
.
Configuring Firewall Rules
The ISA500 supports three types of firewall rules:
•
•
•
This page shows the different types of firewall rules.
Default Firewall Rules
These are rules that are defined on the ISA500 for all predefined zones and new zones based on their
security levels. You cannot edit, delete, or move these rules up or down. For more information, see
security levels. You cannot edit, delete, or move these rules up or down. For more information, see
Custom Firewall Rules
There may be situations when you need to create your own custom firewall rules. Custom rules override
the default and autogenerated firewall rules. For example, you can set a rule to allow or deny traffic, and
apply it to a specific zone, service, group, IP address, or time of day. You can also log traffic for each rule
that you define.
the default and autogenerated firewall rules. For example, you can set a rule to allow or deny traffic, and
apply it to a specific zone, service, group, IP address, or time of day. You can also log traffic for each rule
that you define.
N
OTE
The ISA500 supports up to 100 custom firewall rules.