Cisco Cisco Firepower Management Center 4000

Page of 1844
 
50-8
FireSIGHT System User Guide
 
Chapter 50      Managing System Policies 
  Configuring a System Policy
Configuring Access Control Policy Preferences
License: 
Protection
You can configure the system to prompt users for a comment when they add or modify a rule in an access 
control policy, prompting them to enter a rule comment. You can use this to track users’ reasons for 
policy changes. If you enable comments on access control rule changes, you can make the rule comment 
optional or mandatory. The system prompts the user for a comment when each new change to a rule is 
saved.
The system adds the comment to the rule’s comment history when the user saves the rule. For more 
information, see 
.
To configure the access control policy rule comment settings:
Access: 
Admin
Step 1
Select 
System > Local > System Policy
.
The System Policy page appears.
Step 2
You have the following options:
  •
To modify the access control policy settings in an existing system policy, click the edit icon (
next to the system policy.
  •
To configure the access control policy settings as part of a new system policy, click 
Create Policy
.
Provide a name and description for the system policy as described in 
, and click 
Save
.
In either case, the Access List page appears.
Step 3
Click 
Access Control Preferences
.
The Access Control Preferences page appears.
Step 4
You have the following options:
  •
Select 
Disabled
 from the drop-down list to allow users to add or modify a rule in an access control 
policy without entering a comment. 
  •
Select 
Optional
 from the drop-down list to display the Description of Changes (Optional) window to 
users when they save changes to access control policy rules. This allows users the option to describe 
changes in a comment.
  •
Select 
Required
 from the drop-down list to display the Description of Changes (Required) window 
to users when they save changes to access control policy rules. This requires users to describe 
changes in a comment before the changes are saved.
Step 5
Click 
Save Policy and Exit.
The system policy is updated. Your changes do not take effect until you apply the system policy. See 
 for more information.
Configuring the Access List for Your Appliance
License: 
Any