Cisco Cisco Firepower Management Center 4000
13-24
FireSIGHT System User Guide
Chapter 13 Using Access Control Policies
Organizing Rules in a Policy
Step 2
Click the edit icon (
) next to the access control policy you want to configure.
The policy Edit page appears.
Step 3
Optionally, click a blank area in the row for an existing rule to set the default position of the new
category.
category.
Step 4
Click
Add Category
.
Alternately, if you have added rules to your policy, you can right-click an existing rule and then click
Insert new category
.
The Add Category pop-up window appears.
Step 5
Type a unique category
Name
.
You can enter an alphanumeric name, including spaces and special printable characters, with up to 30
characters.
characters.
Step 6
You have the following choices:
•
To position the new category immediately above an existing category, select
above Category
from the
first Insert drop-down list, then select the category above which you want to position the rule from
the second drop-down list.
the second drop-down list.
•
To position the new category rule below an existing rule, select
below rule
from the drop-down list,
then enter an existing rule number.
Note that this option is valid only when at least one rule exists in the policy.
•
To position the rule above an existing rule, select
above rule
from the drop-down list, then, enter an
existing rule number.
Note that this option is valid only when at least one rule exists in the policy.
Step 7
Click
OK
to add your category, or click
Cancel
to discard it.
If you click
OK
, you category is added to the policy.
Note that you can click the edit icon (
) next to a category you add to edit the category name, or click
the delete icon (
) to delete the category. Rules in a category you delete are added to the category
above.
Searching for Rules
License:
Any
You can search the list of access control rules for matching values using an alphanumeric string,
including spaces and printable, special characters. The search inspects the rule name and any rule
condition you have added to the rule. For rule conditions, the search matches any name or value you can
add for each condition type (zone, network, application, and so on). This includes individual object
names or values, group object names, individual object names or values within a group, and literal
values.
including spaces and printable, special characters. The search inspects the rule name and any rule
condition you have added to the rule. For rule conditions, the search matches any name or value you can
add for each condition type (zone, network, application, and so on). This includes individual object
names or values, group object names, individual object names or values within a group, and literal
values.
You can use complete or partial search strings. The column for matching values is highlighted for each
matching rule. For example, if you search on all or part of the string
matching rule. For example, if you search on all or part of the string
100Bao
, at a minimum, the
Applications column is highlighted for each rule where you have added the 100Bao application. If you
also have a rule named 100Bao, both the Name and Applications columns are highlighted.
also have a rule named 100Bao, both the Name and Applications columns are highlighted.
You can navigate to each previous or next matching rule. A status message displays the current match
and the total number of matches.
and the total number of matches.