Cisco Cisco Firepower Management Center 4000

See the following sections for more information on access control rules:

Any

An access control rule is simply a set of configurations and conditions that:

qualifies network traffic

specifies how and whether you further inspect and log traffic that matches those qualifications

determines the traffic’s eventual flow 

You create and edit access control rules from within an existing access control policy. Each rule belongs 
to only one policy.

with zone, network, VLAN, or port conditions, 
or URL conditions that use literal URLs and 
URL objects only

Any

Any

Any, except Series 2 
devices cannot perform 
URL filtering using literal 
URLs and URL objects and 
ASA FirePOWER modules 
cannot match traffic using 
VLAN tag conditions

associated with intrusion policies, or file 
policies that do not perform malware detection 
or blocking

Protection

Any

Any, except Series 2 
devices cannot perform 
Security Intelligence 
filtering

associated with file policies that perform 
malware detection or blocking

Malware

Any except DC500

Series 3, Virtual, X-Series, 
ASA FirePOWER

with application or user conditions

Control

Any, except the DC500 
cannot perform user 
control

Series 3, Virtual, X-Series, 
ASA FirePOWER

with geolocation conditions

FireSIGHT

Any except DC500

Series 3, Virtual, 
ASA FirePOWER 

with URL conditions that use URL category 
and reputation data

URL Filtering

Any except DC500

Series 3, Virtual, X-Series, 
ASA FirePOWER