Cisco Cisco Firepower Management Center 4000

Protection

A navigation panel appears on the left side of the web interface when you are editing an intrusion policy. 
A dividing line separates the navigation panel into links to policy settings you can configure with 
(below) or without (above) direct interaction with policy layers.

The two major links above the dividing line separate intrusion policy settings into Policy Information 
(the most commonly used settings) and Advanced Settings (settings that typically require little or no 
modification, and require specific expertise to configure).

Click 

 to display the Policy Information page, which includes configuration options for 

commonly used settings and links to configuration pages for other commonly used settings. Sublinks 
beneath 

 provide direct access to the same configuration pages.

Click 

 to display the Advanced Settings page, where you can enable or disable advanced 

settings and access configuration pages for advanced settings in your intrusion policy. Note that you 
cannot access advanced intrusion policy settings from the Policy Information page.

Expanding the 

 link displays sublinks to individual configuration pages for all advanced 

settings that are enabled in your intrusion policy. Clicking any of these sublinks takes you to the same 
advanced settings configuration pages that you can access from the Advanced Settings page. See 

 for more information.

You can click 

 to display a summary of the intrusion policy layers that comprise your 

intrusion policy. Expanding the Policy Layers link displays sublinks to summary pages for the layers in 
your intrusion policy. Expanding each layer sublink displays further sublinks to the configuration pages 
for all advanced settings that are enabled in the layer, and to a layer-filtered view of intrusion rule 
settings. See 

 for more information.

Dark shading of an item in the navigation panel highlights your current location in the intrusion policy. 
For example, in the illustration above the Policy Information page would be displayed to the right of the 
navigation panel.

A policy change icon (

) appears next to 

 when your intrusion policy contains unsaved 

changes. This icon disappears when you save your changes from the Policy Information page. You can 
click the policy change icon or 

 to display the Policy Information page.

Protection

You must save (that is, commit) changes to your intrusion policy before the system recognizes the 
changes. When you associate an intrusion policy with an access control policy, the system associates the 
most recently saved configuration. See 

 for more information.

The system caches changes to your policy on the system disk when you exit the policy without saving 
your changes. The system cache stores unsaved changes for one policy per user and you must commit or 
discard your changes before editing another policy when you are logged in as the same user. 

Your changes are cached even when you log out of the system or experience a system crash. The system 
discards the cached changes when you edit another policy as the same user without saving your changes, 
or when you import a rule update. See 

 for 

more information.