Cisco Cisco Firepower Management Center 4000

Advanced settings are preprocessor and other intrusion policy detection and performance configurations 
that require specific expertise to configure. Advanced settings typically require little or no modification 
and are not common to every deployment.

You can enable, disable, and modify the configuration of advanced settings. The base policy for your 
intrusion policy determines which advanced settings are enabled by default and the default configuration 
for each. See 

 for more information.

Some advanced settings must be enabled for certain standard text rules, shared object rules, and 
preprocessor rules to function correctly. When you save an intrusion policy with a required advanced 
setting that is disabled, you are prompted whether you want the system to automatically enable the 
required advanced setting.

The web interface identifies some advanced configuration options as troubleshooting options that you 
should use only with the assistance of Support.

See the following sections for more information:

 explains how to access configuration pages for advanced 

settings and lists the advanced settings that you can enable, disable, and configure in an intrusion 
policy.

 explains how preprocessors normalize traffic for use by the 

rules engine.

 explains how you can automatically enable 

preprocessors and other advanced settings that are required by enabled rules or rule options.

 explains troubleshooting options that you 

should set only when asked to do so by Support.

 explains how you can more efficiently manage 

multiple intrusion policies in a complex network by adding intrusion policy layers comprised of 
individual configurations for rule attributes and advanced settings.

Protection

When you select 

 in the navigation panel, you go to the Advanced Settings page, where 

advanced settings are listed by type. On this page you can enable or disable advanced settings in your 
intrusion policy and access advanced setting configuration pages.