Cisco Cisco Firepower Management Center 4000

To specify a classification in the rule editor, select a classification from the 

 list. See 

 for more information on the rule editor.

Protection

If you want more customized content for the packet display description of the events generated by a rule 
you define, create a custom classification.

Admin/Intrusion Admin

Select 

.

The Rule Editor page appears.

Click 

. 

The Create Rule page appears.

Under the 

 drop-down list, click 

.

A pop-up window appears.

Type the name of the classification in the 

 field.

You can use up to 255 alphanumeric characters, but the page is difficult to read if you use more than 40 
characters. The following characters are not supported: 

<>()\'"&$;

 and the space character.

Type a description of the classification in the 

 field.

You can use up to 255 alphanumeric characters and spaces. The following characters are not supported: 

<>()\'"&$;

Select a priority from the 

 list.

You can select 

, 

, or 

.

Click 

.

The new classification is added to the list and becomes available for use in the rule editor.

Click 

.

32

inappropriate-content

Inappropriate Content was Detected

33

policy-violation

Potential Corporate Privacy Violation

34

default-login-attempt

Attempt to Login By a Default Username and Password

35

sdf

Sensitive Data

36

malware-cnc

Known malware command and control traffic

37

client-side-exploit

Known client side exploit attempt

38

file-format

Known malicious file or file based exploit