Cisco Cisco FirePOWER Appliance 8250
50-8
FireSIGHT System User Guide
Chapter 50 Managing System Policies
Configuring a System Policy
Configuring Access Control Policy Preferences
License:
Protection
You can configure the system to prompt users for a comment when they add or modify a rule in an access
control policy, prompting them to enter a rule comment. You can use this to track users’ reasons for
policy changes. If you enable comments on access control rule changes, you can make the rule comment
optional or mandatory. The system prompts the user for a comment when each new change to a rule is
saved.
control policy, prompting them to enter a rule comment. You can use this to track users’ reasons for
policy changes. If you enable comments on access control rule changes, you can make the rule comment
optional or mandatory. The system prompts the user for a comment when each new change to a rule is
saved.
The system adds the comment to the rule’s comment history when the user saves the rule. For more
information, see
information, see
.
To configure the access control policy rule comment settings:
Access:
Admin
Step 1
Select
System > Local > System Policy
.
The System Policy page appears.
Step 2
You have the following options:
•
To modify the access control policy settings in an existing system policy, click the edit icon (
)
next to the system policy.
•
To configure the access control policy settings as part of a new system policy, click
Create Policy
.
Provide a name and description for the system policy as described in
, and click
Save
.
In either case, the Access List page appears.
Step 3
Click
Access Control Preferences
.
The Access Control Preferences page appears.
Step 4
You have the following options:
•
Select
Disabled
from the drop-down list to allow users to add or modify a rule in an access control
policy without entering a comment.
•
Select
Optional
from the drop-down list to display the Description of Changes (Optional) window to
users when they save changes to access control policy rules. This allows users the option to describe
changes in a comment.
changes in a comment.
•
Select
Required
from the drop-down list to display the Description of Changes (Required) window
to users when they save changes to access control policy rules. This requires users to describe
changes in a comment before the changes are saved.
changes in a comment before the changes are saved.
Step 5
Click
Save Policy and Exit.
The system policy is updated. Your changes do not take effect until you apply the system policy. See
Configuring the Access List for Your Appliance
License:
Any