Cisco Cisco FirePOWER Appliance 8250
6-50
FireSIGHT System User Guide
Chapter 6 Managing Devices
Editing Device Configuration
Step 6
When you select the Automatic Application Bypass option, you can type a
Bypass Threshold
in
milliseconds (ms). The default setting is 3000 ms and the valid range is from 250 ms to 60,000 ms.
Step 7
Optionally, select the
Inspect Local Router Traffic
check box to inspect exception traffic when deployed as
a router.
Step 8
Optionally, configure fast-path rules. For more information, see
.
Step 9
Click
Save
.
Your changes are saved. Note that your changes do not take effect until you apply the device
configuration; see
configuration; see
for more information.
Configuring Fast-Path Rules
License:
Any
Supported Devices:
8000 Series, 3D9900
You can create fast-path rules to send traffic directly through a device with no further inspection.
Fast-path rules divert traffic that does not need to be analyzed to bypass the device. Fast-path rules either
send traffic to the fast-path (out of the interface) or allow it to continue into the device for further
analysis. Their advantage is the speed at which they determine the correct path for the traffic. Because
the fast-path rules function at the hardware level, they only determine limited information about the
packet.
Fast-path rules divert traffic that does not need to be analyzed to bypass the device. Fast-path rules either
send traffic to the fast-path (out of the interface) or allow it to continue into the device for further
analysis. Their advantage is the speed at which they determine the correct path for the traffic. Because
the fast-path rules function at the hardware level, they only determine limited information about the
packet.
See the following sections for more information:
•
•
•
Adding IPv4 Fast-Path Rules
License:
Any
Supported Devices:
8000 Series, 3D9900
Fast-path rules send traffic to the fast-path (out of the interface) or into the device for further analysis.
You can use the following criteria to select the IPv4 traffic you want to divert to the fast-path and not
inspect:
You can use the following criteria to select the IPv4 traffic you want to divert to the fast-path and not
inspect:
•
initiator or responder IP address or CIDR block
•
protocol
•
initiator or responder port, for TCP or UDP protocols
•
VLAN ID
•
bidirectional option
Note that the outermost ID is used for fast-path rules.
Tip
To edit an existing fast-path rule, click the edit icon (
) next to the rule.