Cisco Cisco Firepower Management Center 4000

You can also use the layer drop-down list to switch to the Rules page for other layers in your policy. Note 
that, unless you add layers to your policy, the only editable views listed in the drop-down list are the 
policy Rules page and the Rules page for a policy layer that is originally named My Changes; note also 
that making changes in either of these views is the same as making the changes in the other. See 

 for more information. The drop-down list also lists the Rules 

page for the read-only base policy. See 

 for information on 

the base policy.

Admin/Intrusion Admin

Select 

The Intrusion Policy page appears.

Click the edit icon (

) next to the policy you want to edit.

If you have unsaved changes in another policy, click 

 to discard those changes and continue. See 

 for information on saving unsaved changes in another 

policy.

The Policy Information page appears.

Click 

 on the Policy Information page.

The Rules page appears. By default, the page lists the rules alphabetically by message.

Note that selecting 

 above the dividing line in the navigation panel takes you to the same rules 

listing. You can view and set all rule attributes in your policy in this view.

Protection

You can sort rules by any of the columns in the Rules page by clicking on the heading title or icon. 

Note that an up (

) or down (

) arrow on a heading or icon indicates that the sort is on that column 

in that direction. 

Admin/Intrusion Admin

Select 

.

Dynamic rule state for the rule, which goes into effect 
if specified rate anomalies occur.

Alerts configured for the rule, including SNMP alerts.

Comments added to the rule.