Cisco Cisco FirePOWER Appliance 8360
14-27
FireSIGHT System User Guide
Chapter 14 Understanding and Writing Access Control Rules
Working with Different Types of Conditions
for more information on how the system omits invalid configurations from the access
control policies applied to target devices.
To add port conditions to an access control rule:
Access:
Admin/Access Admin/Network Admin
Step 1
Select the
Ports
tab on the rule Edit page.
The Ports page appears.
Step 2
Optionally, click the
Search by name or value
prompt above the
Available Ports
list, then type a name or
value.
The list updates as you type to display matching conditions. See
for more information.
Step 3
Click a condition in the
Available Ports
list. Use the Shift and Ctrl keys to select multiple conditions, or
right-click to select all conditions. Note that you can add a maximum of 50 conditions.
Conditions you select are highlighted.
Step 4
You have the following choices:
•
Click
Add to Source
to add the selected port to the Source Ports list.
•
Click
Add to Destination
to add the selected port to the Destination Ports list.
•
Drag and drop available ports into a list.
Step 5
Optionally, to create and add an individual port object click the add icon (
) above the
Available Ports
list.
You can identify a single port in each port object that you add. You can then select objects you added as
conditions for your rule. See
conditions for your rule. See
and
for more information.
Step 6
Optionally, to add a literal port select an entry from the
Protocol
drop-down list beneath the
Selected
Source Ports
or
Selected Destination Ports
list.
If you select
TCP
,
UDP
or, for destination ports,
All
, enter a port, if needed; then click
Add
. For destination
ports, if you select
ICMP
or
IPv6-ICMP
, a pop-up window appears where you select a type and a related
code, if needed, then click
Add
. You can specify a single port with a value from 0 to 65535.
Conditions you selected are added, as long as you add ports with protocols that do not conflict with ports
already added.
already added.
Step 7
Save or continue editing the rule.
You must apply the access control policy for your changes to take effect; see
.
Adding URL Conditions
License:
URL Filtering
Supported Devices:
Series 3, Virtual, X-Series, ASA FirePOWER
Supported Defense Centers:
feature dependent