Cisco Cisco FirePOWER Appliance 7030
14-24
FireSIGHT System User Guide
Chapter 14 Understanding and Writing Access Control Rules
Working with Different Types of Conditions
•
You cannot select a custom filter in the Application Filters list in combination with another filter,
including another custom filter; this is because you cannot add a filter to a custom filter.
including another custom filter; this is because you cannot add a filter to a custom filter.
•
Selecting one or more filters in the Application Filters list adds an
All apps matching the filter
condition
to the Available Applications list. Likewise, searching the Available Applications list when you have
not selected any filter in the Application Filters list also adds an
not selected any filter in the Application Filters list also adds an
All apps matching the filter
condition
to the Available Applications list. If you select one or more filters in the Application Filters list and
also search the Available Applications list, your selections and the search-filtered Available
Applications list are combined using an AND operation. That is, the
also search the Available Applications list, your selections and the search-filtered Available
Applications list are combined using an AND operation. That is, the
All apps matching the filter
condition includes all the individual conditions currently displayed in the Available Applications list
as well as the search string entered above the Available Applications list.
as well as the search string entered above the Available Applications list.
Adding the
All apps matching the filter
condition to the Selected Applications and Filters list counts as
one condition against the maximum of 50 conditions, regardless of the number of individual
conditions that comprise it.
conditions that comprise it.
When you add
All apps matching the filter
, the name of the filter you add is a concatenation of the filter
types represented in the filter plus the names of up to three filters for each type. More than three
filters of the same type are followed by an ellipsis (...). For example, the following filter name
includes two filters under the Risks type and four under Business Relevance:
filters of the same type are followed by an ellipsis (...). For example, the following filter name
includes two filters under the Risks type and four under Business Relevance:
Risks: Medium, High Business Relevance: Low, Medium, High,...
Filter types that are not represented in a filter you add with
All apps matching the filter
are not included
in the name of the filter you add. The instructional text that is displayed when you hover over the
filter name in the Selected Applications and Filters list indicates that these filter types are set to any;
that is, these filter types do not constrain the filter, so any value is allowed for these.
filter name in the Selected Applications and Filters list indicates that these filter types are set to any;
that is, these filter types do not constrain the filter, so any value is allowed for these.
You can add multiple instances of
All apps matching the filter
. For example, add
All apps matching the
filter
for the first filter (for example, Risks, High), clear all your selections and make new selections
for a different filter type (for example, Business Relevance, High) then add
All apps matching the filter
again.
•
When you apply your access control policy, the system generates a single list of unique applications
that you have added to the Selected Applications list. This eliminates any duplicate application
conditions that you might add.
that you have added to the Selected Applications list. This eliminates any duplicate application
conditions that you might add.
Adding Application Conditions
License:
Control
Supported Devices:
Series 3, Virtual, X-Series, ASA FirePOWER
The following procedure explains how to add application conditions while adding or editing an access
control rule. See
control rule. See
for more detailed
information.
To add application conditions to an access control rule:
Access:
Admin/Access Admin/Network Admin
Step 1
Select the
Applications
tab.
The Applications page appears.
Step 2
Optionally, click the
Search by name
prompt above the
Applications Filters
list or the
Available Applications
list, then type a name.
The list updates as you type to display matching conditions. See
for more information.