Cisco Cisco FirePOWER Appliance 7010
35-28
FireSIGHT System User Guide
Chapter 35 Introduction to Network Discovery
Creating a Network Discovery Policy
For information on network monitoring, see
. For
information on adding network objects to the Available Networks list, see
. Note that If you modify a network object used in the network discovery policy, you must
reapply the policy for those changes to take effect for discovery.
Step 8
Optionally, to restrict the rule actions to traffic in specific zones, click
Zones
, select a zone or zones from
the
Available Zones
list, and click
Add
.
For information on selecting zones for monitoring, see
Step 9
To exclude ports from monitoring, click
Port Exclusions
.
The Port Exclusions page appears.
Step 10
To exclude specific source ports from monitoring, you have two options:
•
Select a port or ports from the
Available Ports
list and click
Add to Source
.
•
To exclude traffic from a specific source port without adding a port object, under the
Selected Source
Ports
list, select the appropriate protocol from the
Protocol
drop-down list, type a port number from
1 to 65535 into the
Port
field, and click
Add
.
For information on excluding ports from monitoring, see
. For information on adding port objects to the Available Ports list, see
. Note that if you modify a port object used in the network discovery policy, you
must reapply the policy for those changes to take effect for discovery.
Step 11
To exclude specific destination ports from monitoring, you have two options:
•
Select a port or ports from the
Available Ports
list and click
Add to Destination
.
•
To exclude traffic from a specific destination port without adding a port object, under the
Selected
Destination Ports
list, select the appropriate protocol from the
Protocol
drop-down list, type a port
number from 1 to 65535 into the
Port
field, and click
Add
.
Step 12
If you are finished editing the rule, click
Save
to return to the discovery policy rule list.
Note
You must apply the network discovery policy for your changes to take effect. For more
information, see
information, see
.
Creating Network Objects
License:
FireSIGHT
The list of available networks that appears in a discovery rule contains reusable network object and
groups that can be used anywhere in the FireSIGHT System. You can add new network objects to the
list. Note that when you modify an object referenced in a rule, you must reapply the network discovery
policy for those changes to take effect.
groups that can be used anywhere in the FireSIGHT System. You can add new network objects to the
list. Note that when you modify an object referenced in a rule, you must reapply the network discovery
policy for those changes to take effect.
To create a new network object:
Access:
Admin/Discovery Admin
Step 1
Select
Policies > Network Discovery
.
The Network Discovery Policy page appears.