Cisco Cisco FirePOWER Appliance 7010
5-24
FireSIGHT System User Guide
Chapter 5 Managing Reusable Objects
Working with Variable Sets
The new or edit variable set page appears.
Step 4
Add a variable or edit an existing variable:
•
To add a variable, click
Add
.
•
To edit a variable, click the edit icon (
) next to the variable.
The new or edit variable page appears.
See
for information on adding and editing variables within a
variable set.
Adding and Editing Variables
License:
Protection
You can modify variables in any custom set.
If you create custom standard text rules, you might also want to add your own user-defined variables to
more accurately reflect your traffic or as shortcuts to simplify the rule creation process. For example, if
you create a rule that you want to inspect traffic in the “demilitarized zone” (or DMZ) only, you can
create a variable named
more accurately reflect your traffic or as shortcuts to simplify the rule creation process. For example, if
you create a rule that you want to inspect traffic in the “demilitarized zone” (or DMZ) only, you can
create a variable named
$DMZ
whose value lists the server IP addresses that are exposed. You can then
use the
$DMZ
variable in any rule written for this zone.
Adding a variable to a variable set adds it to all other sets. With one exception as explained below, the
variable is added to other sets as the default value, which you can then customize.
variable is added to other sets as the default value, which you can then customize.
When you add a variable from a custom set, you must choose whether to use the configured value as the
customized value in the default set:
customized value in the default set:
•
If you do use the configured value (for example, 192.168.0.0/16), the variable is added to the default
set using the configured value as a customized value with a default value of
set using the configured value as a customized value with a default value of
any
. Because the current
value in the default set determines the default value in other sets, the initial, default value in other
custom sets is the configured value (which in the example is 192.168.0.0/16).
custom sets is the configured value (which in the example is 192.168.0.0/16).
•
If you do not use the configured value, the variable is added to the default set using only the default
value
value
any
and, consequently, the initial, default value in other custom sets is
any
.
See
for more information.
You add variables within a variable set on the New Variable page and edit existing variables on the Edit
Variable page. You use the two pages identically except that when you edit an existing variable you
cannot change the variable name or variable type.
Variable page. You use the two pages identically except that when you edit an existing variable you
cannot change the variable name or variable type.
Each page consists mainly of three windows:
•
available items, including existing network or port variables, objects, and network object groups
•
networks or ports to include in the variable definition
•
networks or ports to exclude from the variable definition
You can create or edit two types of variables:
•
network variables specify the IP addresses of hosts in your network traffic. See
•
port variables specify TCP or UDP ports in network traffic, including the value
any
for either type.
See
.