Cisco Cisco FirePOWER Appliance 8390
35-29
FireSIGHT System User Guide
Chapter 35 Introduction to Network Discovery
Creating a Network Discovery Policy
Step 2
Click
Add Rule
.
The Add Rule pop-up window appears.
Step 3
On the Networks page, click the add icon (
).
The Network Objects pop-up window appears.
Step 4
Type a
Name
for the network object.
Step 5
For each IP address, CIDR block, and prefix length you want to add to the network object, type its value
and click
and click
Add
.
Step 6
Click
Save
to add the network object to the Available Networks list.
Tip
If the network does not immediately appear on the list, click the refresh icon (
).
Creating Port Objects
License:
FireSIGHT
The list of available ports that appears in a discovery rule contains reusable port objects and groups that
can be used anywhere in the FireSIGHT System. You can add new port objects to the list. Note that when
you modify an object referenced in a rule, you must reapply the network discovery policy for those
changes to take effect.
can be used anywhere in the FireSIGHT System. You can add new port objects to the list. Note that when
you modify an object referenced in a rule, you must reapply the network discovery policy for those
changes to take effect.
To create a new port object:
Access:
Admin/Discovery Admin
Step 1
Click
Port Exclusions
.
The Port Exclusions page appears.
Step 2
To add a port to the Available Ports list, click the add object icon (
).
The Port Objects pop-up window appears.
Step 3
Supply a
Name
for the port object.
Step 4
In the
Protocol
field, specify the protocol of the traffic you want to exclude.
Select
TCP
,
UDP
, or
Other
and choose an option from the drop-down list to select a protocol or
All
.
Step 5
In the
Port(s)
field, enter the ports you want to exclude from monitoring.
You can specify a single port, a range of ports using the dash (-), or a comma-separated list of ports and
port ranges. Allowed port values are from 1 to 65535.
port ranges. Allowed port values are from 1 to 65535.
Step 6
Click
Save
to add the port to the Available Ports list.
Tip
If the port does not immediately appear on the list, click the refresh icon (
).