Cisco Cisco FirePOWER Appliance 8130
5-38
FireSIGHT System User Guide
Chapter 5 Managing Reusable Objects
Working with Geolocation Objects
Step 3
Click
Add Security Zone
.
The Security Zones pop-up window appears.
Step 4
Type a
Name
for the zone. You can use any printable standard ASCII characters except curly braces ({})
and pound signs (#).
Step 5
Select an interface
Type
for the zone.
After you create a security zone, you cannot change its type.
Step 6
From the
Device > Interfaces
drop-down list, select a device that contains interfaces you want to add to the
zone.
Step 7
Select one or more interfaces.
Use the Shift and Ctrl keys to select multiple objects. If you have not yet configured interfaces on your
managed devices, you can create an empty zone and add interfaces to it later; skip to step
managed devices, you can create an empty zone and add interfaces to it later; skip to step
.
Step 8
Click
Add
.
The interfaces you selected are added to the zone, grouped by device.
Step 9
Repeat steps
through
to add interfaces on other devices to the zone.
Step 10
Click
Save
.
The security zone is added.
Working with Geolocation Objects
License:
FireSIGHT
Supported Devices:
Series 3, Virtual, X-Series, ASA FirePOWER
Supported Defense Centers:
All except DC500
Each geolocation object you configure represents one or more countries or continents that the system
has identified as the source or destination of traffic on your monitored network. You can use geolocation
objects in various places in the system’s web interface, including access control policies and event
searches. For example, you could write an access control rule that blocks traffic to or from certain
countries. For information on filtering traffic by geographical location, see
has identified as the source or destination of traffic on your monitored network. You can use geolocation
objects in various places in the system’s web interface, including access control policies and event
searches. For example, you could write an access control rule that blocks traffic to or from certain
countries. For information on filtering traffic by geographical location, see
.
To ensure that you are using up-to-date information to filter your network traffic, Cisco strongly
recommends that you regularly update your Geolocation Database (GeoDB). For information on
downloading and installing GeoDB updates, see
recommends that you regularly update your Geolocation Database (GeoDB). For information on
downloading and installing GeoDB updates, see
You cannot delete a geolocation object that is in use. Additionally, after you edit a geolocation object
used in an access control policy, you must reapply the policy for your changes to take effect.
used in an access control policy, you must reapply the policy for your changes to take effect.
To add a geolocation object:
Access:
Admin/Access Admin/Network Admin
Step 1
Select
Objects > Object Management
.
The Object Management page appears.
Step 2
Select
Geolocation
.