Cisco Cisco FirePOWER Appliance 8130
13-22
FireSIGHT System User Guide
Chapter 13 Using Access Control Policies
Organizing Rules in a Policy
Organizing Rules in a Policy
License:
Any
The Edit page for the access control policy lists access control rules in numerical order. The numeric
position of each rule appears on the left side of the page next to the rule. You can move or insert rules
and otherwise change the rule order. For example, if you move rule 10 under rule 3, rule 10 becomes rule
4 and all subsequent numbers increment accordingly.
position of each rule appears on the left side of the page next to the rule. You can move or insert rules
and otherwise change the rule order. For example, if you move rule 10 under rule 3, rule 10 becomes rule
4 and all subsequent numbers increment accordingly.
A rule’s position is important because the system compares packets to rules in the numeric order in
which the rules are arranged on the policy Edit page. When a packet meets all the conditions of a rule,
the system applies the conditions of that rule to the packet and ignores all subsequent rules for that
packet.
which the rules are arranged on the policy Edit page. When a packet meets all the conditions of a rule,
the system applies the conditions of that rule to the packet and ignores all subsequent rules for that
packet.
Optionally, you can specify a rule’s numeric position when you add or edit a rule. You can also highlight
a rule before adding a new rule to predetermine the default position of the new rule to be below the rule
you highlighted. See
a rule before adding a new rule to predetermine the default position of the new rule to be below the rule
you highlighted. See
.
To locate specific rules, you can use partial or complete strings to search for rules by rule name or by a
name or value in configured rule conditions. You can also filter rules to display only rules for selected
devices targeted by your policy.
name or value in configured rule conditions. You can also filter rules to display only rules for selected
devices targeted by your policy.
You can select one or more rules by clicking a blank space in the row for the rule. You can drag and drop
selected rules into a new location, thereby changing the position of the rules you moved and all
subsequent rules. You can cut or copy selected rules and paste them above or below an existing rule. You
can delete selected rules and insert new rules into any location in the list of existing rules.
selected rules into a new location, thereby changing the position of the rules you moved and all
subsequent rules. You can cut or copy selected rules and paste them above or below an existing rule. You
can delete selected rules and insert new rules into any location in the list of existing rules.
You can further organize rules by adding custom categories between the administrative and root
categories. You can delete or rename custom categories that you add.
categories. You can delete or rename custom categories that you add.
You can display explanatory warnings to identify rules that will never match because they are preempted
by preceding rules.
by preceding rules.
The following table summarizes the actions you can take to organize your rules.
Table 13-7
Access Control Rule Organization Actions
To...
You can...
add a category to a policy
click
Add Category
. See
for more
information.
Tip
You can also right-click a blank area in the row for a rule and select
Insert new
category
.
search rule names and conditions for
a string
a string
click the
Search Rules
prompt, type a name or value, then press the Enter key. See
for more information.
clear rule search
click the clear icon (
) in the search field.
display rules for selected devices
find more information at
.
select a rule
click a blank area in the row for a rule. Use the Ctrl or Shift key to select multiple rules.
Rules you select are highlighted.
Rules you select are highlighted.
Note that you can select rules in multiple categories.
clear rule selections
click the reload icon (
) on the lower right side of the page.
cut or copy selected rules
right-click a blank area in the row for a selected rule, then select
Cut
or
Copy
.
paste rules you have cut or copied
into the rule list
into the rule list
right-click a blank area in the row for a rule where you want to paste selected rules,
then select
then select
Paste above
or
Paste below
.