Cisco Cisco FirePOWER Appliance 8130
14-11
FireSIGHT System User Guide
Chapter 14 Understanding and Writing Access Control Rules
Understanding Rule Conditions and Condition Mechanics
Adding Rule Conditions
License:
Any
Adding conditions to access control rules is essentially the same for each type of condition. You select
from one or two lists of available conditions on the left, and add the selected conditions to one or two
lists of selected conditions on the right.
from one or two lists of available conditions on the left, and add the selected conditions to one or two
lists of selected conditions on the right.
For all condition types, you select one or more individual available conditions by clicking on them to
highlight them. For application conditions, you can also select or clear check boxes to constrain the list
of available applications using Cisco-provided or user-defined filters.
highlight them. For application conditions, you can also select or clear check boxes to constrain the list
of available applications using Cisco-provided or user-defined filters.
In all cases, you can either click a button between the two types of lists to add available conditions that
you select to your lists of selected conditions, or drag and drop available conditions that you select into
the list of selected conditions.
you select to your lists of selected conditions, or drag and drop available conditions that you select into
the list of selected conditions.
Some pages (Zones, Networks (including Geolocation), and Ports) have one list of available conditions
on the left, which can be added to either of two lists of selected conditions on the right. Other pages (for
example, Applications and URLs) have two lists of available conditions on the left, which can be used
together to select available conditions to add to a single list of selected conditions on the right. Still other
pages (VLAN Tags and Users) have one list of available conditions on the left, which can be added to a
single list of selected conditions on the right.
on the left, which can be added to either of two lists of selected conditions on the right. Other pages (for
example, Applications and URLs) have two lists of available conditions on the left, which can be used
together to select available conditions to add to a single list of selected conditions on the right. Still other
pages (VLAN Tags and Users) have one list of available conditions on the left, which can be added to a
single list of selected conditions on the right.
Users
Individual LDAP users and user groups retrieved from a Microsoft
Active Directory Server. See
Active Directory Server. See
for information on specifying and retrieving the users and
groups you want to use for user control. See
for more information on adding these
conditions.
Any except
DC500
DC500
Series 3, Virtual,
X-Series,
ASA FirePOWER
X-Series,
ASA FirePOWER
Applications
Applications provided by Cisco, user-defined applications, and
application filters you create using the object manager. See
application filters you create using the object manager. See
and
for more information. See
for more information on
adding these conditions.
Any
Series 3, Virtual,
X-Series,
ASA FirePOWER
X-Series,
ASA FirePOWER
Ports
Transport protocol ports, including individual and group port
objects you create based on transport protocols. See
objects you create based on transport protocols. See
for information on creating individual and
group transport protocol objects using the object manager. See
for more information on
adding these conditions.
Any
Any
URLs
Cisco-provided URLs grouped by category and reputation, literal
URLs, and any individual and group URL objects you create using
the object manager. See
URLs, and any individual and group URL objects you create using
the object manager. See
and
for more
information. See
information on adding these conditions.
Any except
DC500 (DC500
does support
literal URLs,
URL objects,
and URL object
groups)
DC500 (DC500
does support
literal URLs,
URL objects,
and URL object
groups)
Series 3, Virtual,
X-Series,
ASA FirePOWER
X-Series,
ASA FirePOWER
Table 14-2
Access Control Rule Condition Types (continued)
Condition
Description
Supported
Defense Centers
Defense Centers
Supported Devices