Cisco Cisco Firepower Management Center 2000
6-49
FireSIGHT System User Guide
Chapter 6 Managing Devices
Editing Device Configuration
Typically, you use Rule Latency Thresholding in the intrusion policy to fast-path packets after the
latency threshold value is exceeded. Rule Latency Thresholding does not shut down the engine or
generate troubleshoot data. For more information, see
latency threshold value is exceeded. Rule Latency Thresholding does not shut down the engine or
generate troubleshoot data. For more information, see
.
Note
AAB is activated only when an excessive amount of time is spent processing a single packet. If AAB
engages, the system kills all Snort processes.
engages, the system kills all Snort processes.
If detection is bypassed, the device generates a health monitoring alert. For more information on that
health monitoring alert, see
health monitoring alert, see
For more information about enabling Automatic Application Bypass and setting the bypass threshold,
see
see
Editing Advanced Device Settings
License:
Any
Supported Devices:
feature dependent
You can use the Advanced section of the Devices tab to modify the Automatic Application Bypass and
Inspect Local Router Traffic settings. You can also configure fast-path rules, as explained in
Inspect Local Router Traffic settings. You can also configure fast-path rules, as explained in
.
Note the following:
•
you can configure fast-path rules only on 8000 Series and 3D9900 devices.
•
you can configure
Inspect Local Router Traffic
only on Series 3 devices
To modify advanced device settings:
Access:
Admin/Network Admin
Step 1
Select
Devices > Device Management
.
The Device Management page appears.
Step 2
Next to the device where you want to edit advanced device settings, click the edit icon (
).
The Interfaces tab for that device appears.
Step 3
Click
Device
.
The Devices tab appears.
Tip
For stacked devices, you edit the advanced device settings for the stack on the Stack page of the
appliance editor.
appliance editor.
Step 4
Next to the
Advanced
section, click the edit icon (
).
The Advanced pop-up window appears.
Step 5
Optionally, select
Automatic Application Bypass
if your network is sensitive to latency. Automatic
Application Bypass is most useful in inline deployments. For more information, see
.