Cisco Cisco Firepower Management Center 4000
13-31
FireSIGHT System User Guide
Chapter 13 Using Access Control Policies
Managing Access Control Policies
An access control policy report is a record of the policy and rules configuration at a specific point in
time. You can use the report for auditing purposes or to inspect the current configuration.
time. You can use the report for auditing purposes or to inspect the current configuration.
Tip
You can also generate an access control comparison report that compares a policy with the currently
applied policy or with another policy. For more information, see
applied policy or with another policy. For more information, see
.
An access control policy report contains the sections described in the following table.
To view an access control policy report:
Access:
Admin/Access Admin/Network Admin
Step 1
Select
Policies > Access Control.
The Access Control page appears.
Step 2
Click the report icon (
) next to the policy for which you want to generate a report. Remember to save
any changes before you generate an access control policy report; only saved changes appear in the report.
Table 13-9
Access Control Policy Report Sections
Section
Description
Title Page
Identifies the name of the policy report, the date and time the policy was last modified,
and the name of the user who made that modification.
and the name of the user who made that modification.
Table of Contents
Describes the contents of the report.
Policy Information
Provides the name and description of the policy, the name of the user who last
modified the policy, and the date and time the policy was last modified. See
modified the policy, and the date and time the policy was last modified. See
.
Device Targets
Lists the managed devices targeted by the policy. See
HTTP Block Response
HTTP Interactive Block Response
Provides details on the HTTP block response pages associated with the policy. See
.
Security Intelligence
Provides details on the Security Intelligence whitelist and blacklist. See
Default Action
Provides the default action. See
Rules
Provides the rule action and conditions for each rule in the policy, by rule category.
See
See
and
Referenced Objects
Provides the name and configuration of all individual objects and group objects used
in the policy, by type of condition (Networks, VLAN Tags, and so on) where the object
is configured. See
in the policy, by type of condition (Networks, VLAN Tags, and so on) where the object
is configured. See
Variable Sets
Lists variable sets; also lists the variables in sets when the sets are linked to rules or
to the default action in access control policies. See
to the default action in access control policies. See