для Cisco Cisco ASA 5550 Adaptive Security Appliance

To add a service policy rule, perform the following steps:

Click Add to display the Add Service Policy Rule Wizard. See the firewall configuration guide for 
more information about service policy rules.

Click the Global - applies to all interfaces radio button to apply the rule to the global policy. Click 
Next.

Check the Source and Destination IP Address (uses ACL) check box or the Any traffic check box 
as traffic match criteria, or click the Use class-default as traffic class radio button. Click Next to 
continue to the Rule Actions screen. 

NetFlow actions are available only for global service policy rules and are applicable only to the 
class-default traffic class and to traffic classes with traffic match criteria of “Source and 
Destination IP Address (uses ACL)” or “Any traffic.” 

Click the NetFlow tab in the Rule Actions screen.

Click Add to display the Add Flow Event dialog box and specify flow events, then perform the 
following steps:

Choose the flow event type from the drop-down list. Available events are created, torn down, denied, 
updated, or all.

The flow-update event is not available in Version 9.0(1). It is available in Versions 8.4(5), 
and 9.1(2) and later.

Choose collectors to which you want events sent by checking the corresponding check boxes in the 
Send column.

Click Manage to display the Manage NetFlow Collectors dialog box, in which you can add, edit 
or delete collectors, or configure other NetFlow settings (for example, syslog messages). Click OK 
to close the Manage NetFlow Collectors dialog box and return to the Add Flow Event dialog box. 
See 

 of 

 for more information about configuring collectors.

Click OK to close the Add Flow Event dialog box and return to the NetFlow tab.

Click Finish to exit the wizard.

To edit a NetFlow service policy rule, perform the following steps: 

Select it in the Service Policy Rules table, and click Edit. 

Click the Rule Actions tab, then click the NetFlow tab.