для Cisco Cisco Firepower Management Center 2000

Click 

.

The Security Zones pop-up window appears.

Type a 

 for the zone. You can use any printable standard ASCII characters except curly braces ({}) 

and pound signs (#).

Select an interface 

 for the zone.

After you create a security zone, you cannot change its type.

From the 

 drop-down list, select a device that contains interfaces you want to add to the 

zone.

Select one or more interfaces.

Use the Shift and Ctrl keys to select multiple objects. If you have not yet configured interfaces on your 
managed devices, you can create an empty zone and add interfaces to it later; skip to step 

.

Click 

.

The interfaces you selected are added to the zone, grouped by device.

Repeat steps 

 through 

 to add interfaces on other devices to the zone.

Click 

.

The security zone is added.

FireSIGHT

Series 3, Virtual, X-Series, ASA FirePOWER

All except DC500

Each geolocation object you configure represents one or more countries or continents that the system 
has identified as the source or destination of traffic on your monitored network. You can use geolocation 
objects in various places in the system’s web interface, including access control policies and event 
searches. For example, you could write an access control rule that blocks traffic to or from certain 
countries. For information on filtering traffic by geographical location, see 

.

To ensure that you are using up-to-date information to filter your network traffic, Cisco strongly 
recommends that you regularly update your Geolocation Database (GeoDB). For information on 
downloading and installing GeoDB updates, see 

You cannot delete a geolocation object that is in use. Additionally, after you edit a geolocation object 
used in an access control policy, you must reapply the policy for your changes to take effect.

Admin/Access Admin/Network Admin

Select 

.

The Object Management page appears.

Select 

.