Cisco Cisco Firepower Management Center 2000
13-36
FireSIGHT System User Guide
Chapter 13 Using Access Control Policies
Managing Access Control Policies
Step 1
Select
Policies > Access Control
.
The Access Control page appears.
Step 2
Click the apply icon (
) next to the policy you want to apply.
The Apply Access Control Rules pop-up window appears.
Alternatively, you can click
Save and Apply
on the policy Edit page; see
Step 3
Click
Apply All
.
Your policy apply task is queued. Click
OK
to return to the Access Control page.
Tip
You can monitor the progress of the policy apply task on the Task Status page (
System > Monitoring > Task
Status
).
Applying Selected Policy Configurations
License:
Any
You can use the detailed policy apply page to apply changes to your access control policy and to any
associated intrusion policies. The detailed page lists each device targeted by the policy and provides a
column for the access control policy by device, and a column for associated intrusion policies by device.
You can specify whether to apply changes to an access control policy, to associated intrusion policies
individually or in combination, or both for each targeted device.
associated intrusion policies. The detailed page lists each device targeted by the policy and provides a
column for the access control policy by device, and a column for associated intrusion policies by device.
You can specify whether to apply changes to an access control policy, to associated intrusion policies
individually or in combination, or both for each targeted device.
You must apply both an access control policy and an associated intrusion policy in either of the following
cases:
cases:
•
when the access control policy is being applied to the device for the first time
•
when an intrusion policy has been newly added to the access control policy
In both cases, the states of the access control policy and the intrusion policies are linked; that is, you
must apply both or neither.
must apply both or neither.
Note that regardless of the intrusion policies you apply, applying an access control policy automatically
applies all associated file policies that are different from those currently running on devices targeted by
the policy. You cannot apply file policies independently.
applies all associated file policies that are different from those currently running on devices targeted by
the policy. You cannot apply file policies independently.
The Access Control Policy Column
The Access Control Policy column provides a check box for indicating whether to apply the access
control policy.
control policy.
Tip
Although you can reapply a policy while it is still in the task queue, that is, while the apply task has not
yet completed, there is no benefit in doing this.
yet completed, there is no benefit in doing this.
A status message indicates whether the policy is currently up to date or out of date. When the policy is
out of date, you can conveniently display a comparison of the policy to the currently running policy in
a new browser window. The comparison does not include differences in an intrusion policy associated
with the access control policy.
out of date, you can conveniently display a comparison of the policy to the currently running policy in
a new browser window. The comparison does not include differences in an intrusion policy associated
with the access control policy.