16-13
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter16 Managing Firewall Access Rules
Configuring Access Rules
The Import Rules and Combine Rules options are also included in the right-click menu. See
Importing Rules, page 16-37 and Combining Rules, page 12-22 for more information about these
options.
Add and Edit Access Rule Dialog Boxes
Use the Add and Edit Access Rule dialog boxes to add and edit security-device access rules.
Note With the release of Security Manager 4.4 and versions 9.0 and higher of the ASA, the separate pages for
configuring IPv4 and IPv6 access rules were unified. However, for the earlier ASA versions, a separate
page for IPv6 access rules is still provided. The following descriptions apply to apply to all versions of
the page, except where noted.
Read the following topics before you configure access rules:
Understanding Access Rules, page 16-1
Understanding Global Access Rules, page 16-3
Understanding Device Specific Access Rule Behavior, page 16-4
Understanding Access Rule Address Requirements and How Rules Are Deployed, page 16-5
Configuring Access Rules, page 16-7
Navigation Path
On the Access Rules Page, page 16-9, click the Add Row button or select a row and click the Edit Row
button.
Related Topics
Configuring Expiration Dates for Access Rules, page 16-19
Editing Rules, page 12-9
Adding and Removing Rules, page 12-9
Importing Rules, page 16-37
Understanding Networks/Hosts Objects, page 6-74
Understanding and Specifying Services and Service and Port List Objects, page 6-86
Field Reference
Table16-2 Add and Edit Access Rule Dialog Boxes
Element Description
Enable Rule Check this box to enable this rule, which means the rule becomes active
when you deploy the configuration to the device. Deselect to disable the
rule while keeping the rule definition. Disabled rules are shown
overlaid with hash marks in the rule table. See Enabling and Disabling
Rules, page 12-20 for more information.
Action Whether the rule permits or denies traffic based on the conditions you
define.