User Guide for Cisco Security Manager 4.4
Chapter17 Managing Firewall Inspection Rules
Inspection Rules Page
Sources Provide traffic sources for this rule; can be networks, security groups,
and users. You can enter values or object names, or Select objects, for
one or more of the following types of sources:
Network – You can specify a various network, host and interface
definitions, either individually or as objects. If you Select an
interface object as a source, the dialog box displays tabs to
differentiate between hosts/networks and interfaces.
The “All-Address” objects do not restrict the rule to specific hosts,
networks, or interfaces. These addresses are IPv4 or IPv6 addresses
for hosts or networks, network/host objects, interfaces, or interface
Note You can only specify a fully qualified domain name (FQDN) by
providing an FQDN network/host object, or a group object that
includes an FQDN object. You cannot directly type in an
See Understanding Networks/Hosts Objects, page 6-74,
Specifying IP Addresses During Policy Definition, page 6-81 and
Understanding Interface Role Objects, page 6-67 for additional
information about these definitions.
Security Groups (ASA 9.0+) – Enter or Select the name or tag
number for one or more source security groups for the rule, if any.
See Selecting Security Groups in Policies, page 14-13,
Configuring TrustSec-Based Firewall Rules, page14-13 and
Creating Security Group Objects, page 14-12 for more information
about security groups.
Users – Enter or Select the Active Directory (AD) user names, user
groups, or identity user group objects for the rule, if any. You can
enter any combination of the following:
Individual user names: NetBIOS_DOMAIN\username
User groups (note the double \):
Identity user group object names.
For more information, see:
Selecting Identity Users in Policies, page 13-21
Configuring Identity-Based Firewall Rules, page13-21
Creating Identity User Group Objects, page 13-19
Note Enter more than one value in any of these fields by separating
the items with commas.
Each specification is combined with any others to limit traffic matches
to only those flows that include all definitions. For example, specified
user traffic originating from within a specified source address range.
Table17-4 Add and Edit Inspect/Application FW Rule Wizard Step 2: Action, Sources,
Destinations, and Services Page (Continued)
Element Description