21-59
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter21 Managing Zone-based Firewall Rules
Zone-based Firewall Rules Page
Adding and Editing Zone-based Firewall Rules
Use the Add and Edit Zone based Firewall Rule dialog boxes to add and edit zone-based firewall rules
on Cisco IOS and ASR devices.
Navigation Path
From the Zone-based Firewall Rules Page, page 21-57, click the Add Row button, or select a row and
click the Edit Row button.
Related Topics
Understanding the Zone-based Firewall Rules, page 21-3
Configuring Settings for Zone-based Firewall Rules, page21-48
Adding Zone-Based Firewall Rules, page 21-12
Field Reference
Last Ticket(s) Shows the ticket(s) associated with last modification to the rule. You
can click the ticket ID in the Last Ticket(s) column to view details of
the ticket and to navigate to the ticket. If linkage to an external ticket
management system has been configured, you can also navigate to that
system from the ticket details (see Ticket Management Page,
page 11-51).
Tools button Click this button to select tools that you can use with this type of policy.
You can select the following tool:
Query – To run policy queries, which can help you evaluate your
rules and identify ineffective rules that you can delete. See
Generating Policy Query Reports, page 12-28
Find and Replace button
(binoculars icon)
Searches for values in rules tables, such as IP addresses and policy
object names, to facilitate locating and making changes to rules in
tables. See Finding and Replacing Items in Rules Tables, page 12-16.
Up button Moves the selected rule up one row in the table.
Down button Moves the selected rule down one row in the table.
Add button Opens the Add Zone-based Firewall Rule dialog box, where you can
create a new rule.
Edit button Used to edit the selected rule in the table; opens the Edit Zone-based
Firewall Rule dialog box.
Delete button Deletes the selected rule from the table.
Table21-22 Zone Based Firewall Rules Page (Continued)
Element Description
Table21-23 Add and Edit Zone based Firewall Rule Dialog Boxes
Element Description
Enable Rule When selected, the rule is enabled on the device after the configuration
is generated and deployed. Deselect this option to disable the rule
without deleting it.