Manage Intrusion Policies

On the Intrusion Policy page (Policies > Intrusion) you can view your current custom intrusion policies, along with the following information:

  • Number of access control policies and devices are using the intrusion policy to inspect traffic

  • In a multidomain deployment, the domain where the policy was created

Note

Snort 2 is not supported on threat defense Version 7.7. For information on Snort 2 features that are supported in versions earlier than 7.7, refer to the management center guide that matches your threat defense version.

In a multidomain deployment, the system displays policies created in the current domain, which you can edit. It also displays policies created in ancestor domains, which you cannot edit. To view and edit policies created in a lower domain, switch to that domain.

Procedure

Step 1

Choose Policies > Intrusion.

Step 2

Manage your intrusion policy:

  • Create — Click Create Policy; see Create a Custom Snort 3 Intrusion Policy.

  • Delete — Click Delete (delete icon) next to the policy you want to delete. The system prompts you to confirm and informs you if another user has unsaved changes in the policy. Click OK to confirm.

    If the controls are dimmed, the configuration belongs to an ancestor domain, or you do not have permission to modify the configuration.

  • Edit intrusion policy details — Click Edit (edit icon) next to the policy you want to edit. You can edit the Name, Inspection Mode, and the Base Policy of the intrusion policy.

  • Edit intrusion policy settings — Click Snort 3 Version; see Edit Snort 3 Intrusion Policies.

  • Export — If you want to export an intrusion policy to import on another management center, click Export; see the Exporting Configurations topic in the latest version of the Cisco Secure Firewall Management Center Configuration Guide.

  • Deploy — Choose Deploy > Deployment; see Deploy Configuration Changes.

  • Report — Click Report; see the Generating Current Policy Reports topic in the latest version of the Cisco Secure Firewall Management Center Configuration Guide. Generates wo reports, one for each policy version.