Skip to main content



Cisco Defense Orchestrator

Create an ASA Network Policy

Use this procedure to create an ASA Network Policy:

  1. Select Policies > ASA Policies.
  2. Click Create Policy.
  3. Click the Device filter to search for the device on which you will save the policy. 
  4. Enter a name for the policy. Note that you cannot have two network policies with the same name on a device.
  5. Select the interface for which you want to apply this policy.
  6. Specify if the policy is for outbound or inbound traffic. Note that you cannot have two policies for the same interface in the same direction on the same device. 
  7. Click Save. CDO creates the network policy and a single "permit IP any any" rule for that policy. 
  8. Edit the policy as needed.
  9. Return to the Devices & Services page and select the device for which you created the policy. You should see that your device is Not Synced.
  10. Click Preview and deploy...
  11. In the Device Sync box, review the commands that will create the policy and the rules in the policy. 
  12. If you are satisfied with the proposed changes, click Apply Changes to Device.
  • Was this article helpful?