Skip to main content



Cisco Defense Orchestrator

ASA Network Policies

The Network Policies page displays a list of all the network policies in use by all the devices managed by Cisco Defense Orchestrator (CDO).  Navigate Policies > ASA Policies to arrive at the network policies page. 

A network policy is a collection of network rules. Each network rule allows or prevents network traffic from reaching a network destination based on such characteristics as source and destination IP address, IP protocol, port number, EtherType, and so on. 

When CDO creates a network policy it associates it with an ASA interface and it creates one default rule in the policy. The network policy, when associated with an interface, is what ASA refers to as an "access group." The network policy name is the equivalent of the access control list (ACL) name in ASA. That default rule that CDO created and subsequent rules that you add to this network policy are referred to as access control entries (ACEs) in ASA. 


Related Topics