Cisco Defense Orchestrator

Adding Comments to Rules in FTD Policies and Rulesets

You can add comments to rules in FTD policies and rules in rulesets to document some characteristic of a rule. Rule comments are are only visible on CDO; they are never written to the FTD nor are they visible in FDM. 

Comments are added to rules after they are created and saved in CDO. As rule comments are only a feature of CDO, creating, changing, or deleting a rule comment does not change the configuration status of the device in CDO to "Not Synced". You will not need to write changes from CDO to the FTD to save a rule comment.

Comments associated with rules in an FTD policy can be viewed and edited on the device's policy page. Comments associated with rules in an FTD ruleset can be viewed and edited on the rulesets page. When a ruleset is used in a policy, any comments associated with any of the rules in the ruleset are displayed in the comments area of the policy. The comments are read-only. 

When you search for a string in policies, rulesets, or the change log, CDO will search the comments associated with a rule for that string along with the other attributes and values of a rule. 

When a comment for a rule is added or edited, that action is recorded in the Change log. Because rule comments are only recorded and maintained in CDO, they are labeled (CDO-only change) in the change log. 

Caution: If there is an out of band change to an FTD device's configuration and CDO reads that configuration into its database, the comments associated with any rules will be wiped out. 

Adding a Comment to a Rule

  1. Open the policy or ruleset that contains the rule you want to comment on.
  2. Select the rule.
  3. Click Add Comment in the Add Comment area for the rule.
  4. Add a comment in the text box.
  5. Click Save.


