About FTD Rulesets
A Firepower Threat Defense (FTD) ruleset is a collection of access control rules that can be shared with multiple FTD devices. Any changes made to the rules of a ruleset affect the other managed FTD devices that use this ruleset. An FTD device can have device-specific (local) and shared (rulesets) rules. You can also create rulesets from existing rules in an FTD device.
Copy or Move Rules associated with Rulesets
It’s possible to copy or move access control rules within a ruleset or across different rulesets. Also, you’re allowed to copy or move rules between local and rulesets. See Copy FTD Access Control Rules and Move FTD Access Control Rules for more information.
Note: The Rulesets feature is currently available for devices running Firepower Threat Defense version 6.5 or later.
Auto-Detect Existing Rulesets
When you onboard a device, CDO auto-detects existing rulesets on them and tries to match them with the rules on the device. On a successful match, CDO automatically attaches the rulesets to the newly onboarded device. However, if there are multiple ruleset matches for the same set of rules on the device, none of them are attached, and you have to assign them manually.
- Configure Rulesets for an FTD
- FTD Rulesets with FTD Templates
- Create Rulesets from Existing Device Rules
- Impact of Out-of-Band Changes on Rulesets
- Impact of Discarding Staged Ruleset Changes
- View FTD Rules and Rulesets
- Change Log Entries after Creating Rulesets
- Detach FTD Devices from a Selected Ruleset
- Delete Rules and Rulesets
- Remove a Ruleset From a Selected FTD device