Skip to main content

 

 

Cisco Defense Orchestrator

View FTD Rules and Rulesets

View Rules from Device Policy Page

The Firepower Threat Defense (FTD) device policy page shows individual (local) and shared rules (associated with rulesets).

Use the following procedure to view the FTD ruleset from the policy page:

  1. In the navigation pane, click Devices & Services.
  2. Select an FTD device that you want.
  3. In the Management pane on the right, click Policy. You see the following rules based on the configuration you have made: 
    • Top Rules: Shows the mandatory shared rules which will be processed before all other rules on the device. 
    • Local Rules: Shows device-specific rules which will be processed after mandatory rules on the device.
    • Bottom: Shows the default shared rules which will be processed after all other rules on the device. 

Note: You can edit the ruleset by going to the corresponding ruleset page. 

  1. On the top right corner of the ruleset header, click Go to ruleset  GoToRuleSet.JPG . 
  2. Make the required changes to the rules and click Save. The new changes are updated on all devices associated with the ruleset.

View Rulesets

The Rulesets page shows all rulesets available in your tenant. It also provides information about devices associated with the rulesets.

Use the following procedure to view all rulesets from the Rulesets page:

  1. In the navigation pane, click Policies > Rulesets. The rules available in your tenant are displayed. 
  2. Click a ruleset to view its details. 
    The Devices column shows the number of FTD devices attached to each ruleset. 
  3. In the Management pane, click Workflows. This page shows all the actions that you performed on the device. 
    You can click Diagram to view a pictorial representation of the workflow.   

Search Rulesets

You can use the Filter by Device filter to select the devices for viewing the rulesets assigned to them.   

  1. In the navigation pane, click Policies > Rulesets.
  2. Click the filter icon and click Filter by Device.
  3. Select one or more devices from the list and click OK
    You can see the rulesets based on the devices you have selected. 

View Jobs Associated with Rulesets

The Jobs page records actions when you apply ruleset to FTD devices or remove them from FTD devices.  It also determines if the action was successful or failed.

  1. In the navigation pane, click Policies > Rulesets.
  2. Click a ruleset to view its details.
  3. In the Management pane, click Jobs. This page shows actions that you performed on the ruleset.
  • Was this article helpful?