Edit Advanced Settings
The Advanced Settings section of the Device page displays a table of advanced configuration settings, as described below. You can edit any of these settings.
|
Field |
Description |
||
|---|---|---|---|
|
Application Bypass |
The state of Automatic Application Bypass on the device. |
||
|
Bypass Threshold |
The Automatic Application Bypass threshold, in milliseconds. |
||
|
Object Group Search |
The state of object group search on the device. While operating, the FTD device expands access control rules into multiple access control list entries based on the contents of any network or interface objects used in the access rule. You can reduce the memory required to search access control rules by enabling object group search. With object group search enabled, the system does not expand network or interface objects, but instead searches access rules for matches based on those group definitions. Object group search does not impact how your access rules are defined or how they appear in Firepower Management Center. It impacts only how the device interprets and processes them while matching connections to access control rules.
|
||
|
Interface Object Optimization |
The state of interface object optimization on the device. During deployment, interface groups and security zones used in the access control and prefilter policies generate separate rules for each source/destination interface pair. If you enable interface object optimization, the system will instead deploy a single rule per access control/prefilter rule, which can simplify the device configuration and improve deployment performance. If you select this option, also select the Object Group Search option to reduce memory usage on the device. |
The following topics explain how to edit the advanced device settings.
Note | For information about the Transfer Packets setting, see Edit General Settings. |