Configuring Adaptive Profiles

In a passive deployment, Cisco recommends that you configure adaptive profile updates. In an inline deployment, configure the inline normalization preprocessor with the Normalize TCP Payload option enabled.

Caution

Adaptive profiling must be enabled (its default state) as described in this procedure for access control rules to perform application or file control, including AMP, and for intrusion rules to use service metadata.

Before you begin

The access control policy must have a network discovery policy that is enabled to do host/service discovery, or host data must be imported from a third-party source.

Procedure

Step 1

In the access control policy editor, click Edit (edit icon) on the policy you want to modify.

Step 2

Click More > Advanced Settings, and then click Edit (edit icon) next to the Detection Enhancement Settings section.

If View (View button) appears instead, settings are inherited from an ancestor policy, or you do not have permission to modify the settings.If the configuration is unlocked, uncheck Inherit from base policy to enable editing.

Step 3

Set adaptive profile options as described in Adaptive Profile Options.

Step 4

Click OK.

Step 5

Click Save to save the policy.

What to do next

  • Deploy configuration changes.