Managing Network Analysis Rules

A network analysis rule is simply a set of configurations and conditions that specifies how you preprocess traffic that matches those qualifications. You create and edit network analysis rules in the advanced options in an existing access control policy. Each rule belongs to only one policy.

Procedure

Step 1

In the access control policy editor, click Advanced, then click Edit (edit icon) next to the Intrusion and Network Analysis Policies section.

If View (View button) appears instead, settings are inherited from an ancestor policy, or you do not have permission to modify the settings.If the configuration is unlocked, uncheck Inherit from base policy to enable editing.

Step 2

Next to Network Analysis Rules, click the statement that indicates how many custom rules you have.

Step 3

Edit your custom rules. You have the following options:

  • To edit a rule’s conditions, or change the network analysis policy invoked by the rule, click Edit (edit icon) next to the rule.

  • To change a rule’s order of evaluation, click and drag the rule to the correct location. To select multiple rules, use the Shift and Ctrl keys.

  • To delete a rule, click Delete (delete icon) next to the rule.

Tip

Right-clicking a rule displays a context menu that allows you to cut, copy, paste, edit, delete, and add new network analysis rules.

Step 4

Click OK.

Step 5

Click Save to save the policy.

What to do next

  • Deploy configuration changes.