Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
6-64
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 6 Managing Policy Objects
Creating Access Control List Objects
Source Provide traffic sources for this rule; can be networks and hosts. You can
enter values or object names, or Select objects, for one or more of the
following:
Networks/Hosts – You can specify a various network, host and
interface definitions, either individually or as objects. If you Select
an interface object as a source, the dialog box displays tabs to
differentiate between hosts/networks and interfaces.
The “All-Address” objects do not restrict the rule to specific hosts,
networks, or interfaces. These addresses are IPv4 or IPv6 addresses
for hosts or networks, network/host objects, interfaces, or interface
roles.
Note (ASA 8.4.2+ only) You can only specify a fully qualified
domain name (FQDN) by providing an FQDN network/host
object, or a group object that includes an FQDN object. You
cannot directly type in an FQDN.
See Understanding Networks/Hosts Objects, page 6-74,
Specifying IP Addresses During Policy Definition, page 6-81 and
Understanding Interface Role Objects, page 6-67 for additional
information about these definitions.
Note Enter more than one value in any of these fields by separating
the items with commas.
All Source, Source SG, and Users specifications area combined to limit
traffic matches to only those flows that include all source definitions.
For example, specified user traffic originating from within a specified
source address range.
Source SG (ASA 9.0+ only) Enter or Select the name or tag number for one or
more source Security Groups for the ACE, if any. For more information
about security groups, see:
Selecting Security Groups in Policies, page 14-13
Configuring TrustSec-Based Firewall Rules, page 14-13
Creating Security Group Objects, page 14-12
Table 6-24 Add and Edit Unified Access Control Entry Dialog Boxes (Continued)
Element Description