Filter
Top Products
12-30
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 12 Introduction to Firewall Services
Managing Your Rules Tables
You can query rules from these types of policies: AAA rules, access rules, inspection rules, web filter
rules for ASA/PIX/FWSM, and zone based firewall rules.
When setting up your query, you must select at least one rule type; enabled, disabled or both; permitted,
denied, or both; and mandatory, default, or both.
Note For inspection rules, if you enter Global as the interface value, the match status results will be shown as
a partial match even if the match is complete.
Results are displayed in the Policy Query Results dialog box (see Interpreting Policy Query Results,
page 12-32).
Navigation Path
To generate Policy Query reports, do one of the following:
• (Device view) Select a device, then select one of the supported firewall rules policies from the
Firewall folder. Click the Tools button and select Query.
• (Policy view) Select any of the supported firewall rules policies from the Firewall folder and select
a specific policy from the Shared Policy selector. Click the Tools button and select Query.
• (Map view) Right-click a device and select a supported firewall rules policy from the Edit Firewall
Policies menu. Click the Tools button and select Query.
Related Topics
• Generating Policy Query Reports, page 12-28
• Example Policy Query Result, page 12-34
Field Reference
Table 12-6 Querying Device or Policy Dialog Box
Element Description
Rule Types The type of rules you want to query. When querying in Policy view, you
cannot change the selection. When querying in Device view, you can
select any of the following types of rules; the scope of the query is
limited to the selected device:
• AAA Rules
• Access Rules
• Inspection Rules
• Web Filter Rules
• Zone Based Rules
Enabled and/or Disabled
Rules
Whether you want to query enabled or disabled rules, or both.
Mandatory and/or Default
Rules
Whether you want to query rules that are in the mandatory or default
sections, or both.
Match Whether you want to query rules that permit or deny traffic, or both.