Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
21-58
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 21 Managing Zone-based Firewall Rules
Zone-based Firewall Rules Page
Permit Indicates whether the rule permits or denies traffic.
Permit – Shown as a green check mark.
Deny – Shown as a red circle with a slash.
Source Identifies source networks and hosts for this rule. Networks/hosts can
be provided as named objects, or as IP addresses. See Understanding
Networks/Hosts Objects, page 6-74 for more information.
Destination Identifies destination networks and hosts for this rule. Networks and
hosts can be provided as named objects, or as IP addresses. See
Understanding Networks/Hosts Objects, page 6-74 for more
information.
Service The services that define the types of traffic matched by this rule.
Services are defined by objects that specify protocol and port
information. See Understanding and Specifying Services and Service
and Port List Objects, page 6-86 for more information.
From Zone This rule applies only to traffic originating from this zone.
To Zone This rule applies only to traffic destined for this zone.
Inspected Protocol The protocol(s) on which the rule performs the chosen Action.
Action Identifies how matched protocols are processed:
Drop – Matched traffic is silently dropped. The default action for
all traffic.
Drop and Log – Matched traffic is logged and dropped.
Pass – The router forwards matched traffic from the source zone to
the destination zone.
Pass and Log – Traffic is logged and forwarded.
Inspect – State-based traffic control; Inspect can provide
application inspection and control for certain protocols, based on
Port to Application Mapping (PAM).
Content Filter – HTTP content inspection based on a WebFilter
parameter map, or a WebFilter policy map.
Note The Log options generate system-log messages; you must
ensure that syslog logging is configured to capture these
messages.
Options The Inspect Parameter map assigned to this rule; available only with
Inspect and Content Filter actions.
Category The category assigned to the rule. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.
Description The description of this rule, if provided. A maximum of 1024
characters is allowed.
Table 21-22 Zone Based Firewall Rules Page (Continued)
Element Description