cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

4936
Views
10
Helpful
4
Replies
Highlighted
Beginner

FireSIGHT: Access Controll policy out-of-date

I logged into the FireSIGHT and clicked on Policies tab -> Access Control tab , it shows

"Access Control policy out-of-date on 2 devices. Intrusion Policies out-of-date on 2 devices".

Clicked on it, it takes me to the pop up screen like this (in attachment1)


Clicked on "out-of-date" link on the pop up screen, it takes me to the Compare View, one of it is comparing my IPS Policy (2015-04-09) with the IPS Policy (2016-04-14).  I believe the one in 2015 was the one we first created fireSIGHT and the 2016 is the one I downloaded and installed.  

The one in 2016 has a lot of rules while the one in 2015 doesn't and vice versa.  Before I hit "Apply selected configurations" button on the attachment1, i want to understand what it will do to the policy that I built in 2015.  Because the one built in 2015 was created by a consultant and i don't want to change anything that he made or customized initially if I don't have to.

4 REPLIES 4
Highlighted
Cisco Employee

Hi,

Hi,

If there were any changes made to the policy (in comparison to the one that applied on the sensor) and not pushed to the sensors, your policy will show out of date. Once you apply it to the sensors, it will override the existing policy on the sensor with the new changes. 

Thanks,

Pujita

Highlighted
Beginner

Thanks, Pujita.  I had the

Thanks, Pujita.  I had the policy created by the consultant, i don't want to change it.  Is it recommended to update time to time?

Highlighted
Beginner

Hello, it is recommended to

Hello, it is recommended to update it with the new set of signatures.

Those signatures should be delivered weekly ( or even often) by either Cisco or other vendor that you use .

Highlighted
Beginner

Thanks, Lonut.

Thanks, Lonut.