Rule conditions specify the traffic that each rule handles. You can configure each rule with multiple conditions, and traffic must match all conditions to match the rule. The available condition types depend on the rule type.
In rule editors, each condition type has its own tab. Build conditions by choosing the traffic characteristics you want to match. In general, choose criteria from one or two lists of available items on the left, then add or combine those criteria into one or two lists of selected items on the right. For example, in URL conditions in access control rules, you can combine URL category and reputation criteria to create a single group of websites to block.
To help you build conditions, you can match traffic using various system-provided and custom configurations, including realms, ISE attributes, and various types of objects and object groups. Often, you can manually specify rule criteria.
Source and Destination Criteria
Where a rule involves source and destination criteria (zones, networks, ports), usually you can use either or both criteria as constraints. If you use both, matching traffic must originate from one of the specified source zones, networks, or ports and leave through one of the destination zones, networks, or ports.
Items per Condition
You can add up to 50 items to each condition. For rules with source and destination criteria, you can use up to 50 of each. Traffic that matches any of the selected items matches the condition.
Simple Rule Mechanics
In rule editors, you have the following general choices. For detailed instructions on building conditions, see the topics for each condition type.
Choose Item—Click an item or check its check box. Often you can use Ctrl or Shift to choose multiple items, or right-click to Select All.
Search—Enter criteria in the search field. The list updates as you type. The system searches item names and, for objects and object groups, their values. Click reload () or clear () to clear the search.
Add Predefined Item—After you choose one or more available items, click an Add button or drag and drop. The system prevents you from adding invalid items: duplicates, invalid combinations, and so on.
Add Manual Item—Click the field under the Selected items list, enter a valid value, and click Add. When you add ports, you may also choose a protocol from the drop-down list.
Create Object—Click the add icon () to create a new, reusable object that you can immediately use in the condition you are building, then manage in the object manager. When using this method to add application filters on the fly, you cannot save a filter that includes another user-created filter.
Delete—Click the delete icon () for an item, or choose one or more items and right-click to Delete Selected.