Access Control Policy Report: DC-FW

Access Control Policy Report
DC-FW
Data-center-FW
Modified By admin
Last Modified 2021-08-23 07:22:54 (UTC)
Table
Policy Information.........................................................................................................................................................................................................................1
Device Targets...............................................................................................................................................................................................................................1
HTTP Interactive Block Response...............................................................................................................................................................................................1
Security Intelligence.....................................................................................................................................................................................................................1
DNS Policy......................................................................................................................................................................................................................1
Network Whitelist............................................................................................................................................................................................................1
URL Whitelist..................................................................................................................................................................................................................1
Network Blacklist.............................................................................................................................................................................................................2
URL Blacklist...................................................................................................................................................................................................................2
Default Action................................................................................................................................................................................................................................2
Rules...............................................................................................................................................................................................................................................2
Mandatory Rules.............................................................................................................................................................................................................2
PACS......................................................................................................................................................................................................................2
Default Rules.................................................................................................................................................................................................................45
Advanced Settings......................................................................................................................................................................................................................45
General Settings...........................................................................................................................................................................................................45
Network Analysis and Intrusion Policies.......................................................................................................................................................................45
Files and Malware Settings...........................................................................................................................................................................................45
Transport/Network Layer Preprocessor Settings..........................................................................................................................................................45
Detection Enhancement Settings..................................................................................................................................................................................46
Performance Settings....................................................................................................................................................................................................46
Latency-Based Performance Settings...........................................................................................................................................................................46
Identity Policy Settings..................................................................................................................................................................................................46
SSL Policy Settings.......................................................................................................................................................................................................46
Prefilter Policy Settings.................................................................................................................................................................................................46
Intelligent Application Bypass.......................................................................................................................................................................................46
Threat Defense Service Policy......................................................................................................................................................................................47
Logging Policy.............................................................................................................................................................................................................................47
Default Syslog Settings.................................................................................................................................................................................................47
Referenced Objects.....................................................................................................................................................................................................................47
Object Groups...............................................................................................................................................................................................................47
Variable Sets.................................................................................................................................................................................................................47
SNMP Alert...................................................................................................................................................................................................................49
Security Intelligence......................................................................................................................................................................................................49
Network Lists and Feeds.......................................................................................................................................................................................49
URL Lists and Feeds.............................................................................................................................................................................................49
Networks.......................................................................................................................................................................................................................49
Ports..............................................................................................................................................................................................................................51
i
Policy Information
Name DC-FW
Description Data-center-FW
Domain Global
Modified By admin
Last Modified 2021-08-23 07:22:54 (UTC)
Device Targets
Device DC
HTTP Interactive Block Response

Type System-Provided
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Access Denied</title>
<style type="text/css">body {margin:0;font-family:verdana,sans-serif;} h1 {margin:0;padding:12px
25px;background-color:#343434;color:#ddd} p {margin:12px 25px;} strong {color:#E0042D;}</style>
</head>
<body>
<h1>Access Denied</h1>
HTML <p>
<strong>You are attempting to access a forbidden site.</strong><br/><br/>
You may continue to the site by clicking on the button below.<br/>
<em>Note:</em> You must have cookies enabled in your browser to continue.</br><br/>
Consult your system administrator for details.<br/><br/>
<noscript><em>This page uses Javascript. Your browser either doesn''t support Javascript or you
have it turned off.<br/>
To continue to the site, please use a Javascript enabled browser.</em></noscript>
</p>
</body>
</html>
Security Intelligence
DNS Policy
Name Default DNS Policy

Log Connections Yes
Send Events to Defense Center Yes
Send using specific syslog alert No
Network Whitelist
Zone any
Global Whitelist
URL Whitelist
Zone any
Global Whitelist for URL
1
Network Blacklist
Zone any
Global Blacklist Action Block
Yes
Log Connections
Yes
Send Events to Defense Center
URL Blacklist
Zone any
Global Blacklist for URL Action Block
Yes
Log Connections
Yes
Send Events to Defense Center
Default Action
Default Action Access Control: Block All Traffic
Variable Set
Log at Beginning of Connection Yes
Log at End of Connection No
Log File Events No
Rules
Mandatory Rules
PACS
1:RADIOLOGY (2)
Action Allow
to-FW-NET
Source Zones Old_Network
vlan-3003
Destination Zones Old_Network
Source Tunnels any
Source Networks any
Original Client Networks any
Destination Networks voip-controller
Safe Search Disable
2
Youtube EDU Disable
VLAN Tags any
Users any
Psiphon
GoDaddy
HTTPS
Mitel
Application Filters RTCP
RTP
RTP Video
SIP
SSL
Source Ports any
Destination Ports any
Source ISE Metadata any
Destination ISE Metadata any
Security Group Tag any
Time Range
URLs any
Intrusion Policy Balanced Security and Connectivity
Variable Set Default-Set
File Policy
Log File Events No
Comments
2:RADIOLOGY
Action Allow
vlan-3003
Source Zones
Old_Network
vlan-3003
Destination Zones
Old_Network
Source Tunnels any
Source Networks 172.16.118.244
172.16.0.0
Destination Networks ASUH-Staff
192.168.30.0
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
PJL
Application Filters
ACR-NEMA
Source Ports any
3
Time Range
URLs any
Intrusion Policy
File Policy
Comments
3:pacs to rad
Action Allow
Destination Zones vlan-3003
Source Tunnels any
192.168.30.252
Destination Networks
10.200.31.1-253
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Application Filters any
Source Ports any
TCP (6):4006
UDP (17):161
Destination Ports
TCP (6):515
TCP (6):104
Time Range
URLs any
Intrusion Policy
File Policy
Comments
4:CD-PACS
Action Allow
vlan-3003
Source Zones
Old_Network
Source Tunnels any
Source Networks any
172.16.118.46
172.16.118.191
Safe Search Disable
Youtube EDU Disable
4
VLAN Tags any
Users any
HTTP Tunnel
Application Filters HTTP
HTTPS
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Comments
5:systems to pacs
Action Allow
vlan-3003
Source Zones
Old_Network
Source Tunnels any
Source Networks any
Destination Networks 172.16.118.244
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Application Filters ACR-NEMA
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Comments
6:Ris_to_non_domian
Action Allow
vlan-3003
Source Zones
Old_Network
5
Source Tunnels any
172.16.114.123
192.168.30.47
Source Networks
10.200.31.185
192.168.30.0
Destination Networks RIS
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Intrusion Policy FW-DC-IPS
File Policy
Comments
7:allow cobalt 200 pacs (1)

Action Allow
Source Tunnels any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Destination Ports TCP (6):57348
Time Range
URLs any
File Policy FW_DC-malware
6
Log File Events Yes
Comments
8:allow cobalt 200 pacs

Action Allow
Old_Network
Source Zones
vlan-3003
Source Tunnels any
ASUH-Staff
Source Networks
192.168.30.0
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users Relam:asuh/*
Application Filters NetBIOS-ssn (SMB)
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
9:systems to pacs port

Action Allow
vlan-3003
Source Zones
Old_Network
Source Tunnels any
7
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Destination Ports TCP (6):104
Time Range
URLs any
Intrusion Policy
File Policy
Comments
10:allow admins
Action Allow
Old_Network
Source Zones
vlan-3003
Vlan100
Destination Zones
Vlan420
Source Tunnels any
Source Networks any
Destination Networks any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users Group:asuh/Domain Admins
Source Ports any
Time Range
URLs any
Log at Beginning of Connection No
Log File Events Yes
8
Comments
11:hector
Action Allow
Source Zones vlan-3003
Source Tunnels any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Comments
12:allow 37
Action Allow
Destination Zones Vlan100
Source Tunnels any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
9
Intrusion Policy Maximum Detection
Log File Events Yes
Comments
13:Internet fw ise
Action Allow
Source Zones to-FW-NET
Source Tunnels any
FTD-internet-inside
Source Networks
FMC-FDT
ISE
DNS
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Intrusion Policy Connectivity Over Security
Log File Events Yes
Comments
14:allow101 (1)
Action Allow
Source Zones ASU-net
Source Tunnels any
10
Source Networks any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Intrusion Policy Maximum Detection
Log File Events Yes
Comments
15:dicom-notification
Action Allow
vlan-3003
Source Zones
Old_Network
Source Tunnels any
192.168.12.0/24
ASUH-Staff
Source Networks
172.16.0.0
192.168.30.0
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
TCP (6):49000
Destination Ports
TCP (6):49001-49008
11
Time Range
URLs any
Intrusion Policy
File Policy
Comments
16:LABS-230
Action Allow
vlan-3003
Source Zones
Old_Network
Source Tunnels any
172.16.118.230
172.16.118.101
172.16.118.253
172.16.0.0/16
Source Networks
192.168.15.0/24
192.168.0.0/16
10.0.0.0
central
172.16.114.200
172.16.118.253
172.16.118.230
172.16.118.14
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
NetBIOS-ssn (SMB)
Application Filters
TNS/Oracle
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Log File Events No
Comments
17:shared-ip-based
Action Allow
12
Source Tunnels any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Log File Events No
Comments
18:temp
Action Allow
Destination Zones to-FW-NET
Source Tunnels any
172.16.118.253
Source Networks
asuh_pacs
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
13
Time Range
URLs any
Intrusion Policy
Log File Events Yes
Comments
19:anton_rdp
Action Allow
Old_Network
Destination Zones
vlan-3003
Source Tunnels any
Source Networks 172.16.112.128/25
172.16.118.250
172.16.118.200
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users User:asuh/anton
Application Filters RDP
Source Ports any
Time Range
URLs any
Intrusion Policy Security Over Connectivity
File Policy
Log File Events No
Comments
20:RDP_LABS
Action Allow
14
Old_Network
Destination Zones
vlan-3003
Source Tunnels any
172.16.118.40
172.16.118.230
172.16.118.101
172.16.118.253
172.16.114.200
192.168.15.0/24
ASUH-Staff
192.168.30.0
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users User:asuh/abdo
Source Ports any
All:10101
All:10040
Destination Ports
All:10230
All:3389
Time Range
URLs any
File Policy
Log File Events No
Comments
21:pacs_rdp
Action Allow
vlan-3003
Source Zones
Old_Network
Source Tunnels any
Source Networks any
172.16.118.246
172.16.118.241
172.16.118.125
asuh_pacs
Safe Search Disable
15
Youtube EDU Disable
VLAN Tags any
Users User:asuh/remorad,asuh/remorad3
ICMP
HTTP
HTTPS
TeamViewer
VMware Server Console
VMware vCenter client
Source Ports any
Time Range
URLs any
File Policy
Comments
22:asu-servers-allow (1)
Action Allow
Old_Network
Source Zones
vlan-3003
Source Tunnels any
172.16.185.160
10.200.2.38
10.200.15.40
10.200.2.237
172.16.118.40
172.16.118.200
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
NetBIOS-ssn (SMB)
Application Filters
MS SQL
Source Ports any
Time Range
URLs any
16
File Policy
Log File Events No
Comments
23:allow mc-sql
Action Allow
Old_Network
Source Zones
vlan-3003
Source Tunnels any
172.16.112.240
Source Networks
10.200.13.13
172.16.118.40
172.16.118.250
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
RDP
Application Filters
MS SQL
Source Ports any
Time Range
URLs any
File Policy
Log File Events No
Comments
24:asu-servers-allow
Action Allow
vlan-3003
ASU-net
17
Source Tunnels any
172.16.91.0/22
172.16.185.0/24
ASUH-Staff
central
172.16.116.0
172.16.117.0
172.16.119.0
172.16.112.0
172.16.118.200
172.16.118.40
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users Relam:asuh/*
Application Filters MS SQL
Source Ports any
Time Range
URLs any
File Policy
Log File Events No
Comments
25:ittest
Action Allow
Old_Network
Source Zones
vlan-3003
Destination Zones any
Source Tunnels any
10.200.16.5
10.200.17.1
Source Networks
10.200.2.81
IT
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
18
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
26:ash3a vpn
Action Allow
Source Tunnels any
Source Networks VPN-pools
Destination Networks asuh_pacs
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Destination Ports HTTP
Time Range
URLs any
Log File Events Yes
19
Comments
27:MANG to ISE DHCP

Action Allow
Source Zones any
Source Tunnels any
Source Networks Edge_Switches
10.20.10.0-24
10.100.10.0-24
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
28:VPN Users
Action Allow
Source Tunnels any
Source Networks VPN-pools
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
20
Time Range
URLs any
Log File Events Yes
Comments
29:Ranin retreiving policy

Action Allow
Old_Network
Source Zones
vlan-3003
vlan-3003
Destination Zones
Old_Network
Source Tunnels any
192.168.18.0/30
192.168.16.1
192.168.200.0/30
10.200.31.52
10.200.31.53
Source Networks
10.200.31.1-253
ASUH-Staff
printers_radiology
radiology
150.2.0.0-16
192.168.30.246
radiology
Destination Networks printers_radiology
10.200.31.1-253
10.200.1.1-99
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
21
Log File Events Yes
Comments
30:asuh_guest (1)
Action Allow
Old_Network
Source Zones
vlan-3003
Source Tunnels any
Source Networks any
172.16.118.200
172.16.118.107
172.16.118.40
172.16.118.250
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users User:asuh/kareem.m,asuh/a.khaled,asuh/h.tarek,asuh/anton,asuh/ahmed
ACR-NEMA
HTTP
Application Filters HTTP/2
MS SQL
NetBIOS-ssn (SMB)
Source Ports any
Time Range
URLs any
File Policy
Log File Events No
Comments
31:mgmt to internet
22
Action Allow
Vlan420
Vlan100
Vlan-60
Vlan421
vlan-3005
DNA_Cluster
Source Tunnels any
172.16.118.106
172.16.118.117
172.16.118.170
10.20.10.0-24
IT
Source Networks 10.100.10.0-24
Edge_Switches
10.22.10.0-24
Access_point
10.60.0.0-24
10.20.40.0-24
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Log at End of Connection Yes
Log File Events No
Send Events to SNMP yes, using DNAC
Comments
32:ASU-net
Action Allow
vlan-3003
Source Zones
Old_Network
Destination Zones ASU-net
Source Tunnels any
23
ASUH-Staff
Source Networks
OLD-CORE
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
File Policy
Log File Events No
Comments
33:RADIOLOGY (4)
Action Allow
Source Zones voip-dmz
Source Tunnels any
Source Networks voip-wan
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
24
File Policy
Log File Events No
Comments
34:block ip
Action Block
Old_Network
Source Zones
Vlan100
Source Tunnels any
10.100.10.109
Source Networks
172.16.118.0
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Comments
35:DNS to all1
Action Allow
Old_Network
vlan-3003
vlan-3002
vlan-3005
Source Zones Vlan421
DNA_Cluster
vlan-3004
vlan-3006
vlan-3001
Vlan100
Destination Zones Vlan-60
Old_Network
Source Tunnels any
25
Source Networks any
DNS
DHCP
Destination Networks additional
NTP
dhcp-test
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
kpasswd
AD DRS
CLDAP
DHCP
DHCP Failover
DHCP Failover 2
DNS
Application Filters LDAP
LDAPS
LSARPC
Microsoft Global Catalog
NTP
NetBIOS-ssn (SMB)
Netlog
Netlogon
Source Ports any
Time Range
URLs any
File Policy
Comments
36:DNS
Action Allow
Old_Network
vlan-3003
vlan-3002
vlan-3005
Source Zones Vlan421
DNA_Cluster
vlan-3001
vlan-3004
vlan-3006
Vlan100
Old_Network
Source Tunnels any
Source Networks any
26
DNS
DHCP
NTP
dhcp-test
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
AD DRS
CLDAP
DHCP
DHCP Failover
DHCP Failover 2
DNS
LDAP
Application Filters LDAPS
LSARPC
Microsoft Global Catalog
NTP
NetBIOS-ssn (SMB)
Netlog
Netlogon
kpasswd
Source Ports any
Time Range
URLs any
File Policy
Log File Events No
Comments
37:DNS to all
Action Allow
Old_Network
vlan-3001
vlan-3003
vlan-3002
vlan-3005
vlan-3006
Vlan421
DNA_Cluster
Vlan100
Destination Zones
Vlan-60
Source Tunnels any
Source Networks any
27
DNS
DHCP
NTP
dhcp-test
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
kerberos
dhcp
DNS_over_TCP
ldap_udp
Netlogon
smb
DNS_over_UDP
Destination Ports
ebmap_udp
NTP-TCP
AD_DRS
NTP-UDP
cldap
LDAP
ebmap_tcp
Time Range
URLs any
Log File Events Yes
Comments
38:USER TO OLD NETWORK

Action Allow
vlan-3001
Source Zones
vlan-3003
Source Tunnels any
Source Networks ASUH-Staff
Destination Networks 172.16.112.0/22
172.16.116.0/24
172.16.117.0/24
172.16.119.0/24
172.16.185.0/24
192.168.0.0/16
28
central
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
39:URL ALLOW
Action Allow
vlan-3003
Source Zones
Old_Network
Source Tunnels any
ASUH-Staff
Source Networks
172.16.0.0
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs http://82.129.243.44:7001/emoh100
http://41.33.78.210:7001/emoh100
http://192.168.41.16:7001/emoh100
29
http://81.129.243.41:7001/emoh100
http://41.33.78.208:7001/emoh100
http://192.168.41.25:7001/emoh100
http://41.33.78.209:7001/emoh100
http://192.168.41.28:7001/emoh100
http://82.129.243.42:7001/emoh100
http://www.smcegy.com
http://www.wl.smcegy.com
http://www.wlmssmcegy.com
http://www.100milionseha.eg
http://81.21.105.234
http://193.227.20.76
http://62.68.238.83
https://login.yahoo.com
Log File Events Yes
Comments
40:all to ise(disable)
Action Allow
Old_Network
vlan-3001
vlan-3003
vlan-3002
vlan-3005
vlan-3006
Vlan421
DNA_Cluster
Source Tunnels any
Source Networks any
Destination Networks ISE
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
30
Log File Events Yes
Comments
41:ISE and FTD access

Action Allow
Vlan100
Vlan420
Source Tunnels any
172.16.118.0
Source Networks
IT
10.100.10.0-24
Destination Networks 10.20.10.0-24
FTD
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
42:old-network to internetcont
Action Allow
Source Tunnels any
31
192.168.12.0/24
192.168.18.0/24
192.168.14.14
172.16.0.0
central
192.168.30.0
voip-controller
Source Networks grage_2
asuh-internet
research
192.168.17.47
192.168.17.7
eng-ehab
grage_server
192.168.31.0
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
File Policy
Comments
43:user to internet
Action Allow
vlan-3001
Source Zones
vlan-3003
Source Tunnels any
Source Networks ASUH-Staff
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
32
Time Range
URLs any
Log File Events Yes
Comments
44:old-network_to_edges
Action Allow
Source Tunnels any
10.30.0.0/16
172.16.118.0
Source Networks
IT
central
Destination Networks ASUH-Staff
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
33
45:LAB&DVR_zone
Action Allow
vlan-3003
Source Zones
Old_Network
Old_Network
Destination Zones
vlan-3003
Source Tunnels any
172.16.112.0/24
172.16.115.95
172.16.114.42
172.16.115.26
Source Networks
172.16.115.236
172.16.115.0/24
ASUH-Staff
SURGERY-old
172.16.114.200
192.168.74.100
SURGERY-old
ASUH-Staff
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
46:old-network to servers(disable)
Action Allow
Source Tunnels any
Destination Networks 10.100.10.0-24
34
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
47:icmp_radiology(disable)
Action Allow
vlan-3003
Source Zones
Old_Network
vlan-3003
Destination Zones
Old_Network
Source Tunnels any
172.16.114.200
10.200.31.1-253
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Application Filters ICMP
Source Ports any
Time Range
URLs any
Intrusion Policy
35
File Policy
Log File Events No
Comments
48:old 192.168 to new network

Action Allow
Source Tunnels any
172.16.118.0/24
172.16.122.0/24
Source Networks
172.16.119.157
vlan403
10.200.31.1-253
ASUH-Staff
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
49:DNAC-SNMP1(disable)
Action Allow
Source Zones any
Source Tunnels any
Source Networks 10.20.10.0-24
36
10.22.10.0-24
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Destination Ports UDP (17):161
Time Range
URLs any
Intrusion Policy
File Policy
Log File Events No
Comments
51:amac allow net

Action Allow
Old_Network
Source Zones
vlan-3003
Source Tunnels any
192.168.0.0/16
172.16.116.0
172.16.117.0
cardiology
ASUH-Staff
172.16.120-24
central
172.16.112.0
172.16.118.3
172.16.118.200
172.16.118.2
172.16.118.37
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users Relam:asuh/*
37
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
52:http medical registration

Action Allow
Old_Network
Source Zones
vlan-3003
Source Tunnels any
192.168.0.0/16
172.16.112.0
172.16.117.0
172.16.116.0
central
172.16.120-24
ASUH-Staff
cardiology
172.16.118.40
172.16.118.50
172.16.118.107
172.16.118.203
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users Relam:asuh/*
Psiphon
Application Filters
HTTP
Source Ports any
Time Range
URLs any
38
Log File Events Yes
Comments
53:allow asu-server zone

Action Allow
Source Zones ASU-net
Source Tunnels any
172.16.118.230
172.16.118.250
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
DCE/RPC
Epmap
Application Filters
HTTP
NetBIOS-ssn (SMB)
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
54:psiphon
Action Allow
Old_Network
Source Zones
vlan-3003
39
Source Tunnels any
Source Networks any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Application Filters Psiphon
Source Ports any
Time Range
URLs any
Intrusion Policy
File Policy
Comments
55:AD_to ISE and FTD

Action Allow
Vlan-60
Source Zones
Vlan100
Vlan100
Destination Zones
Vlan-60
Source Tunnels any
FTD
Source Networks DNA-Group
ISE
ISE
Destination Networks FTD
DNA-Group
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
40
Log File Events Yes
Comments
56:http access-servers
Action Allow
Old_Network
ASU-net
Source Tunnels any
192.168.0.0/16
172.16.0.0/16
Source Networks
ASUH-Staff
central
172.16.118.230
172.16.118.204
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
Log File Events Yes
Comments
57:radiology-ping
Action Allow
41
Source Tunnels any
192.168.30.80
172.16.118.244
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
File Policy
Log File Events No
Comments
58:allow_temp_253
Action Allow
Source Tunnels any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
42
Time Range
URLs any
File Policy
Log File Events No
Comments
59:bio_gast
Action Allow
Source Tunnels any
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Destination Ports All:4370
Time Range
URLs any
Intrusion Policy Connectivity Over Security
Log File Events Yes
Comments
60:DNAC-SNMP2 (1)(disable)
Action Allow
Source Zones any
43
Source Tunnels any
Source Networks any
10.20.10.0-24
10.22.10.0-24
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports UDP (17):161
Time Range
URLs any
Log File Events Yes
Comments
61:Allow 150
Action Allow
Source Tunnels any
Destination Networks 150.0.0.0/16
Safe Search Disable
Youtube EDU Disable
VLAN Tags any
Users any
Source Ports any
Time Range
URLs any
44
File Policy FW-NET-malware
Log File Events Yes
Comments
Default Rules
This category is empty
Advanced Settings
General Settings
Maximum URL Length 1024

Interactive Block Bypass Timeout 600
Network Analysis and Intrusion Policies
Intrusion Policy used before Access Control rule is

FW-DC-IPS
determined
Intrusion Policy Variable Set Default-Set
# of Custom Network Analysis Rules 0
Default Network Analysis Policy Balanced Security and Connectivity
Files and Malware Settings
File Type Inspect Limit 1460

Cloud Lookup Timeout 2
SHA-256 hash limit for files 10485760
Minimum file size to store (bytes) 6144
Maximum file size to store (bytes) 1048576
Minimum file size for dynamic analysis testing (bytes) 6144
Maximum file size for dynamic analysis testing
1048576
(bytes)
Transport/Network Layer Preprocessor Settings
Detection Settings Disabled

Maximum Active Responses No Maximum
Minimum Response Seconds No Minimum
Session Termination Logging Threshold 1048576
45
Detection Enhancement Settings
Adaptive Profiles Enabled

Adaptive Profiles - Enable profile updates Disabled
Performance Settings
Maximum Queued Events 5

Disable content checks that will
Event Queue be inserted through the stream false
reassembly process
Sample time (seconds) 300

Minimum number of packets 0
Performance Statistics Log Session/Protocol Distribution Disabled
Summary Disabled
Match Limit Default

Regular Expression Limits Match Recursion Limit Default
Maximum Queued Events 8

Logged Events 5
Rule Processing Configuration
Order Events By Content Length
Latency-Based Performance Settings
Apply From Installed Rule Update false

Packet Handling Disabled
Rule Handling Disabled
Identity Policy Settings
Identity Policy asuh
SSL Policy Settings
SSL Policy to use for inspecting encrypted

None
connections
Prefilter Policy Settings
Prefilter Policy DC-prefilter
Intelligent Application Bypass
No Data
46
Threat Defense Service Policy
No threat defense service rules configured
Logging Policy
Default Syslog Settings
Send to syslog collectors configured in Threat

No
Defense Platform Settings
Referenced Objects
Object Groups
172.16.118.50
172.16.118.244
172.16.118.191
172.16.118.204
172.16.118.203
asuh_pacs
172.16.118.19
172.16.118.84
172.16.118.53
172.16.118.54
172.16.118.46
0.0.0.0/0
any
::/0
DHCP-67
dhcp
DHCP-68
FTD-4100-chasis
FTD-DC
FTD
FTD-net
FMC
10.20.10.249
DNA-Group 10.22.10.249
10.22.10.250
Variable Sets
47
SSH_PORTS (Port) 22
64.12.31.136/32,205.188.210.203/32,64.12.46.140/32,64.12.24.0/23,
205.188.5.0/24,205.188.179.0/24,205.188.11.254/32,205.188.248.0/24,
AIM_SERVERS 205.188.11.228/32,205.188.11.253/32,205.188.153.0/24,
(Network) 205.188.1.132/32,205.188.3.0/24,64.12.161.0/24,
64.12.163.0/24,205.188.9.0/24,205.188.7.0/24,64.12.200.0/24,
64.12.186.85/32,64.12.28.0/23,
FTP_PORTS (Port) 21,2100,3535,
8300,8040,36099,2231,90,6767,1801,443,10255,8983,1720,49153,9850,
9091,40007,14592,5250,9002,3037,84,8014,8088,33300,5555,
53331,10080,8015,89,9830,9788,7080,8000,1581,7071,9080,
9200,8020,4592,7145,5060,3443,8028,5117,8181,9201,8118,
17000,81,5054,1414,8484,666,86,55555,11371,311,8880,1158,
2869,13014,44449,6080,808,50002,8082,7777,8500,55252,
5222,34444,4000,82,3507,8888,7144,2301,10100,9447,3000,5601,
9000,7778,9443,8694,2381,2375,3702,8393,23472,50000,
801,2578,8333,8080,1220,7001,8344,5000,9710,1533,8443,5416,
HTTP_PORTS (Port)
555,2809,5814,8222,1942,10443,1812,8180,9060,80,5894,
50452,12601,10297,383,9999,29991,8090,34412,16000,8280,30007,
1212,1741,8400,1830,7181,901,5450,5984,8085,7180,49152,
18081,8800,2484,87,3128,7770,6988,8001,1194,631,8008,
8123,8243,1422,5443,6173,5061,4343,8161,8899,593,15672,
10250,88,56712,7005,8182,15489,83,8081,8095,5600,7510,41080,
818,30018,34443,8509,7000,19980,51423,3029,972,4848,
8787,7070,85,36,9290,10000,9111,3057,1719,8060,591,2980,
7779,9090,8852,9700,
HTTP_SERVERS
$HOME_NET
(Network)
HOME_NET (Network) any
ORACLE_PORTS
any
Default-Set (Port)
SHELLCODE_PORTS
!80
(Port)
FILE_DATA_PORTS
143,110,$HTTP_PORTS,
(Port)
USER_CONF
any
(Advanced)
SSH_SERVERS
$HOME_NET
(Network)
SIP_PORTS (Port) 5600,5061,5060,
SQL_SERVERS
$HOME_NET
(Network)
GTP_PORTS (Port) 3386,2123,2152,
SNMP_SERVERS
$HOME_NET
(Network)
HTTP_Ports (Port) 443
TELNET_SERVERS
$HOME_NET
(Network)
SIP_SERVERS
$HOME_NET
(Network)
DNS_SERVERS
$HOME_NET
(Network)
SMTP_SERVERS
$HOME_NET
(Network)
EXTERNAL_NET
any
(Network)
48
SNMP Alert
User Name
SNMP Version 2
Server 10.22.10.250
Community tesseract-traps
DNAC
Auth Protocol None
Priv Protocol None
Engine
Security Intelligence
Network Lists and Feeds
List Type List

5.9.163.18 5.9.163.19 72.5.161.4 72.26.218.69 72.26.218.71
88.99.142.163 92.222.180.119 94.130.143.162 107.6.74.84
Global-Blacklist IPs 136.243.102.154 136.243.102.167 164.132.109.110
172.16.115.8 172.16.115.91 184.105.192.2 185.159.82.133
192.168.13.3
List Type List

Global-Whitelist IPs 172.16.115.8 172.16.115.91
URL Lists and Feeds
List Type List

Global-Whitelist-for-URL Entries https://www.shakwa.eg
List Type List

Global-Blacklist-for-URL Entries https://streamate.com
Networks
voip-controller 172.18.17.240
172.16.0.0 172.16.0.0/16
ASUH-Staff 10.200.0.0/19
192.168.30.0 192.168.30.0/24
10.200.31.1-253 10.200.31.1-10.200.31.253
RIS 172.16.118.50
FTD-internet-inside 10.20.30.2
FMC-FDT 10.60.0.0/29
ISE 10.20.10.40
DNS 10.100.10.200
10.0.0.0 10.0.0.0/8
49
central 172.18.0.0/20
192.168.0.0 192.168.0.0/16
172.16.116.0 172.16.116.0/22
172.16.117.0 172.16.117.0/24
172.16.119.0 172.16.119.0/24
172.16.112.0 172.16.112.0/22
IT 192.168.19.0/24
VPN-pools 10.250.248.0/22
Edge_Switches 10.10.0.0/16
10.20.10.0-24 10.20.10.0/24
10.100.10.0-24 10.100.10.0/24
printers_radiology 192.168.13.0/24
radiology 10.200.31.1-10.200.31.253
150.2.0.0-16 150.2.0.0/16
10.200.1.1-99 10.200.1.1-10.200.1.99
10.22.10.0-24 10.22.10.0/24
Access_point 10.50.0.0/21
10.60.0.0-24 10.60.0.0/24
10.20.40.0-24 10.20.40.0/24
OLD-CORE 172.16.112.0-172.16.119.254
voip-wan 172.30.1.1
172.16.118.0 172.16.118.0/24
DHCP 10.100.10.100
additional 172.16.118.170
NTP 10.60.0.100
dhcp-test 172.16.118.23
grage_2 192.168.17.200
asuh-internet 172.18.69.0/25
research 192.168.60.0/24
192.168.17.47 192.168.17.47
192.168.17.7 192.168.17.7
eng-ehab 192.168.17.6
grage_server 192.168.17.100
192.168.31.0 192.168.31.0/24
SURGERY-old 172.16.113.0/24
vlan403 192.168.4.0/24
cardiology 172.16.185.0/24
172.16.120-24 172.16.120.0/24
FTD-4100-chasis 10.60.0.2
FTD-DC 10.60.0.3
FTD-net 10.60.0.4
FMC 10.60.0.1
10.20.10.249 10.20.10.249
10.22.10.249 10.22.10.249
10.22.10.250 10.22.10.250
50
Ports
HTTP TCP (6)/80

kerberos TCP (6)/88
DNS_over_TCP TCP (6)/53
ldap_udp UDP (17)/389
Netlogon TCP (6)/49671
smb TCP (6)/445
DNS_over_UDP UDP (17)/53
ebmap_udp UDP (17)/135
NTP-TCP TCP (6)/123
AD_DRS TCP (6)/49667
NTP-UDP UDP (17)/123
cldap UDP (17)
LDAP TCP (6)/389
ebmap_tcp TCP (6)/135
DHCP-67 UDP (17)/67
DHCP-68 UDP (17)/68
51

Access Control Policy Report: DC-FW

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Access Control Policy Report: DC-FW

Uploaded by

Copyright:

Available Formats

Access Control Policy Report

HTTP Interactive Block Response...............................................................................................................................................................................................1

HTTP Interactive Block Response

Name Default DNS Policy

7:allow cobalt 200 pacs (1)

8:allow cobalt 200 pacs

9:systems to pacs port

27:MANG to ISE DHCP

29:Ranin retreiving policy

38:USER TO OLD NETWORK

41:ISE and FTD access

48:old 192.168 to new network

51:amac allow net

52:http medical registration

53:allow asu-server zone

55:AD_to ISE and FTD

This category is empty

Maximum URL Length 1024

Network Analysis and Intrusion Policies

Intrusion Policy used before Access Control rule is

Files and Malware Settings

File Type Inspect Limit 1460

Transport/Network Layer Preprocessor Settings

Detection Settings Disabled

Adaptive Profiles Enabled

Maximum Queued Events 5

Sample time (seconds) 300

Match Limit Default

Maximum Queued Events 8

Latency-Based Performance Settings

Apply From Installed Rule Update false

Identity Policy Settings

Identity Policy asuh

SSL Policy Settings

SSL Policy to use for inspecting encrypted

Prefilter Policy Settings

Prefilter Policy DC-prefilter

Intelligent Application Bypass

No threat defense service rules configured

Send to syslog collectors configured in Threat

List Type List

List Type List

URL Lists and Feeds

List Type List

List Type List

HTTP TCP (6)/80

You might also like