Chapter 4 Quick Start Configuration
Configure a Rule Module
4-16
Installing Management Center for Cisco Security Agents 5.2
78-17916-01
Step 6 Select the Log checkbox.
This means that the system action in question is logged and sent to the server.
Generally, you will want to turn logging on for all deny rules so you can monitor
event activity.
Step 7 Select a preconfigured Application class from the available list to indicate the
applications whose access to files we want exercise control over. For this rule,
we’ll select Quarantined applications. Note that when you click Save, selected
application classes move to the top of the list.
Step 8 Select the and Write File and Write Directory checkboxes to indicate the actions
we are denying.
Step 9 Now we’ll enter the system files we are protecting with this rule. In the files field,
enter $All files available from the Insert File Set option.
Step 10 Click the Save button.
Next, we will create a policy to attach our rule module to.
