Rockwell Automation Publication 1783-UM010C-EN-P - June 2019 53
Configure the Security Appliance Chapter 3
Configure a Test Policy to
Block CIP Administrative
Traffic
Single Policy Restriction
The ability to create policies was deprecated in the Stratix 5950 Version 6.4.0/
ASDM Version 7.12.1. With that release, you only get one policy: Default
Allow All. You can modify the default policy, but you cannot create policies.
Configure a Test Policy
Configure a test policy to verify the expected behavior of CIP DPI
functionality. This test policy verifies that the CIP™ RA Administrative traffic
is blocked from passing through the device.
To configure a test policy to block CIP admin traffic, follow these steps.
1. ASDM>Configuration>ASA FirePOWER Configuration>Policies>
Access Control Policy>New Policy
2. Name the policy, for example, Block_CIP_Admin_Policy.
3. Change the Default Action to Intrusion Prevention.
4. Click Store ASA FirePOWER Changes.
To Next Page
Loading...