Rulesets

About Rulesets

A ruleset is a collection of access control rules that can be shared with multiple FDM-managed devices. Any changes made to the rules of a ruleset affect the other managed devices that use this ruleset. An FDM-managed device can have device-specific (local) and shared (rulesets) rules. You can also create rulesets from existing rules in an FDM-managed device.

Important

The "Rulesets" feature is currently available FDM-managed devices version 6.5 or later and later. Also note that rulesets do not support devices enabled for Snort 3.

The following limitations apply:

You cannot attach rulesets to Snort 3-enabled devices.
You cannot create a ruleset from an existing device that has Snort 3 installed.
You cannot associate a custom IPS policy with a ruleset.

Copy or Move Rules associated with Rulesets

It's possible to copy or move access control rules within a ruleset or across different rulesets. Also, you're allowed to copy or move rules between local and rulesets. See Copy FDM Access Control Rules and Move FDM Access Control Rules for more information.

Auto-Detect Existing Rulesets

When you onboard a device, CDO auto-detects existing rulesets on them and tries to match them with the rules on the device. On a successful match, CDO automatically attaches the rulesets to the newly onboarded device. However, if there are multiple ruleset matches for the same set of rules on the device, none of them are attached, and you have to assign them manually.