https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876689#M1030212 <P>Hi Robert,</P> <P></P> <P>For blocking bittorrent, you can create an access control rule with bittorrent as an application selected and set the action to block.</P> <P>Make sure if you are using the latest VDB (vulnearbility database on your firepower)</P> <P></P> <P>For getting alerts on intrusions and malware , you can refer to the below document :</P> <P></P> <P>http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118464-configure-firesight-00.html</P> <P></P> <P>If you are managing via ASDM, you can use syslog an snmp same as above.</P> <P></P> <P>Please rate and mark helpful posts.</P> <P></P> <P>Thanks,</P> <P>Ankita</P> Mon, 04 Jul 2016 05:07:27 GMT ankojha 2016-07-04T05:07:27Z https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876688#M1030210 <P>We are a small ISP with about 600 customers. &nbsp;Our aggregate&nbsp;through our&nbsp;ASA 5515x hits about 320 mbps.</P> <P>A speedtest shows that it can do about 860 mbps up/down without FirePower. &nbsp;With a typical Firepower inline configuration, we get about 220 mbps.</P> <P>Purchasing a 5555-x is currently over our budget. &nbsp;We are licensed for two ASAs, so the option exists to put a second one on the network or load balance. (which I've heard does not consume a license)</P> <P></P> <P>Another option is to just block BitTorrent, otherwise be notified of malware &amp; intrusion attempts?</P> <P></P> <P>Can anyone suggest a way to configure this?</P> <P></P> <P>Thanks,</P> <P>-Robert</P> Tue, 26 Mar 2019 01:16:30 GMT https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876688#M1030210 Robert Zeff 2019-03-26T01:16:30Z https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876689#M1030212 <P>Hi Robert,</P> <P></P> <P>For blocking bittorrent, you can create an access control rule with bittorrent as an application selected and set the action to block.</P> <P>Make sure if you are using the latest VDB (vulnearbility database on your firepower)</P> <P></P> <P>For getting alerts on intrusions and malware , you can refer to the below document :</P> <P></P> <P>http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118464-configure-firesight-00.html</P> <P></P> <P>If you are managing via ASDM, you can use syslog an snmp same as above.</P> <P></P> <P>Please rate and mark helpful posts.</P> <P></P> <P>Thanks,</P> <P>Ankita</P> Mon, 04 Jul 2016 05:07:27 GMT https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876689#M1030212 ankojha 2016-07-04T05:07:27Z https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876690#M1030213 <P>We are managing with FMC running under VMWare. &nbsp;I'd rather see the alerts on FMC.</P> <P>I do have this configuration, with my File policy looking like:</P> <P><IMG src="http://git.nikola.com/software/filepolicy.png" alt="File Policy" width="930" height="478" /></P> <P></P> <P>If I select Malware cloud lookup under "action", it just looks up? &nbsp;Otherwise I'd select "block malware"?&nbsp;</P> <P>It seems that no matter how minimal the configuration is, I cannot get over 280 mbps, and while doing a speedtest with one client, a ping test of about 2ms goes to 150-330&nbsp;ms with a lot of jitter.</P> <P></P> <P>Thanks,</P> <P>Robert</P> Mon, 04 Jul 2016 19:06:21 GMT https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876690#M1030213 Robert Zeff 2016-07-04T19:06:21Z https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876691#M1030214 <P>Hello</P> <P>If you enable malware cloudlookup it will query cloud for the file disposition to check if the file is clean or threat etc..Block malware means it will completely block the files marked as malware.</P> <P>For the verification of throughputs you can open a TAC request just to confirm that your deploymebt is proper.</P> <P>Rate if posts helps you</P> <P>Regards</P> <P>Jetsy</P> Tue, 05 Jul 2016 05:33:22 GMT https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876691#M1030214 Jetsy Mathew 2016-07-05T05:33:22Z https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876692#M1030215 <P>Keep in mind that Malware/file analysis will create more overhead on those ASAs, adding latency in your network. &nbsp;Tune it well. &nbsp; this is in addition on other features you add like URI filtering, Network Discovery policies, and Signatures with HIgh or very High overhead.</P> <P></P> <P>Just me 2 pennies</P> <P></P> Fri, 15 Jul 2016 19:44:33 GMT https://community.cisco.com/t5/network-security/firepower-configuration-for-maximum-throughput/m-p/2876692#M1030215 Ed Padilla Jr 2016-07-15T19:44:33Z