https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4094872#M1070599 <P>"Brute Force Attack" is not a precise term. What exactly are you trying to protect against?</P> Sat, 30 May 2020 14:29:46 GMT Marvin Rhoads 2020-05-30T14:29:46Z https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4094462#M1070569 <P>Hellow Everyone,</P><P>We have a query about Brute force attack. Can Cisco FTD(2110) prevent brute force attack through IPS? I know that, IPS has a brute force attack signature. When i have enabled this signature it do not drops any brute force attack packet. So please tell me how can we prevent this attack or share procedure.<BR />Thanks for advance.</P><P>Regards,</P><P>Samiul Islam</P> Fri, 29 May 2020 15:48:31 GMT https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4094462#M1070569 pinjar84062 2020-05-29T15:48:31Z https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4094872#M1070599 <P>"Brute Force Attack" is not a precise term. What exactly are you trying to protect against?</P> Sat, 30 May 2020 14:29:46 GMT https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4094872#M1070599 Marvin Rhoads 2020-05-30T14:29:46Z https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4094882#M1070604 <P>Hello Sir,</P><P>Thanks for your Reply.</P><P>&nbsp;</P><P>I want to prevent ssh attack by IPS Rules.<BR />For example IPS Signature :<BR />source ip: any<BR />destination ip : Our organization Server IP<BR />Source Port: any<BR />Destination Port: SSH/22<BR />Number of SSH TRY for Server: 10<BR />Time Duration: 60 Second<BR />Action: Block and Generate Events.</P><P>Is that possible through IPS? Is possible, please share the procedure.&nbsp;</P> Sat, 30 May 2020 15:11:12 GMT https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4094882#M1070604 pinjar84062 2020-05-30T15:11:12Z https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4095064#M1070609 <P>It's done via the Network Analysis Policy.</P> <P>See the following for configuration instructions:</P> <P><A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/detecting_specific_threats.html#ID-2236-00000386" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/detecting_specific_threats.html#ID-2236-00000386</A></P> Sun, 31 May 2020 11:26:44 GMT https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4095064#M1070609 Marvin Rhoads 2020-05-31T11:26:44Z https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4894080#M1103038 <P>Marvin, Is there are newer guide - for FMC version 7.2.4 and later. Seams that the guide you post is for much older version and not able to find the settings ?&nbsp;</P><P>&nbsp;</P> Thu, 27 Jul 2023 20:05:34 GMT https://community.cisco.com/t5/network-security/query-for-cisco-ftd-brute-force-attack/m-p/4894080#M1103038 buffkata 2023-07-27T20:05:34Z