https://community.cisco.com/t5/network-security/how-do-you-disable-a-built-in-application-detection/m-p/4401252#M1080696 <P>We are running FirePower 6.6 and have recently been seeing a lot of bad detections around the "built in" GoDaddy definition.&nbsp; As GoDaddy is tagged as webmail, these not-really-GoDaddy sites are being blocked by our "block webmail" apps policy.</P><P>&nbsp;</P><P>Since the root of my problem is that the GoDaddy application detector seems to be running an overly-broad definition, I wanted to turn it off.&nbsp; That'd let any other matching definitions still run, and let us still use the protections we intend without the false positives we've been triggering.</P><P>&nbsp;</P><P>Problem is, I can't seem to figure out how to disable one of the built-in detectors.&nbsp; I can go to&nbsp;<STRONG>Policies</STRONG> -&gt;&nbsp;<STRONG>Application Detectors</STRONG> and filter with "GoDaddy"; but at this point I see two policies with the State toggle disabled (can't turn them off).</P><P>&nbsp;</P><P>Is there any way to disable a built-in application detector so it stops tripping rules with false positives?</P><P>(side question, does anyone know what the definition is for this detector -- I'd be interested in finding out why it so easily succumbs to this many false positives)</P> Tue, 11 May 2021 15:52:48 GMT purchasing 2021-05-11T15:52:48Z https://community.cisco.com/t5/network-security/how-do-you-disable-a-built-in-application-detection/m-p/4401252#M1080696 <P>We are running FirePower 6.6 and have recently been seeing a lot of bad detections around the "built in" GoDaddy definition.&nbsp; As GoDaddy is tagged as webmail, these not-really-GoDaddy sites are being blocked by our "block webmail" apps policy.</P><P>&nbsp;</P><P>Since the root of my problem is that the GoDaddy application detector seems to be running an overly-broad definition, I wanted to turn it off.&nbsp; That'd let any other matching definitions still run, and let us still use the protections we intend without the false positives we've been triggering.</P><P>&nbsp;</P><P>Problem is, I can't seem to figure out how to disable one of the built-in detectors.&nbsp; I can go to&nbsp;<STRONG>Policies</STRONG> -&gt;&nbsp;<STRONG>Application Detectors</STRONG> and filter with "GoDaddy"; but at this point I see two policies with the State toggle disabled (can't turn them off).</P><P>&nbsp;</P><P>Is there any way to disable a built-in application detector so it stops tripping rules with false positives?</P><P>(side question, does anyone know what the definition is for this detector -- I'd be interested in finding out why it so easily succumbs to this many false positives)</P> Tue, 11 May 2021 15:52:48 GMT https://community.cisco.com/t5/network-security/how-do-you-disable-a-built-in-application-detection/m-p/4401252#M1080696 purchasing 2021-05-11T15:52:48Z