topic Re: FMC/FTD question in Network Security

FMC/FTD question

benolyndav — Wed, 04 Aug 2021 16:31:04 GMT

Hello

Does anyone know if Firepower would block packets with a via header added to them.??

Thanks

Re: FMC/FTD question

balaji.bandi — Wed, 04 Aug 2021 16:46:32 GMT

You mean FTD can block the based on the header information :

Can you more elaborate with example - so we can suggest that possible or suggest some document to refer.

Look at the flow of FTD with Snort

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/212321-clarify-the-firepower-threat-defense-acc.html

Re: FMC/FTD question

benolyndav — Wed, 04 Aug 2021 16:49:05 GMT

Yes so we have a 3rd party who have a proxy which adds a via header and I'm wondering how I can investigate this on our FMC/FTD to see if the traffic is being blocked

Re: FMC/FTD question

balaji.bandi — Wed, 04 Aug 2021 16:58:03 GMT

I know that IPS does the http / https inspection header.

Look at the FMC analysis section for events