https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4739645#M1095987 <P>Hi Sir, In my situation i can revert to Snort 2 but i will also face the same problem with High Memory Utilization-Snort, that is the main reason why i upgraded to Snort 3. I have reached to TAC already and they suggested to upgrade to FMC and FTD 7.0.5.&nbsp;</P><P><A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/bugs.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/bugs.html</A></P><P>Have you tried or experienced the 7.0.5? or anyone here experienced it? need some feedback on this version.</P><P>Thanks</P> Thu, 15 Dec 2022 11:35:56 GMT Herald Sison 2022-12-15T11:35:56Z https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4687588#M1093395 <P>Hi,</P><P>Outbound traffic to the internet on our network are being blocked. FMC tags valid URLs into Spam or Malicious Sites or Exploits.</P><P>Im using FMC&nbsp;<SPAN>7.0.1 (build 84) and FTD&nbsp;Version 7.0.1. Any idea? Thanks.</SPAN></P><P><SPAN>Sample logs</SPAN></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="fmc logs.jpg" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/162593iDB3A93431BDB8505/image-size/medium?v=v2&amp;px=400" role="button" title="fmc logs.jpg" alt="fmc logs.jpg" /></span></P><P> </P> Thu, 15 Sep 2022 05:32:00 GMT https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4687588#M1093395 kish02 2022-09-15T05:32:00Z https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4687759#M1093397 <P>&nbsp;</P> <P>&nbsp;- Check the URL filtering&nbsp; policies :&nbsp;<A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/url_filtering.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/url_filtering.html</A></P> <P>&nbsp;M.</P> Thu, 15 Sep 2022 10:36:43 GMT https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4687759#M1093397 Mark Elsen 2022-09-15T10:36:43Z https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4688294#M1093434 <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="brewnet84_0-1663296407487.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/162682i656E4F41D18758BC/image-size/medium?v=v2&amp;px=400" role="button" title="brewnet84_0-1663296407487.png" alt="brewnet84_0-1663296407487.png" /></span></P><P>I am seeing the same thing running FTD <SPAN>7.0.4 (build 55)</SPAN> and FMC of same version. I did a pending deployment and despite no changes actual deployed the categories flipped back and traffic started passing. I had been running these versions without issue for almost a week. The exact time I experienced this is 9/14 2pm - 7pm CST.<BR /><BR />After</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="brewnet84_1-1663296608627.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/162683iE274AB42F2EFBAA2/image-size/medium?v=v2&amp;px=400" role="button" title="brewnet84_1-1663296608627.png" alt="brewnet84_1-1663296608627.png" /></span></P><P>&nbsp;</P> Fri, 16 Sep 2022 02:50:27 GMT https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4688294#M1093434 brewnet84 2022-09-16T02:50:27Z https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4688510#M1093439 <P>Seems a problem with Snortv3 as per bug <A href="https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa85492" target="_blank">https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa85492</A></P><P>Ive reverted to Snortv2 and seems to have fixed the problem.</P> Fri, 16 Sep 2022 10:44:02 GMT https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4688510#M1093439 Jose-Net 2022-09-16T10:44:02Z https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4739645#M1095987 <P>Hi Sir, In my situation i can revert to Snort 2 but i will also face the same problem with High Memory Utilization-Snort, that is the main reason why i upgraded to Snort 3. I have reached to TAC already and they suggested to upgrade to FMC and FTD 7.0.5.&nbsp;</P><P><A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/bugs.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/bugs.html</A></P><P>Have you tried or experienced the 7.0.5? or anyone here experienced it? need some feedback on this version.</P><P>Thanks</P> Thu, 15 Dec 2022 11:35:56 GMT https://community.cisco.com/t5/network-security/fmc-tags-valid-urls-into-spam-exploits-or-malicious-sites/m-p/4739645#M1095987 Herald Sison 2022-12-15T11:35:56Z