topic ASA Firepower with Automatic Application Bypass (AAB) and Intelligent Application Bypass (IAB) in Network Security https://community.cisco.com/t5/network-security/asa-firepower-with-automatic-application-bypass-aab-and/m-p/3001187#M17741 <P>Hi all,</P> <P></P> <P>I'm using ASA5585-X SSP40 (version 9.4.(2)6 ) with Firepower 6.0.1.2. Because of performance issues I've activated AAB for testing purposes. In the documentation I found:</P> <P></P> <P>"If detection is bypassed, the device generates a health monitoring alert."</P> <P></P> <P>I also activated IAB in test mode for application category "very low risks"</P> <P>I want to know, how often these events occures and what kind of information it contains. Does anybody know, how I can identify these events in the Health monitor or via CLI?</P> <P></P> <P>Thank you,</P> <P></P> <P>Sincerely,</P> <P>Uwe</P> Tue, 06 Dec 2016 14:53:09 GMT u.drechsel 2016-12-06T14:53:09Z ASA Firepower with Automatic Application Bypass (AAB) and Intelligent Application Bypass (IAB) https://community.cisco.com/t5/network-security/asa-firepower-with-automatic-application-bypass-aab-and/m-p/3001187#M17741 <P>Hi all,</P> <P></P> <P>I'm using ASA5585-X SSP40 (version 9.4.(2)6 ) with Firepower 6.0.1.2. Because of performance issues I've activated AAB for testing purposes. In the documentation I found:</P> <P></P> <P>"If detection is bypassed, the device generates a health monitoring alert."</P> <P></P> <P>I also activated IAB in test mode for application category "very low risks"</P> <P>I want to know, how often these events occures and what kind of information it contains. Does anybody know, how I can identify these events in the Health monitor or via CLI?</P> <P></P> <P>Thank you,</P> <P></P> <P>Sincerely,</P> <P>Uwe</P> Tue, 06 Dec 2016 14:53:09 GMT https://community.cisco.com/t5/network-security/asa-firepower-with-automatic-application-bypass-aab-and/m-p/3001187#M17741 u.drechsel 2016-12-06T14:53:09Z Hello, https://community.cisco.com/t5/network-security/asa-firepower-with-automatic-application-bypass-aab-and/m-p/3001188#M17742 <P>Hello,</P> <P></P> <P>When AAB triggers you'll get an event in Health Events. It will trigger once a packet will take more than configured threshold until gets out on the output interface.</P> <P></P> <P>IAB should be configured for large flows identified (like SMB traffic, large downloads over non HTTPS flows).</P> Mon, 09 Jan 2017 10:17:59 GMT https://community.cisco.com/t5/network-security/asa-firepower-with-automatic-application-bypass-aab-and/m-p/3001188#M17742 Claudiu Cismaru 2017-01-09T10:17:59Z