https://community.cisco.com/t5/network-security/cisco-firepower-security-intelligence/m-p/2960055#M18151 <P>Is there a way to protect my internal network resources from "browser vpn" connections, like Opera VPN with Cisco FirePOWER services? Maybe with Security Intelligence upgrade?</P> <P>Sec.Int. has "Open_proxy" category but these connections are passing without any problem.</P> <P>How can I investigate an attack when source IP address is masked?</P> Thu, 05 Jan 2017 16:11:33 GMT dosadaubija 2017-01-05T16:11:33Z https://community.cisco.com/t5/network-security/cisco-firepower-security-intelligence/m-p/2960055#M18151 <P>Is there a way to protect my internal network resources from "browser vpn" connections, like Opera VPN with Cisco FirePOWER services? Maybe with Security Intelligence upgrade?</P> <P>Sec.Int. has "Open_proxy" category but these connections are passing without any problem.</P> <P>How can I investigate an attack when source IP address is masked?</P> Thu, 05 Jan 2017 16:11:33 GMT https://community.cisco.com/t5/network-security/cisco-firepower-security-intelligence/m-p/2960055#M18151 dosadaubija 2017-01-05T16:11:33Z https://community.cisco.com/t5/network-security/cisco-firepower-security-intelligence/m-p/2960056#M18165 <P>Have you tried doing a packet capture whilst opening one yourself and then analyse the packets to see if there is something you can add to an acl to have dropped.</P> Fri, 07 Jul 2017 11:03:01 GMT https://community.cisco.com/t5/network-security/cisco-firepower-security-intelligence/m-p/2960056#M18165 Kristian Mattocks 2017-07-07T11:03:01Z