https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/4018951#M937175 <P>The patch may have made something visible that was there all along.</P> <P>The message is indicating that you have sent more than 200 files in a 24-hour period to AMP cloud for ThreatGrid analysis.&nbsp;</P> <P>I usually see this when applying a file policy on east-west traffic (i.e. between users and file servers) where the policy indicates to send unknown files on for analysis.</P> Mon, 27 Jan 2020 17:51:48 GMT Marvin Rhoads 2020-01-27T17:51:48Z https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/4018467#M937174 <P>I patched our FMC from 6.4.0.2 to 6.4.0.7. I am receiving a warning that states " Successfully connected to cloud, Number of files detected in traffic exceeds module threshold."&nbsp;</P><P>&nbsp;</P><P>Is this something that will clear itself up in time? This warning was not present before patching.</P><P>&nbsp;</P><P>Thanks!!</P> Fri, 21 Feb 2020 17:52:05 GMT https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/4018467#M937174 Zachary Ballard 2020-02-21T17:52:05Z https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/4018951#M937175 <P>The patch may have made something visible that was there all along.</P> <P>The message is indicating that you have sent more than 200 files in a 24-hour period to AMP cloud for ThreatGrid analysis.&nbsp;</P> <P>I usually see this when applying a file policy on east-west traffic (i.e. between users and file servers) where the policy indicates to send unknown files on for analysis.</P> Mon, 27 Jan 2020 17:51:48 GMT https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/4018951#M937175 Marvin Rhoads 2020-01-27T17:51:48Z https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/5229885#M1117830 <P>Thanks Marvin for response on this. Did you have any reference about this?&nbsp;<BR />Best regards,&nbsp;<BR />Chamnan,&nbsp;</P> Thu, 28 Nov 2024 04:44:58 GMT https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/5229885#M1117830 chamnan neang 2024-11-28T04:44:58Z https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/5230345#M1117866 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1817686">@chamnan neang</a> here are two references:</P> <P>"Public cloud that processes eligible files that you send for dynamic analysis, and provides threat scores and dynamic analysis reports. Firepower supports 200 samples/day for <SPAN class="ph">Secure Malware Analytics</SPAN> analysis. "</P> <P>Reference: <A href="https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/network-malware-protection.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/network-malware-protection.html</A></P> <P>"<SPAN>In the new ThreatGrid sample limits model, these limits are the number of samples devices can upload for File Analysis per organization. All integrated devices (WSA, ESA, CES, FMC, and so on) and AMP for Endpoints are collectively entitled to 200 samples daily, regardless of the number of devices.</SPAN></P> <P style="background-image: url('http://www.cisco.com/en/US/i/templates/note.gif'); background-repeat: no-repeat; background- position: 2px 4px; height: auto; width: auto; padding: 10px 5px 10px 35px; margin-top: 10px; margin-bottom: 10px; border-top: 1px solid #ccc; border-bottom: 1px solid #ccc; overflow-x: hidden;"><STRONG>Note</STRONG>: This counter is not reset daily; instead, it works as a 24-hour rollover period.&nbsp;</P> <P>"</P> <P>Reference: <A href="https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/215283-understand-the-error-upload-limit-reach.html#toc-hId-30642250" target="_blank">https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/215283-understand-the-error-upload-limit-reach.html#toc-hId-30642250</A></P> <P>&nbsp;</P> Fri, 29 Nov 2024 02:48:26 GMT https://community.cisco.com/t5/network-security/fmc-amp-for-network-status/m-p/5230345#M1117866 Marvin Rhoads 2024-11-29T02:48:26Z