Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
985
Views
5
Helpful
1
Replies

ASA 5506 FP URL Category and URL/Malware License

johnlloyd_13
Level 9
Level 9

‎11-06-2018 11:14 PM - edited ‎03-12-2019 07:04 AM

hi all,

i created access control policy/rule on a 5506 that blocks (w/ reset) URL categories: adult, games, P2P. i initially chose the category reputation of '1 - High Risk' but it didn't work. i changed it to a 'Any' and it worked. what are the difference between the reputation levels and how would you know which one to use (or which is best practice)? see photo 'fp-1' below.

 

also, i download and enabled a 45-day demo/eval license (L-5506-TAMC-E45D) for URL filtering and malware license and the status became 'never expires'

is this a cosmetic bug? i thought it's a 45 day demo license. see photo 'fp-2'

what do you mean by 'IPS Term Subscription is still required for IPS'?

Labels:
Preview file
135 KB
Preview file
127 KB
0 Helpful
1 Reply 1

Abheesh Kumar
VIP Alumni
VIP Alumni

‎11-07-2018 01:29 AM - edited ‎11-07-2018 01:33 AM

Hi ,

URL filtering is clearly explained in the below thread.

https://community.cisco.com/t5/security-documents/ftd-url-filtering-how-it-works/ta-p/3347292

 

URL filtering license is a term based license and you need to renew it, otherwise it will stop protecting. In your case it may be a bug thats the reason it showing never expire.

IPS license is permanent and will not expire. Protection license (along with a Control license) is automatically included in the purchase of any Classic managed device. This license is perpetual, but you must also purchase a TA subscription to enable system updates.

For more license details refer 

https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/licensing_firepower_system.html#ID-2240-00000035

https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/Licensing_the_Firepower_System.pdf

 

HTH

Abheesh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card