I would like to discuss about blocking FB chat, post and comment with firepower 6.0. In our LAB, we can block FB application from app filtering features but we can't block FB chat, post or other messenger app. Now, we are also using SSL inspection policy but we can't block those app. How can we do to block those app ? Thanks in advance.
If this is a new installation , please start the device in the latest version .
Using the application filter in the Access Control policies rules, you can choose the facebook filters available and choose action as Block with reset and save the changes.Please refer the facebook filter options available.
Please redeploy the policies and you can see it gets blocked. Make sure that there is no other conflicting rules, and verify the position of the rules. Dont put a url and a application filter in same rule.
Rate and mark correct if the post helps you
Many thanks. Now, i have tested with your guide. But, my firewall still allow for those app.
- I configured SSL inspection policy (Decrypt-Resign), then access policy with application filter (block with reset).
So, i import certificate to trusted Authorities from Firefox. Then, i can solve certificate error. But, i can not block FB chat, post and comment.
What do i need to do more configuration to block FB chat, post, comment or other app blocking ? Thanks.
I am unable to get this to work either. The only one I can get to work is Facebook games. Chat and comment is still allowed even though they are checked to be blocked with reset.
I will second the version part of it
i am using 6.1.0-330 and all working as expected .. with no ssl policy i am able to block social media sites including twitter over https using url filtering and for the facebook i have app rules and its working.
I think we should open TAC case because we can't block some app (FB chat, bandwidth shaping, ultra surf, etc..) with lowest version. If we want to block something, cisco recommend that you should upgrade newest version. Now, cisco is changing the whole ASA to FTD (firepower threat defense). With FTD, we hope this OS will be covered to block those app. Currently, we can't easily to block those app without TAC.
Same issue here with Firepower 6.1.0. Decryption is working fine, but the device is unable to recognize the micro Apps, in the connection events it only appears as Facebook. tested with Facebook images, video, games, likes, chat, none of them are detected.