Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1480
Views
0
Helpful
1
Replies

Firepower NGFW - Create a dependency in the Access Control rule

Go to solution
david.campeau
Level 1
Level 1

‎04-03-2020 01:48 PM - edited ‎04-03-2020 02:49 PM

e currently run the FMC 4500 and FTD 9300's, and am currently working on a new Access Control Rule, however I don't know that it is possible to create a dependency.  Let me explain.

 

We have a particular service that listens on 80 and 443.  I only want to allow 443 access if there is already an established 80 connection.  Is it possible to create a dependency to either allow or deny based on if an existing connection on port 80 is already there?

 

*Edit* Instead of a access control rule it would be snort?

 

Thanks,

 

David

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-03-2020 09:30 PM

I don't believe that's possible in the Firepower access control policy as the ACP entries are all processed top down with first match ending the rule processing (unless the action is "Monitor" but even that still doesn't have any parent-child type rule relationship).

That applies for both prefilter (traditional L4 5-tuple, no Snort) as well as ACP (L7) policies.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-03-2020 09:30 PM

I don't believe that's possible in the Firepower access control policy as the ACP entries are all processed top down with first match ending the rule processing (unless the action is "Monitor" but even that still doesn't have any parent-child type rule relationship).

That applies for both prefilter (traditional L4 5-tuple, no Snort) as well as ACP (L7) policies.

0 Helpful
Customers Also Viewed These Support Documents
Top