i created access control policy/rule on a 5506 that blocks (w/ reset) URL categories: adult, games, P2P. i initially chose the category reputation of '1 - High Risk' but it didn't work. i changed it to a 'Any' and it worked. what are the difference between the reputation levels and how would you know which one to use (or which is best practice)? see photo 'fp-1' below.
also, i download and enabled a 45-day demo/eval license (L-5506-TAMC-E45D) for URL filtering and malware license and the status became 'never expires'
is this a cosmetic bug? i thought it's a 45 day demo license. see photo 'fp-2'
what do you mean by 'IPS Term Subscription is still required for IPS'?
URL filtering license is a term based license and you need to renew it, otherwise it will stop protecting. In your case it may be a bug thats the reason it showing never expire.
IPS license is permanent and will not expire. Protection license (along with a Control license) is automatically included in the purchase of any Classic managed device. This license is perpetual, but you must also purchase a TA subscription to enable system updates.
IntroductionComponentsSupported EndpointsPrerequisitesWindows 10 Endpoint ConfigurationGPO configuration for Managed Windows to allow PowerShell Remoting and Firewall ExceptionsCisco ISE ConfigurationValidating the configuration with flowSolutions when Ag...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...
hello, tricky thing, we using ASA and anyconnect for the remote user access. but lots of users report anyconnect will disconnect and reconnect at the first beginnging, it will happen 1 times and then will become stable. won't disconnect again.I test ...
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
New features added ...
During some flow analisys on SWE and CTR, I observed that some flows are been reported on the inverse direction, for example, there is a connection from an IP address located in Korea to my public IP address (located in Costa Rica). Checking this flo...