04-29-2017 10:49 AM - edited 03-12-2019 02:17 AM
Question 1. In ASA Firewall with multiple context how can i divert traffic to firepower module and in which context should i put the management port? will it be in admin context or it will be shared in all the contexts?
Question 2. Is OSPF and SLA tracking is supported in ASA Firewall with multiple context?
Question 3. Is “ Dynamic Analysis” unmark check box does not send actual data to cloud for sandboxing and normal SHA-256 check-mechanism is active simultaneously in Firesight management center ?
05-01-2017 09:53 AM
Question 1. In ASA Firewall with multiple context how can i divert traffic to firepower module and in which context should i put the management port? will it be in admin context or it will be shared in all the contexts?
Answer:- You need to define policy in the context config to divert traffic to firepower module. Management interface can not be allocated to multiple contexts. It’s best to just allocate the management interface to the admin context. Also, you can create sub-interfaces on the management interface but you can NOT assign the same VLAN (i.e. the management VLAN in your organization) to these sub-interfaces, since they need to be on different subnets. So in order to manage individual contexts directly, it is best to just use the other interface/subinterface in each context as the management address for that context
Question 2. Is OSPF and SLA tracking is supported in ASA Firewall with multiple context?
Answer 2: Multiple context mode does not support the following features:
RIP
OSPFv3. (OSPFv2 is supported.)
Multicast routing
Threat Detection
Unified Communications
QoS
Remote access VPN. (Site-to-site VPN is supported.)
Question 3. Is “ Dynamic Analysis” unmark check box does not send actual data to cloud for sandboxing and normal SHA-256 check-mechanism is active simultaneously in Firesight management center ?
Answer :- The AMP Threat Grid cloud or on-premises AMP Threat Grid appliance runs the file in a sandbox environment to determine whether the file is malicious, and returns a threat score that describes the likelihood a file contains malware. From the threat score, you can view a dynamic analysis summary report that details why the cloud assigned the threat score. By unmark check this box Dynamic Analysis will stop.
If this is helpful please rate or marked it as answered if you got your answer.
05-01-2017 12:27 PM
Doest it mean that:
SLA tracking is supported ?
As you said unmarking Dynamic analysis will stop file sandboxing, so will it stop sending SHA-256 value to Cloud as well ?
05-01-2017 01:44 PM
Hi,
Yes SLA tracking is supported.
Yes, by unmarking Dynamic analysis will stop sending SHA-256 value to cloud as well.
If this is helpful please rate.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide