Hi, As per the documentation FireAMP blocks malware based on known hash and Firepower and can hold the file for 30 secs to get the verdict. In case if the verdict is unknown by FireAMP then can we use the ClamAV engine which is part of local malware ...
Forum Posts
Hi Experts, 1. Does firewall inspect UDP traffic like TCP, do I have to allow return traffic for UDP. 2. for e.g: I have a rule which says traffic that's being sourced from inside (10.10.10.10 ) going to outside (20.20.20.20) on UDP port 33000 i...
I have run into an issue where redundant devices devices behind an ASA that are using it as a default GW are having problems at failover when there is a MAC change on a VIP. The cisco CSS utilizes gratuitous ARPs on failover, and until the arp cache ...
Gents, I would like to know your opinion on the below design to protect the servers of critical business applications from the operational staff. I made my ASA the Gateway for the critical business applications' servers. Means any user accessing ...
Hi, We have a FirePower 8350 appliance configured for IPS "monitor-mode" or IDS mode. The FirePower appliance connects directly to our Nexus 9k core switches. We have SPAN configured on this core switches to send a copy of the traffic to the FirePo...
I have a Firesight 1500 system running 6.2.2 I am trying to launch a manual NMAP scan of a host by going to system--tools--scheduling and selecting NMAP scan the problem is, when I select a scan, the time, etc. I don't have the option of spec...
Hi all, please for your help on the below. I am trying to rate-limit a couple of internal subnets for traffic to the Internet, to keep them from overwhelming our Internet feed (50Mbps) but the limit does not work. I have set a maximum input/ouput p...
Resolved! Asymetric NAT ASA Working?
Hi, this is a weird question, but I have this customer, that asked me to give them a reason why this was happening: They configured a static NAT on their FW. Easy one, just changing the IP source of one Server X.X.X.X, to IP address Y.Y.Y.Y; when goi...
Hi, I am working on a ASA5520 (V9.1) and have some trouble in understanding the ACL configured on the internet interface. The two ACLs are applied on the out direction of internet interface. !access-group internet_access_out out interface internet!...
Hi, We have seen a report for a malware sample with a score in the range of 70 to 80 but there is no reference to that hash in virus total. what is the way to submit the same sample for verdict-reanalysis (sandbox again or manual analysis by Talos)...
Resolved! ASA Upgrade 8.4(7)29 to 9.1(7)20
hi, i need to upgrade ASA 5550 8.4(7)29 to 9.1(7)20. per link below on upgrade path, i can directly upgrade to 9.1(7.4) but it didn't mentioned 9.1(7)20. https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/planning.html#ID-2152-0...
Hi Experts I have configured ASA 5506-X after configured saved as a startup configured and running configured as soon as i reloaded the device running configuration will go off , set back to default configuration ,, startup configured will be ther...
Resolved! ASA5506 with FirePower
Hello everyone, we got the license for the url filtering and the malware for our asa 5506 with firepower everything is working great. we need to find a way to url filter website for our lan by ip example 192.168.9.10 (is not allowed to fb and you...
Resolved! FirePower Linux Version
good day Anybody knows what is the version of linux of a firepower IPS? may be centos? ubuntu?
I ran into a little mystery that I am having trouble solving. I have a router running Classic IOS 15.6(3)M image. It originates a FlexVPN to a VPN Concentrator. I have a CBAC FW policy like this: ip access-list extended filter-internet permit icmp...
