Network Security

ASA5516-X: Usefulness of the AgentService.exe process

Hello, One of our servers has this executable:\Cisco Systems, Inc\Cisco Firepower User Agent for Active Directory\AgentService.exe-What is the use of this process?-Why does it do exec RPC on remote machines?-If we remove it what is the impact on our...

FMC Insider Threat/Malware Detection Across the LAN

In regards to Cisco's Threat Deteaction how would you scan for insider threats if the device doesn't have the Secure Endpoint software installed? Situation: The LAN is setup with Cisco Firepower FMC monitoring with AMP for Endpoints or (Secure Endpo...

Resolved! Packet tracer with firepower application IDs

Hello, I recently started updating my ACL rules on my FTD devices in FMC from using ports to using application filters. The problem I've been running up against is trying to use packet tracer to identify what rule will get hit in a given scenario. It...

Resolved! FTD Nat Question

HiIs it possible to Nat to another device so if I have a public IP natting to a Private IP does that private IP have to reside on the FTD or can it somehow be forwarded on to private IP (server) routing is inplace between FTD and Server.??? Thanks

Wildcard domain matching on the FTD

I am trying to limit internet access for a server that needs access to several wildcard based domains and I can't figure out if that is possible on a Firepower FTD managed by FMCAs an example, one of the requirements is*.compute-*.amazonaws.com - TCP...

Resolved! Adding pre-configured FTD to FMC

Hello Community!!! I have a question. I know how the process is to add a FTD into a FMC. The thing is that I don't want to lose the configuration that I have on the FTD because we have VPN S2S, SSL, NAT, Policies, and so on. My question is, addin thi...

Resolved! Is it possible to move existing rule into prefilter policy within FMC

Our FMC and FTDs are running 6.6.4. We have some rules that fit better into the prefilter policy, so it it possible to take a rule that is in the standard ACP and move it into the prefilter policy, or will it have to be recreated? Thanks

Resolved! Native Vlan mismatch

I am getting a vlan mismatch all though I have configured the native vlan on both interfaces as vlan 30 interface FastEthernet0/22switchport trunk native vlan 30switchport trunk allowed vlan 10,20,30switchport mode trunk This is the configuration on ...

Lost one of FTD device in HA Configuration

I have two Cisco Firepower 2110 in HA Configuration. I tried to perform version upgrade from 6.4. to 6.6. I got Device2 (Standbyd device) upgraded to 6.6. But the Device1 (Primary) failed the update. And the Device1 i showing up in maintenance mode a...

Cisco FMC/FTD Breaking HA

Hi there, I got a Cisco vFMC with two Cisco Firepower configured as HA pair. At present the Secondary unit is Active. We got an issue with the Primary unit and have to perform factory-reset. I got a couple of questions: 1) Do I have to break the HA ...

IOS XE 9300 WLAN September Security Updates?

Which version of IOS patches this advisory?Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability I can't find any IOS XE version released around the date of the advisory. The newest version I ...

Using ASA management interface for SNMP and NetFlow traffic

We have two ASA 5525Xs who's management interface is on our OOB management network (172.16.8.0/22). Until now, the ASAs were sending SNMP (for port traffic) and NetFlow traffic to a server (172.16.4.45) on one the ASAs standard interfaces (172.16.4.0...

VPN tunnel does not traffic

HelloI created a site to site tunnel. The vpn is up but the truffic does not pass. Attached the logs found.Cordially

Resolved! Network Link Encryption

Hi all, hope to find everyone well in this timesI had a request from a costumer where he said that I need to have all the network links encrypted but I have no clue how to implement this.Basically the core of the network is comprised by Cisco 9300L i...

Resolved! Two default routes in FTD-2130

Hello guys, I'm using FTD-2130 version 6.3.0 managed by FMC version 6.5.0, how can we use two default routes to the Internet ...

Network Security

Forum Posts

ASA5516-X: Usefulness of the AgentService.exe process

FMC Insider Threat/Malware Detection Across the LAN

Resolved! Packet tracer with firepower application IDs

Resolved! FTD Nat Question

Wildcard domain matching on the FTD

Resolved! Adding pre-configured FTD to FMC

Resolved! Is it possible to move existing rule into prefilter policy within FMC

Resolved! Native Vlan mismatch

Lost one of FTD device in HA Configuration

Cisco FMC/FTD Breaking HA

IOS XE 9300 WLAN September Security Updates?

Using ASA management interface for SNMP and NetFlow traffic

VPN tunnel does not traffic

Resolved! Network Link Encryption

Resolved! Two default routes in FTD-2130

FMC 7.4.2.1: Missing active sessions in Remote Access VPN dashboard

FTD migration

FTD not recovering RADIUS server down

FMC 7.4.2.1-30 unsets/sets DNS domain-name every day

Cisco FTD SNMP OIDs for Site-to-Site and Remote Access VPN

L-CSF1230-TMC-3Y 's TOP SKU

FMC error has unknown CPU number

Cisco FirePower

keep security zone on FMC

Functionality Differences Between FPR Models