Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
798
Views
10
Helpful
1
Replies

Block Firefox usage with Access Control Policy

matthew.goli1
Level 1
Level 1

‎03-15-2018 02:05 PM - edited ‎02-21-2020 07:31 AM

Hello,

 

Running FirePOWER Services Module version 6.2.2.2 on ASA 5525.  

 

We are attempting to set an access control policy to block the usage of Firefox to browse internet sites.  My rule specifies that the source zone is my INSIDE zone, there is no destination zone defined.  I am matching on the application "Firefox"and performing a "Block with reset" action and logging the event to the event viewer.

 

The application block is working for normal http traffic, but it is not working for https traffic.  In fact I am not even seeing the https traffic in the event viewer.  What am I overlooking that would allow the module to identify the SSL firefox traffic?

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-18-2018 08:01 AM

Without an SSL decryption policy in place, the SSL traffic will have things like the user-agent inside the encrypted payload. Thus your Firepower will be unable to inspect it and take the appropriate action (Block, Allow etc.).

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card