Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1479
Views
5
Helpful
3
Replies

Blocking netflix on Firepower running FTD

spfister336
Level 2
Level 2

‎03-23-2022 12:45 PM

We have a Firepower 4115 that we just recently migrated from ASA to FTD. We are looking to block netflix. We don't yet have the licensing in place to do URL filtering, so we have defined a netflix.com FQDN object and have an access list rule to block that. This seems to only work part of the time. We believe it was working correctly under ASA. Is it possible to block netflix at the firewall without URL filtering?

0 Helpful
3 Replies 3

Mike.Cifelli
VIP Alumni
VIP Alumni

‎03-23-2022 01:00 PM

Since the FQDN option is hit or miss for your scenario I would recommend testing the block via application filters.  If you edit your ACP go to applications tab and search for Netflix.  There should already be Cisco provided Netflix filters.  HTH!

0 Helpful

carstenlymann1
Level 1
Level 1

‎03-23-2022 01:05 PM

I think you need URL license to do it proberly.. And i think the reason you see the block with fqdn netflix.com only works part of the time, is if users go to netflix.yyy then your acl wont block it. I dont know if you can do a wildcard fqdn in your access list so netflix.* and problably you should do *netflix.* if possible.

Please remember to select a correct answer and rate helpful posts
/ Carsten
0 Helpful

Sheraz.Salim
VIP
VIP

‎03-23-2022 02:21 PM - edited ‎03-23-2022 02:35 PM

you can also use the Security Intelligence Lists and Feeds  

Security Intelligence functionality requires the Threat license (for FTD devices) or the Protection license (all other device types).

Security Intelligence lists and feeds are collections of IP addresses, domain names, and URLs that you can use to quickly filter traffic that matches an entry on a list or feed.

 

 

you can use the Application filtering as mentioned but To add more into this you can create a text file and get the ip addresses for the netflix by using DNS.

for example

my laptop show nslookup netflix as,

Name: netflix.com
Addresses: 2a05:d018:76c:b683:a2cd:4240:8669:6d4
2a05:d018:76c:b685:e8ab:afd3:af51:3aed
2a05:d018:76c:b684:8ab7:ac02:667b:e863
3.251.50.149
54.155.178.5
54.74.73.31

 

which ever geo location you in you do nslookup and upload the file (if you using FMC) go to objects-->security intelligence-->network list and feeds--->Add network list and feeds---> here a pop up will appear called it any name you want in "Type" call your text file and upload it.

 

now go back to your ACP. you will see these tabs,

netflix.PNG

please do not forget to rate.
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card