Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1971
Views
5
Helpful
5
Replies

Cisco Firepower - AMP/URL License

Go to solution
cknox1
Level 1
Level 1

‎01-18-2021 03:00 AM

Hello,

 

 

I have a Cisco Firepower in place and I wanted to check what happen when an AMP/URL Filtering license expires. Will the Firepower policy stop working (Stops filtering traffic) or does the policy continue to work but I cannot make changes to the existing policy?

 

Any help please?

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP

‎01-18-2021 05:30 AM

The FTDs will not stop passing traffic, however, you will not be able to do any new configurations that require the expired license.  Also, any subscriptions to the cloud for VDB database, AMP, etc. will stop being updated so the FTD can only use the old outdated rules.

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-18-2021 06:07 AM

It's as @Marius Gunnerud noted.

Your existing URL Filtering and File (AMP) policies will continue to be available and enforced. However whenever you next make any change to the Access Control Policy, FMC will not allow you to deploy it until you remove all references to the unlicensed features in the rest of the policy.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-18-2021 03:17 AM

yes as per my experience, they stop working once the License expiry and you will not get any updates from AMP.

it all depends on what policy is this, is this policy required to connect AMP process  ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
cknox1
Level 1
Level 1
In response to balaji.bandi

‎01-18-2021 04:01 AM

Hi thank you for response, 

 

ASA Traffic is being sent to Firepower and AMP/URL licenses are applied - Yes I have this license there so I can have those additional features.

 

So it will not filter traffic anymore after expiry? so traffic will be unfiltered?

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP

‎01-18-2021 05:30 AM

The FTDs will not stop passing traffic, however, you will not be able to do any new configurations that require the expired license.  Also, any subscriptions to the cloud for VDB database, AMP, etc. will stop being updated so the FTD can only use the old outdated rules.

--
Please remember to select a correct answer and rate helpful posts

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-18-2021 06:07 AM

It's as @Marius Gunnerud noted.

Your existing URL Filtering and File (AMP) policies will continue to be available and enforced. However whenever you next make any change to the Access Control Policy, FMC will not allow you to deploy it until you remove all references to the unlicensed features in the rest of the policy.

0 Helpful

Go to solution
cknox1
Level 1
Level 1

‎01-18-2021 08:06 AM

Thnk you guys! this helps a lot

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card