Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2230
Views
0
Helpful
4
Replies

Cloud lookup

Go to solution
keithcclark71
Level 3
Level 3

‎05-10-2017 06:37 AM - edited ‎03-12-2019 06:23 AM

On the FMC when navigating to /var/sf/cloud_download/ and opening up sfrep_catg I see all the categories but not the actual IP references to the category  a774acd8-8240-11e0-9682-6814b504fd01 ( for example this is referencing Real Estate category) 

How can I see the associated IP's or URL definitions associated with the above Real Estate category? I have found the SI IP feed IP's but would like to also know URL, DNS feed definitions. Anyone happen to know this info???

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to keithcclark71

‎05-10-2017 08:05 PM

It should appear as follows (Analysis > Lookup >URL):

My system is also a virtual appliance. FTD vs. FirePOWER modules should not matter. Do you have an active URL Filtering license?

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-10-2017 09:20 AM

You cannot get a plain text listing of all of the contents of the feed definitions.

For the URL feed, Cisco currently uses the Brightcloud service. You can lookup a given URL there or, if you have updated your FirePOWER to 6.2+, look it up from within FMC.

http://www.cisco.com/c/en/us/td/docs/security/firepower/620/relnotes/Firepower_System_Release_Notes_Version_620/new_features_and_functionality.html

URL Lookups

This feature allows you to perform a bulk lookup of URLs (up to 250 URLs at a time) to obtain information, such as reputation, category, and matching policy. You can also export the results as a file of comma-separated values.

The feature reduces the manual work necessary to determine if your organization is protected against a malicious URL or if you should add a custom rule for a specific IOC. You can use this feature to reduce the number of custom rules, which in turn reduces the chance of performance degradation due to extensive custom rule lists.
0 Helpful

Go to solution
keithcclark71
Level 3
Level 3
In response to Marvin Rhoads

‎05-10-2017 10:56 AM

I have updated FMC to 6.2 but it is Virtual appliance(Vmware platform) I am not running and Firepower Defense devices rather just ASA SFR Modules. SHould I still have this URL lookup available as I can't seem to locate 

Model Cisco Firepower Management Center for VMWare
Serial Number None
Software Version 6.2.0 (build 362)
OS Cisco Fire Linux OS 6.2.0 (build42)
Snort Version 2.9.10 GRE (Build 42)
Rule Update Version 2017-05-09-001-vrt
Rulepack Version 1898
Module Pack Version 2172
Geolocation Update Version 2017-05-01-002
VDB Version build 279 ( 2017-01-31 19:40:06 )
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to keithcclark71

‎05-10-2017 08:05 PM

It should appear as follows (Analysis > Lookup >URL):

My system is also a virtual appliance. FTD vs. FirePOWER modules should not matter. Do you have an active URL Filtering license?

0 Helpful

Go to solution
keithcclark71
Level 3
Level 3
In response to Marvin Rhoads

‎05-11-2017 07:32 AM

Thanks Marvin

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card