Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1218
Views
0
Helpful
1
Replies

Creation of Prefilter -FMC

PradeepkumarPalanisamy47330
Level 1
Level 1

‎11-19-2019 01:07 AM - edited ‎02-21-2020 09:42 AM

The affected device uses the same base access-control policy (and same pre-filter policy) as all our other inline firewalls. Where we have sites that need additional rules, we create a child policy that inherits from the base access-control policy. I want to do something similar for our pre-filter policy – the alternative is to create new access-control/pre-filter policy pairs for each site that is affected by this bug (which will be difficult from a management point of view) or configure exemptions in the base pre-filter policy (which runs the risk of allowing potentially unwanted traffic flows)

 

Can anyone help me?

0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎11-20-2019 08:28 PM

Hi there! Have you considered using "Trust" rules in your ACP instead of pre-filter rules? That way you can still use the policy nesting and all of your rules would be in one spot.

Thank you for rating helpful posts!

Thank you for rating helpful posts!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card