cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

646
Views
5
Helpful
2
Replies
Highlighted
Beginner

Disable Security Intelligence on FTD Access Control Policy

This might sound strange but I want to have a policy on a 2110 FTD Appliance that does not use Security Intelligence.

 

The firewall is an internal device that is used to screen PCI users from the rest of the network, as such it is not able to communicate with the outside world - so I don't need the DNS scannig features - also I haven't bought a threat license for the devices.

 

I have deleted the DNS Feeds but it still seems to want to use this.

 

Is it possible to remove the Security Intelligence section completely - or is this a way to force you to buy a threat policy for every firewall?

 

Thanks

 

Giles

2 REPLIES 2
Highlighted
Cisco Employee

Re: Disable Security Intelligence on FTD Access Control Policy

Hi Giles,

 

You can't remove the Security intelligence tab/option. If you don't wish to use it, remove all the categories from blacklists which will make sure nothing is blocked by this feature.

Screen Shot 2018-06-18 at 6.13.55 PM.png

 

For the DNS policy, use the default one and edit the policy and rules and disable both blacklist and whitelist.

 

Hope it helps,
Yogesh

 

Highlighted
Beginner

Re: Disable Security Intelligence on FTD Access Control Policy

HI Yogesh

 

That almost completely worked, I don't have any license errors on the FTD policy but I now have the firewalls complaining that the feeds (which they are not using are out of date). Any idea on how to clear this one out (the firewalls were on eval before I licensed them). The only thing I can think is to remove the policies and this may cure the issue if I re-apply them. I think during eval they ran with all the features enabled.

 

Giles

Capture.PNG