Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
424
Views
0
Helpful
1
Replies

Doubt About IPS - Firepower

crusier2015
Level 1
Level 1

‎11-19-2016 12:16 PM - edited ‎03-12-2019 06:12 AM

Hi,

Suppose that I configure the follow, the IPS function will audit and act only based on traffic redirect for module as configured?

class-map SFR
match access-list SFR


policy-map global_policy
class SFR
sfr fail-open

access-list SFR extended permit tcp any any eq http
access-list SFR extended permit tcp any any eq https

 tks

Labels:
0 Helpful
1 Reply 1

Oliver Kaiser
Level 7
Level 7

‎11-28-2016 11:48 AM

Your current configuration will forward all tcp/80 and tcp/443 traffic to your firepower module for inspection. If drop is configured in your ips policy on firepower, traffic will be tagged and dropped by asa. If you only want to monitor traffic using your module, you may want to adapt your configuration to monitor-only mode.

ASA(config) # policy-map global_policy
ASA(config-pmap) # class SFR
ASA(configäpmap-c) # sfr fail-open monitor-only

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card