Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
756
Views
0
Helpful
0
Replies

File Policy / IPS dependency

GRANT3779
Spotlight
Spotlight

‎03-31-2022 10:36 AM

Hi CSC, 

 

Reading the following from the Firepower configuration guide (in bold) 

 

So If I had a rule within my ACP and attached a file policy matching FTP/Block Malware is this saying that unless my default action is IPS/Drop Inline then matching traffic won't get dropped? If I had Allow all traffic as a default action what would be the case here? Not sure I understand fully what is meant from the info below. Is the file policy dependent on having an intrusion policy with drop inline? 

 

For an access control policy using a file policy with Block Malware rules for FTP, if you set the default action to an intrusion policy with Drop when Inline disabled, the system generates events for detected files or malware matching the rules, but does not drop the files. To block FTP file transfers and use an intrusion policy as the default action for the access control policy where you select the file policy, you must select an intrusion policy with Drop when Inline enabled.

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card