02-11-2020 08:03 AM
Hi,
I am having a firepower 2140 appliance which is running on ASA OS 9.x. Can I add a URL filtering capability to it. What would be the pre-requisites and licence required for the same.
Note: We do not have FMC and we manage the device over CLI as of now.
Thanks.
02-11-2020 09:08 AM
Hello Anant-
If you want to run URL Filtering on the device, you will need to complete a few steps:
1. The appliance needs to be re-imaged to run Firepower Threat Defense (FTD) instead of ASA since URL Filtering is a feature in FTD
2. You will need to obtain FTD URL Filtering License
3. You will need a way to manage FTD software. This can either be done through the on-box UI (FDM) or through a centralized management (FMC)
I hope this helps!
Thank you for rating helpful posts!
02-11-2020 09:03 PM
As Neno impied, you can't really do that running ASA image.
There is some very old rudimentary regex pattern matching you can do on ASA but I've never seen it used (outside the Cisco exams :).
You either need to convert entirely to FTD or do URL Filtering on a different device or service (for example, using Cisco Umbrella or WSA).
02-11-2020 09:51 PM
Touche Marvin! You can indeed do regex based URL filtering in the ASA! :)
Thank you for rating helpful posts!
02-13-2020 10:21 AM
Is it legal to reimage and use FTD if FTD Base license was not purchased?
02-13-2020 09:11 PM
Technically you don't have right to use commercial software you haven't purchased. I'll leave the question of legality up to the lawyers.
Also, FTD will require a Base license (after the evaluation period) even if you don't want or need to more advanced licensed features like IPS subscription, URL Filtering or Advanced Malware Protection.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide