Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
0
Helpful
0
Replies

Firepower ACP Intrusion Policy and Inspection

ChristopherCraddock66504
Level 1
Level 1

‎05-17-2021 01:12 PM

Dear Community,

 

We have implemented Firepower 2140 FTD's in a routed/inline fashion. We would like to begin enabling Inspection on some of our ACP rules (starting with the Outside -> In Rules). However, we only want the Intrusion Policy to "monitor" traffic instead of blocking it. I have a couple questions regarding this:

1) How would I accomplish this? Would I need to set up a separate rule above every rule we want to enable inspection on and have that rule in "Monitor" with Inspection enabled? Is this the best way to accomplish this?

 

2) Assuming that the inspection is working, how do we view and review the events that the Inspection Policy is flagging on? Is this viewed in the event viewer?

 

Thank you. 

0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card