Found answer myself, only

malikyounas · ‎09-09-2016

I am testing the firepower (ver. 6.0.0.1-26) on ASA 5525X (9.5.3).

I have access control policy applied with file and malware policies in it which are to block malware.

I have an issue where a test a malware file transfer using TFTP isnt detected by the module and is allowed to pass through. However, module detects the file If I try to use FTP for file transfer.

Any idea why it would not detect using TFTP and how it detect when using FTP.

malikyounas · ‎09-09-2016

Found answer myself, only certrain protocols are supported for inspection and TFTP is not one of them.

Firepower detects malware in FTP but doesnt detects in TFTP Transfer

Re: Dead Peer Detection

Detect Elephant Flow on Firepower Devices

Firepower file inspection/malware detection rule placement

Introducing AI-Driven DGA Detection for Enhanced Security

IOS/IOS-XE : TFTP/FTP/SCP を使用したファイル転送