Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1246
Views
0
Helpful
0
Replies

Firepower Management Center inspects Multicast traffic???

p.juarezponte
Level 1
Level 1

‎10-17-2018 01:54 AM - edited ‎02-21-2020 08:21 AM

Hello community,

I am trying to inspect some traffic and I am facing some troubles.

1.- Traffic is being sent using multicast. Does Firepower inspect that flow?

It seems that it does but I can't show it as an event.

UDP RED_TRANS_1  239.3.31.20:4021 ESPINA  10.3.31.20:46237, idle 0:00:00, bytes 2683898, flags X

2.- The traffic uses Asterix protocol but Firepower doesn't recognize that application. I think I can inspect that traffic checking the ports which uses (in an access control rule) and applying an IPS rule.

May I create a new application?

3.-I created a new rule, where I want to check the first two bytes which should be a known value.

This is how I created:

Asterix category 34.png

If first byte value is 34 in decimal, should I put in "content" that value in HEX or in decimal?

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card