Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3703
Views
10
Helpful
3
Replies

FMC AMP for Network Status

Go to solution
Zachary Ballard
Level 1
Level 1

‎01-26-2020 07:03 AM - edited ‎02-21-2020 09:52 AM

I patched our FMC from 6.4.0.2 to 6.4.0.7. I am receiving a warning that states " Successfully connected to cloud, Number of files detected in traffic exceeds module threshold." 

 

Is this something that will clear itself up in time? This warning was not present before patching.

 

Thanks!!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-27-2020 09:51 AM

The patch may have made something visible that was there all along.

The message is indicating that you have sent more than 200 files in a 24-hour period to AMP cloud for ThreatGrid analysis. 

I usually see this when applying a file policy on east-west traffic (i.e. between users and file servers) where the policy indicates to send unknown files on for analysis.

View solution in original post

3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-27-2020 09:51 AM

The patch may have made something visible that was there all along.

The message is indicating that you have sent more than 200 files in a 24-hour period to AMP cloud for ThreatGrid analysis. 

I usually see this when applying a file policy on east-west traffic (i.e. between users and file servers) where the policy indicates to send unknown files on for analysis.

Go to solution
chamnan neang
Level 1
Level 1
In response to Marvin Rhoads

‎11-27-2024 08:44 PM

Thanks Marvin for response on this. Did you have any reference about this? 
Best regards, 
Chamnan, 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to chamnan neang

‎11-28-2024 06:44 PM - edited ‎11-28-2024 06:48 PM

@chamnan neang here are two references:

"Public cloud that processes eligible files that you send for dynamic analysis, and provides threat scores and dynamic analysis reports. Firepower supports 200 samples/day for Secure Malware Analytics analysis. "

Reference: https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/network-malware-protection.html

"In the new ThreatGrid sample limits model, these limits are the number of samples devices can upload for File Analysis per organization. All integrated devices (WSA, ESA, CES, FMC, and so on) and AMP for Endpoints are collectively entitled to 200 samples daily, regardless of the number of devices.

Note: This counter is not reset daily; instead, it works as a 24-hour rollover period. 

"

Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/215283-understand-the-error-upload-limit-reach.html#toc-hId-30642250

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card