Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
401
Views
5
Helpful
2
Replies

FTD Firepower Policy

Go to solution
Fotiosmark
Level 1
Level 1

‎03-14-2018 03:38 AM - edited ‎02-21-2020 07:30 AM

Hi Team!

 

I am having some "trouble/issue" with setting a Policy in the FMCv.

I have manage to create a Malware policy to block Malware (Block with reset), Ok that works fine.

But at the same time when I am downloading the same Malware with HTTPS/SSL, it allows it!????!??!?

The same is with PDF files. I have created a policy to Block PDF files. Thats fine except when HTTPS is used which allow them.

 

Any thoughts?

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Octavian Szolga
Level 4
Level 4

‎03-14-2018 08:25 AM

Hi,

 

Have you configured an SSL decryption policy?

If not, that's normal. You can't block what you can't see.

HTTP is clear-text, HTTPS is encrypted. Being encrypted, means (by default at least) that you don't have any data visibility from sensor's perspective.

 

Regards,

Octavian

View solution in original post

2 Replies 2

Go to solution
Octavian Szolga
Level 4
Level 4

‎03-14-2018 08:25 AM

Hi,

 

Have you configured an SSL decryption policy?

If not, that's normal. You can't block what you can't see.

HTTP is clear-text, HTTPS is encrypted. Being encrypted, means (by default at least) that you don't have any data visibility from sensor's perspective.

 

Regards,

Octavian

Go to solution
Fotiosmark
Level 1
Level 1
In response to Octavian Szolga

‎03-14-2018 08:39 AM

Indeed, :)
Do I configure the decryption policy from Acess Control - SSL - Create Rule? Because under that, there are choices as Decrypt - Resign, Decrypt - Known Key - Block - Block with Reset
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card