04-25-2023 08:02 AM
Im having trouble with one user working and saving a word document to our file server over VPN. Firepower keeps blocking it as malware, but looking at the file there is no obvious signs of malware. Firepower doesnt appear to give me any reason why it thinks its malware. In event log, there is nothing under detection name.
I am adding it to the clean list, but the user is making new doc files based on a template file, and each time the new file gets flagged. Ive checked the template and new files and there no reason for it to be malware. What do I do?
04-25-2023 09:20 AM
04-25-2023 10:11 AM
It is in the logs. I said there is nothing under detection name column in the log entry. We only have one file policy which is pretty much default.
04-25-2023 10:57 AM
Hi, what is the configuration of the file policy assigned to the matched acp rule? Post that.
04-25-2023 11:02 AM
04-25-2023 11:36 AM
04-26-2023 05:40 AM
Im not able to run the command. Command not found. Maybe because thats for FTD, and Im running FPMC?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide