We are currently in the process of filtering and only allowing the necessary internet access for the FMC. Where would be the best place to set up this filtering?
is it better to set up the filtering under the Access policy in the FMC (this allows the FMC to reach out to certain sites) or should we do it under the prefilter policy? or would it be better to do it under ASA access policy.
@PacketSpartan I personally would use the ACP rules to permit the required access, you can rely on URL filtering and applications (if required), which you cannot with the prefilter.
@PacketSpartan I personally would use the ACP rules to permit the required access, you can rely on URL filtering and applications (if required), which you cannot with the prefilter.
@PacketSpartan I didn't mean an application for FMC itself, I meant the applications for smtp, http etc of the destination networks/URLs the FMC would need to communicate with (as per the link you provided).
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
