Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1850
Views
10
Helpful
9
Replies

How to retrieve IPS Policies from Firepower Management System or Appliance

Go to solution
Tang-Suan Tan
Level 1
Level 1

‎06-03-2020 06:06 PM - edited ‎06-03-2020 06:17 PM

Hi all,

 

I have tried to retrieve the IPS Policies from Cisco IPS by Firepower Management Centre (FPMC) or by Appliance itself but I am unable to.

 

May I knwo any way to retrieve the IPS policies either from the IPS systems (FPMC or Appiance) or from its backup file?

 

Plaese advise. Thanks!

 

regards,

Tangsuan Tan

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Tang-Suan Tan

‎06-03-2020 06:52 PM

The IPS policies (thousands of rules) cannot be exported directly.

You can export a report of the Access Control Policy (ACP) and related elements. At the top level view in FMC of Policies > Access Control click on the small report icon on the right side of the screen next to the ACP.

View solution in original post

Go to solution
caroldso
Cisco Employee
Cisco Employee
In response to Tang-Suan Tan

‎06-03-2020 08:17 PM

Hi Tan,

 

The policies cannot be viewed in user-readable format from the backup file. For user-readable, you could either use the below command on the managed device:

 

> show access-control-config

 

Or reporting option under the fmc.

View solution in original post

9 Replies 9

Go to solution
caroldso
Cisco Employee
Cisco Employee

‎06-03-2020 06:30 PM

Hi Tan,

 

Please refer to the below link for taking backup from Firepower:

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/backup_and_restore.html

 

You have an option to choose only "Back Up Configuration".

 

Regards,

Carol

0 Helpful

Go to solution
Tang-Suan Tan
Level 1
Level 1
In response to caroldso

‎06-03-2020 06:33 PM - edited ‎06-03-2020 06:33 PM

Hi Carol,

 

Thanks to your reply.

 

After Backup Configuration, is it anyway to extract the Policies from the Backup configuration?

 

Thanks!

 

regards,

Tangsuan Tan

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Tang-Suan Tan

‎06-03-2020 06:52 PM

The IPS policies (thousands of rules) cannot be exported directly.

You can export a report of the Access Control Policy (ACP) and related elements. At the top level view in FMC of Policies > Access Control click on the small report icon on the right side of the screen next to the ACP.

Go to solution
Tang-Suan Tan
Level 1
Level 1
In response to Marvin Rhoads

‎06-03-2020 11:25 PM

Hi Marvin,

 

Yes, I have generate the Report according to your suggestion.

Thanks to your help on this.

 

regards,

Tangsuan Tan

0 Helpful

Go to solution
caroldso
Cisco Employee
Cisco Employee
In response to Tang-Suan Tan

‎06-03-2020 08:17 PM

Hi Tan,

 

The policies cannot be viewed in user-readable format from the backup file. For user-readable, you could either use the below command on the managed device:

 

> show access-control-config

 

Or reporting option under the fmc.

Go to solution
Tang-Suan Tan
Level 1
Level 1
In response to caroldso

‎06-03-2020 11:29 PM

Hi Carol,

 

I have followed the way suggested by Marvin to retrieve from FMC.

Your method by CLI should produce the same result from FMC, right? Any way, thanks to your help on this.

 

regards,

Tangsuan Tan

0 Helpful

Go to solution
caroldso
Cisco Employee
Cisco Employee
In response to Tang-Suan Tan

‎06-04-2020 12:29 AM

Hi Tan,

Yes, It would.
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Tang-Suan Tan

‎06-04-2020 04:46 AM

The show command provided by @caroldso needs to be run on the sensor cli, not on the FMC.

0 Helpful

Go to solution
Tang-Suan Tan
Level 1
Level 1
In response to Marvin Rhoads

‎06-04-2020 07:56 AM

Hi Marvin,

 

Thanks to your advice. I got what you mean and I have tried it at the Appliance and it works.

 

regards,

Tangsuan Tan

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card