Solved: I think I am missing some options under IPS settings

SIMMN · ‎10-04-2018

Within my FMC (6.2.0.2), navigate to "Policies > Access Control > Intrusion" and then open to edit my IPS policy.

When I click on "Advanced Settings", I only got "Sensitive Data Detection" under Specific Threat Detection. Like screenshot below. I am looking for "Rate-Based Attack Prevention". Am I looking at the wrong page on FMC?

I do have protection classic license on FMC. Please advise!

Marvin Rhoads · ‎10-04-2018

Try choosing. Policies > Access Control, then click Network Analysis Policy. you should see an option like this when editing that policy:

View solution in original post

Marvin Rhoads · ‎10-04-2018

Try choosing. Policies > Access Control, then click Network Analysis Policy. you should see an option like this when editing that policy:

SIMMN · ‎10-05-2018

Thanks!

SIMMN · ‎10-05-2018

@Marvin Rhoads, if I could ask for this scenario:
I want to prevent password brute-force to our webmail server with Rate-Based Attack Prevention and just one webmail server. I would configure a rule under Control Simultaneous Connections, track by source with max connection 10, timeout 60 and action drop. what would be the value put into network field though? Can I use 0.0.0.0/0?