10-04-2018 05:43 PM - edited 03-12-2019 07:01 AM
Within my FMC (6.2.0.2), navigate to "Policies > Access Control > Intrusion" and then open to edit my IPS policy.
When I click on "Advanced Settings", I only got "Sensitive Data Detection" under Specific Threat Detection. Like screenshot below. I am looking for "Rate-Based Attack Prevention". Am I looking at the wrong page on FMC?
I do have protection classic license on FMC. Please advise!
Solved! Go to Solution.
10-04-2018 09:25 PM
Try choosing. Policies > Access Control, then click Network Analysis Policy. you should see an option like this when editing that policy:
10-04-2018 09:25 PM
Try choosing. Policies > Access Control, then click Network Analysis Policy. you should see an option like this when editing that policy:
10-05-2018 03:17 AM - edited 10-05-2018 04:40 AM
Thanks!
10-05-2018 05:55 AM - edited 10-05-2018 10:23 AM
@Marvin Rhoads, if I could ask for this scenario:
I want to prevent password brute-force to our webmail server with Rate-Based Attack Prevention and just one webmail server. I would configure a rule under Control Simultaneous Connections, track by source with max connection 10, timeout 60 and action drop. what would be the value put into network field though? Can I use 0.0.0.0/0?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide