Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
662
Views
0
Helpful
1
Replies

Prefilter Analyse to ACP

GRANT3779
Spotlight
Spotlight

‎09-18-2018 12:31 AM - edited ‎03-12-2019 06:58 AM

Hi CSC, 

 

If we have a prefilter policy and there is a line with action to anslyse, i know this is then sent to the ACP. What I am wondering is, does there also need to then be an ACP line to match that same traffic again or is is sent directly to the snort engine from the prefilter rule?

Labels:
0 Helpful
1 Reply 1

Ajay Saini
Level 7
Level 7

‎09-18-2018 03:18 AM

Hello,

 

You would need another ACP that matches traffic and action set as allow to be able to send to IPS or Malware engine for further analysis.

If the traffic does not match any ACP rule, then it will go to default action which can be set as multiple actions like block all or IPS policy etc.

 

HTH
AJ

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card