Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1028
Views
0
Helpful
1
Replies

Security Intelligence Custom DNS feeds

Dan Eyster
Cisco Employee
Cisco Employee

‎08-02-2018 01:47 PM - edited ‎03-12-2019 06:51 AM

One of my customers is looking to configure a custom DNS feed in FMC.  He asked me the question what happens if the server hosting the crashes?  Does FMC lose this information?  Also, if they remove an entry from the feed, does it remove it from FMC?  

I have a feeling I know the answers, but wanted to double check for sure.

 

Thanks,

 

Dan

Labels:
0 Helpful
1 Reply 1

mikael.lahtela
Level 4
Level 4

‎08-09-2018 09:14 AM - edited ‎08-09-2018 09:20 AM

Hi,

I think firepower will continue using the old feed until it recognizes a new feed.
Tested this on my unit and when I removed the feed from hosting server, it's still blocking the same entry.

From FMC documentation.
"If the system downloads a corrupt feed or a feed with no recognizable entries, the system continues using the old feed data (unless it is the first download). However, if the system can recognize even one entry in the feed, it uses the entries it can recognize."

 

Note: There is a slight delay after the feed is updated before devices starts to use it.


br, Mikael

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card