03-14-2020 10:27 AM
To block a sha-256 on Cisco FMC are these the steps I need to take?
Or is simply doing step 1 sufficient? @Marvin Rhoads has a great explanation HERE but if I do have to move into step 2 I don't see a way to point back to the Custom-Detection-List in step 1. Thank you for your time -Alan
Step 1
Step 2
Step 2 (continued)
Step 3
解決済! 解決策の投稿を見る。
03-15-2020 05:18 AM
When you create (and assign via your Access Control Policy) a file rule with the action of "Block Malware" (as you have) or "Malware Cloud Lookup" and hit a matching file type, Firepower will automatically check for a match in the customer file list you've created.
Think of it kind of like Cisco's Security Intelligence feed for IP blacklist. As long as you're evaluating the traffic, it's automatically checked.
03-15-2020 05:18 AM
When you create (and assign via your Access Control Policy) a file rule with the action of "Block Malware" (as you have) or "Malware Cloud Lookup" and hit a matching file type, Firepower will automatically check for a match in the customer file list you've created.
Think of it kind of like Cisco's Security Intelligence feed for IP blacklist. As long as you're evaluating the traffic, it's automatically checked.
エキスパートの回答、ステップバイステップガイド、最新のトピックなどお気に入りのアイデアを見つけたら、あとで参照できるように保存しましょう。
コミュニティは初めてですか?これらのヒントを活用してスタートしましょう。 コミュニティの活用方法 新メンバーガイド