- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 07:28 AM - edited 02-21-2020 09:48 AM
How do I configure an email alert message for something logged in the Firepower Management Center?
Solved! Go to Solution.
- Labels:
-
Other Network Security Topics
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 07:47 AM
If you intend to be alerted if a malware is detected in network, then you'd achieve that through correlation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 07:31 AM
Please clarify, the subject of this question and the body seem to be talking about two different requests.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 07:47 AM
If you intend to be alerted if a malware is detected in network, then you'd achieve that through correlation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 08:10 AM
Thanks for the reply. I basically want to be alerted if the file access policy detects a bad file and blocks it. The "action" tab is misleading in the rules of the policy itself. What is the difference between block files and block malware? I just want to know about if the policy did find something and it blocked a file whether is malware or blocked it for other reasons, without manually going to the dashboard.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 08:25 AM
Blocking a file would block all defined files (e.g *.pdf) regardless of whether the file was malware or not, it does not query the AMP cloud. Whereas block malware would obviously block a file if it was determined to be malicous.
HTH
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 10:27 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2020 08:24 AM
Thanks for leading me into the right direction. I have created a correlation rule and configured an alert via Policies -> Actions->Alerts then Advance Malware Protection alerts and it worked. Thank you.
