Solved: Hi,

hoffa2000 · ‎03-30-2016

Hi

I'm evaluating the latest 6.0.1 release of Firesight for a possible "jump" from my current 5.4.1.5. Most things are same-same-but different but there is one thing that I miss right away in the access control policies. In 5.4.1 I get the option to, for example, block CnC IPs but only monitor Tor-exit-nodes. This option seems to be missing in 6.x and above, I only see "Global Blacklist".

I'm running a fresh VMware installation without any devices. Am I missing a license or something else?

Regards

/Fredrik

Nikhil Vaidya · ‎04-05-2016

Hi,

The security intelligence part of the product has not been removed. There is an additional feature in 6.x that lets you do URL based security intelligence, which adds to the existing IP based feature that comes from 5.x

You could be missing a protection license, or there could be connectivity issues with the server where this feed comes from. You could also try manually updating the feed from Objects > Object Management > Security Intelligence

Thanks

View solution in original post

Nikhil Vaidya · ‎04-05-2016

Hi,

The security intelligence part of the product has not been removed. There is an additional feature in 6.x that lets you do URL based security intelligence, which adds to the existing IP based feature that comes from 5.x

You could be missing a protection license, or there could be connectivity issues with the server where this feed comes from. You could also try manually updating the feed from Objects > Object Management > Security Intelligence

Thanks

What about Security Intelligence filtering in Firesight 6.X