This document describes the way of denying media download with help of ASA-CX (Context Aware) and issue faced by various users.
User is trying to deny mp3, avi, mp4 or mov file downloads from the prime security module on the ASA-5512CX.
The only options he have by default on this object are:
User doesn't know how to apply them for blocking the download operation or create a new category (like Video extensions).
User watched the real time event viewer to see how CX was interpreting the test mp3 download. He found he was seeing an http transaction with mime type audio/mpeg. User was then able to get a test policy to work by creating a new file filtering profile specifying Audio/mpeg in the file filter profile.
Below are screenshots showing test object and the results of a deny (click to enlarge):
Another user manage to block the mp3 file downloads, but he was having problems with the mp4 and avi policies. As as suggested, he captured the packet via time viewer. according to the package it has a content type of "video/mp4".
but when user add the video/mp4 string to the File Filetr it gives this error
"strings indices must be integers"
instead of "video/mp4" use "*/mp4", the application let the user to introduce that string.
But when user tests the policy by downloading something on mp4 format it let the user do it.It looks like a bug so need to wait for patch or fix.
Hello All, One of our customer has 2 Cisco ESAs running in a cluster. Currently they have two MX records published in public DNS with same preference (say 10). The customer has F5 load balancer and now they are asking whether it is possible to place ...
Hey,I don't get the followingnat (outside,dmz) source static any any destination static 22.214.171.124 126.96.36.199 unidirectional no-proxy-arp1) Why does the ASA respond using Proxy ARP for the global address? (The asa's own interface is 188.8.131.52/24)2) ASDM warns abo...
Hello,We would like to test the ESA/SMA SNMP trap sending. What is the easiest way to send SNMP trap? We can't give the machine a task that keeps CPU utilization high enough to generate SNMP trap so we need an alternative solution that is usable both in E...
As of June 2020, the Cisco ISE pxGrid App for QRadar Ver 1.1.0 is officially Validated and released by IBM, available for download from IBM XFE. Access the link to download app here.
The Cisco ISE pxGrid App V1.1 supports Cisco Identity Se...