Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,So, in Snort 2 theres an advanced setting menu and i can enable syslog from there. So in Snort 2, i can only send intrusion event to the SIEM from the intrusion policy.But, when i try to configure the same thing in snort 3, theres no advanced ...
Hello,I want to prefilter CAPWAP tunnel traffic through my FTD using prefilter policy, but unlike GRE that have predefined option, for CAPWAP i have to define it manually. Anyone ever try to do that? if so what is the correct way to do this?Should i ...
Hi, so i just updated my FMC from FMC v 6.6.5 to FMC v 7.0.4.I check the troubleshooting file and it seems like there is a problem.I check the Post_Update_DBic and found this warning :[Wed Oct 5 19:42:38 2022][WARNING][missing eo reference] database ...
Hi so i updated my FMC from v 6.6.5 to FMC v 7.0.4. This update also updated my MonetDB version from v11.37.12 to MonetDB v 11.41.25. But after i did the update the FMC start not showing event, and when i look at the CLI it say database 'eventdb' has...
Hi, i want to reimage my HA FMC because there a problem on one of the FMC MonetDB.I search through the documentations, but i didnt find any documentation about reimage FMC in HA mode.So I want to know what is the procedure to reimage HA FMC? is it th...
Hello DIvya, thanks for the response. The problem is my team only handle Firepower, the Palo Alto Firewall are handle by the other team, so i dont have any authority to configure the Palo Alto Firewall. I want to know is there a way or setting so the...
hi, thanks for the response. Im not quite understand what you mean. so i use my firepower as NG-IPS (layer 2 transparent). I have another firewall before that too (Palo alto). PC -> Proxy -> palo alto -> Firepower -> internetMy palo alto and firepowe...
hi, thanks for the response. apparently one of my AD server use PFX certificate. PFX certificate contain private key and public key, instead of normal certificate that only contain public key. What should i do about it? should i extract the .cert fil...
hi, thanks for the response. I want to bypass routing traffics with prefilter and access control policy. But the problem is i dont know how to select only these routing traffic without bypassing other traffics as well. Is there a way to only select t...
hello thanks for the response. Its seems like the solution is to manually config the router and the firepower. i want to ask, is there a way to set policy in firepower only since i managing more than 1000 routers. I cant manually config all of them. ...
