We are a small ISP with about 600 customers. Our aggregate through our ASA 5515x hits about 320 mbps.
A speedtest shows that it can do about 860 mbps up/down without FirePower. With a typical Firepower inline configuration, we get about 220 mbps.
P...
We set up botnet filtering yesteray. We have about 300 users behind the ASA-5510. What a great tool! But, the filter claims that we have about 70 "infected machines".I investigated some of the IPs, like 173.194.79.99. That IP b...
I assume using an IMIX profile would return throughput less than a speedtest, for example.
We have an ASA5515. Without Firepower, we get about 900 mbps to a decent speedtest site.
We are blocking Torrents, Malware, but no IDS. We are getting 300 mb...
We are managing with FMC running under VMWare. I'd rather see the alerts on FMC.
I do have this configuration, with my File policy looking like:
If I select Malware cloud lookup under "action", it just looks up? Otherwise I'd select "block malwar...
I think these are all pop-up ads. I thought about white-listing, but we've been blcking thousands of hits with no complaints.We've seen pop up ads that contain malware, so unless someone complains, we'll not white-list.What is ambiguoius, I wonder? ...
90% of the blocked IPs on my Botnet filter are from backplane1.janrainbackplane.com, port 443None of the hosts, perhaps 50, have complained about problems.I have no idea why. -Robert
We did a bit of sniffing and found tha the "infected" hosts we not actually infected, Most often the user was visiting a compromised ecommerse site (usually built with an outdated version of Wordpress) and these site were redirecting to a malware s...
