Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are getting alarms related to the "UDP Received" security event. After checking the flows, it is Microsoft Teams traffic the one triggering the security event. Is it possible to turno of this security event for traffic using a specific set of port...
Hi,I configured a CSE for alerting everytime a TLS connection using a version lower than 1.3 is made. I'm getting the flow alerts but I cannot see any URL information that helps me identifying which particular URL is not compliant. Is there any way t...
Hi,We have a hierarchical access policy where the parent policy is applied to some firewalls and child policy to others. On the parent policy we have some rules with IPS functionality enabled and all the firewalls associated to the parent policy have...
Hi,I have successfully configured the integration between FMC and ISE to trigger an ANC policy using correlation rules. My objective is to apply an authorization profile into the ANC policy that delivers the "quarantined" SGT. However, using the "Qua...
Hi,We need to replace a virtual ASA in HA (active, stand-by) which is currently in production attached to multiple service graphs, so the process must be as smooth as possible. I was thinking on setting the same IP and MAC address on the new firewall...
Hi,The TLS fields are empty, not getting populated. Anyway, I was wondering if I could see the actual hostname of the domain? Let's say I want to gather information about the domains that use a encryption version lower than TLS 1.3. Is this possible?...
Hi @SzantaiNorbert , nothing yet, still adding one by one new tags on those firewall needed. It's a pitty there is no such function to group SGTs so we just add new SGTs to the existing groups in firewall rules and forget.
Hi @balaji.bandi The setup on the link provided uses a very similar approach than me, with the only difference of applying a DACL instead of an SGT. The issue I'm facing is that, no matter if I select "reauthenticate" or "quarantine" as ANC actions, ...
Hi @Cristian Matei The new firewall is a virtual FTD, so we can consider the same as the existing Cisco ASA. A glitch in the network is expected indeed. I just wanted to ensure that this would be the best approach. Thx,
