08-28-2014 04:50 PM
I am using device level IPS and malware protection on my V9.2.1.2 ASA-CX box at the device level. I have run into a few sites that have low reputation and trigger a block but that I need to access. Since device level protection applies to all access polices where could I create a reputation/malware exception? Do I have to disable this protection at the device level and move it into polices so I can exclude these sites by adding them to policies that do not have malware protection turned on?
Thanks,
Diego
11-04-2014 09:48 AM
Hi Diego,
I have the same issue. I tried to add a new policy without any reputation profile and with a more permissive profile but it seems it doesn't override the device level policy.
Have you been able to find a solution?
Thx
Tan
11-04-2014 10:35 AM
Negative. I ended up removing the device level profiles. Then I created policies without IPS/malware profiles that matched the problem web sites. I then had to add my IPS and malware profiles to all remaining policies. Very inefficient but it worked for me.
Rgds,
Diego
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide