Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
584
Views
5
Helpful
2
Replies

firepower

u.drechsel
Level 1
Level 1

‎05-15-2017 04:35 AM - edited ‎07-05-2021 07:01 AM

Hi all,

I'm using ASA5585-X with Firepower 6.2.0.1 and I want to blacklist old and unsecure operating systems like Windos XP and below. Does anybody know a way to do this?

Thank you in advance

Uwe

Labels:
0 Helpful
2 Replies 2

jonathan.cuthbert
Level 5
Level 5

‎05-15-2017 04:54 AM

Operating Systems are found through the FireSIGHT process (now called AVC).  This is a passive process. 

There is not an option to create objects based on OS types, thus no way to enforce on that object. 

The FireSIGHT process is meant to be informative for the security engineer. It allows you to be be aware and to discover systems you might not have known were on your network. 

If you want to block / black hole an OS, you need need ISE.  ISE can make differentiated access policy decisions based on the OS when doing posturing. 

u.drechsel
Level 1
Level 1
In response to jonathan.cuthbert

‎05-15-2017 05:41 AM

OK, than I have to wait untill we've bought our ISE.

Thank you for your quick answer.

greetings,

Uwe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card