Solved

Cisco asax sourcefire Ips

Posted on 2016-07-19
7
63 Views
Last Modified: 2016-08-01
Hi,
i have a Cisco ASAx with sourcefire IPS.
I'am tryng to perform a rules for deny a particular url like http://www.myname.com/etc/etc.

Is this possible or i need URL filtering license ?
Thank you.
Mauro
0
Comment
Question by:Pelitti
7 Comments
 
LVL 13

Accepted Solution

by:
SIM50 earned 500 total points
Comment Utility
You can block it without URL filtering license. URL filtering license is needed for reputation and category based rules.
0
 

Author Comment

by:Pelitti
Comment Utility
Thank you.

Does anyone already try this?

Thank you.
Mauro
0
 
LVL 9

Expert Comment

by:Ian Arakel
Comment Utility
Hi there,

Is the setup integrated with and AD for user based access?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 57

Expert Comment

by:Pete Long
Comment Utility
how you do this depends on whether you are using the FMC aplliance or managing the SFR module directly from the ASDM?

If it's the latter, see this article ASA 5506-X / 5508-X Setup FirePOWER Services (for ASDM)

Scroll down to 'Blocking a Particular URL with FirePOWER Services'

If you are using the FMC, Let me know, and I'll create a new article for that.

Regards,

Pete
1
 

Author Comment

by:Pelitti
Comment Utility
Hi,
thank you.
I am using FMC, but i am able to perform the step.
I will like to perform this by a new rules.
What i need is something like: This url is ok if an ip address perform a request in a second, is not ok and i need to drop it if an ip address perform 8-10 request in 2 seconds.

Thank you.
0
 
LVL 57

Expert Comment

by:Pete Long
Comment Utility
Ohh thats a good question! Is this just for one IP/group? Normally I'd do this will a Policy framework rather than the FirePower?

Pete
0
 

Author Comment

by:Pelitti
Comment Utility
Maybe I should open a new question.
I would do this for any ip, not for a preset.

Best regards.
Mauro
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Read about achieving the basic levels of HRIS security in the workplace.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now