?
Solved

Cisco asax sourcefire Ips

Posted on 2016-07-19
7
Medium Priority
?
83 Views
Last Modified: 2016-08-01
Hi,
i have a Cisco ASAx with sourcefire IPS.
I'am tryng to perform a rules for deny a particular url like http://www.myname.com/etc/etc.

Is this possible or i need URL filtering license ?
Thank you.
Mauro
0
Comment
Question by:Pelitti
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 14

Accepted Solution

by:
SIM50 earned 2000 total points
ID: 41719159
You can block it without URL filtering license. URL filtering license is needed for reputation and category based rules.
0
 

Author Comment

by:Pelitti
ID: 41719167
Thank you.

Does anyone already try this?

Thank you.
Mauro
0
 
LVL 9

Expert Comment

by:Ian Arakel
ID: 41722293
Hi there,

Is the setup integrated with and AD for user based access?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 57

Expert Comment

by:Pete Long
ID: 41737352
how you do this depends on whether you are using the FMC aplliance or managing the SFR module directly from the ASDM?

If it's the latter, see this article ASA 5506-X / 5508-X Setup FirePOWER Services (for ASDM)

Scroll down to 'Blocking a Particular URL with FirePOWER Services'

If you are using the FMC, Let me know, and I'll create a new article for that.

Regards,

Pete
1
 

Author Comment

by:Pelitti
ID: 41737364
Hi,
thank you.
I am using FMC, but i am able to perform the step.
I will like to perform this by a new rules.
What i need is something like: This url is ok if an ip address perform a request in a second, is not ok and i need to drop it if an ip address perform 8-10 request in 2 seconds.

Thank you.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 41737419
Ohh thats a good question! Is this just for one IP/group? Normally I'd do this will a Policy framework rather than the FirePower?

Pete
0
 

Author Comment

by:Pelitti
ID: 41737429
Maybe I should open a new question.
I would do this for any ip, not for a preset.

Best regards.
Mauro
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question