Solved

Cisco asax sourcefire Ips

Posted on 2016-07-19
7
65 Views
Last Modified: 2016-08-01
Hi,
i have a Cisco ASAx with sourcefire IPS.
I'am tryng to perform a rules for deny a particular url like http://www.myname.com/etc/etc.

Is this possible or i need URL filtering license ?
Thank you.
Mauro
0
Comment
Question by:Pelitti
7 Comments
 
LVL 14

Accepted Solution

by:
SIM50 earned 500 total points
ID: 41719159
You can block it without URL filtering license. URL filtering license is needed for reputation and category based rules.
0
 

Author Comment

by:Pelitti
ID: 41719167
Thank you.

Does anyone already try this?

Thank you.
Mauro
0
 
LVL 9

Expert Comment

by:Ian Arakel
ID: 41722293
Hi there,

Is the setup integrated with and AD for user based access?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 57

Expert Comment

by:Pete Long
ID: 41737352
how you do this depends on whether you are using the FMC aplliance or managing the SFR module directly from the ASDM?

If it's the latter, see this article ASA 5506-X / 5508-X Setup FirePOWER Services (for ASDM)

Scroll down to 'Blocking a Particular URL with FirePOWER Services'

If you are using the FMC, Let me know, and I'll create a new article for that.

Regards,

Pete
1
 

Author Comment

by:Pelitti
ID: 41737364
Hi,
thank you.
I am using FMC, but i am able to perform the step.
I will like to perform this by a new rules.
What i need is something like: This url is ok if an ip address perform a request in a second, is not ok and i need to drop it if an ip address perform 8-10 request in 2 seconds.

Thank you.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 41737419
Ohh thats a good question! Is this just for one IP/group? Normally I'd do this will a Policy framework rather than the FirePower?

Pete
0
 

Author Comment

by:Pelitti
ID: 41737429
Maybe I should open a new question.
I would do this for any ip, not for a preset.

Best regards.
Mauro
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now