Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
1
Replies

File Policy + access control rule

zaferberber
Level 4
Level 4

‎05-02-2017 09:48 AM - edited ‎03-12-2019 06:22 AM

i wanna check the malicious file activity on local network (client network)

i created file policy with malware cloud lookup (with both direction) and ips policy for outbound communication (including malware rules.....)

the access control rule like this;

source Local Network -> Dst Any   with file policy and oubound ips policy (home_net=local network)

any suggestion writing the reverse rule ?

regards

zafer

Labels:
0 Helpful
1 Reply 1

babiojd01
Level 1
Level 1

‎05-02-2017 12:32 PM

I don't believe you need a reverse rule beings the conversation is kept track of with Initiator and responder. File policy should match the downloaded file from the internet and perform the lookup. Firepower experts can correct me if I am wrong.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card