yogdhanu

Member Since: Dec 03, 2015

User Badges:
  • Cisco Employee,

Canada - Français
yogdhanu commented on Virtual Firepower Management Centre High Availability? in Intrusion Prevention Systems/IDS 3 months ago

Hi There, HA for virtual FMC isn't supported, You would need to go for physical appliance. Thanks...

yogdhanu commented on VDB update to Firepower module on ASA in FireSIGHT System / 3D System 3 months ago

You are correct. You can check current VDB version by navigating to Help>About and match it with...

yogdhanu commented on Can i control the p2p grid system using Firepower? in Intrusion Prevention Systems/IDS 3 months ago

Hi There, I suppose you are trying to block p2p traffic through firepower. You can use application...

yogdhanu commented on No Connection/Event Logging in FMC 6.2 with FTDv 6.2 in Intrusion Prevention Systems/IDS 3 months ago

Hi You can try to run firewall debug on FTD to know which snort rule the traffic hits. Login to...

yogdhanu commented on integrate cisco firepower management center and ASA5516-x in FireSIGHT System / 3D System 3 months ago

Hi Kasun, The screenshots looks correct. Can you please also share ouptu  of "show service-policy...

yogdhanu commented on Problems with CPAN in Firesight in FireSIGHT System / 3D System 3 months ago

Where do you get this error? On the firesight or on splunk?

yogdhanu commented on Firepower is full of bugs ! in FireSIGHT System / 3D System 3 months ago

Hi There, I see you have been facing some issues in firepower configuration. I would suggest to...

yogdhanu commented on Firepower 6.2 ASDM Control Policy Issues in FireSIGHT System / 3D System 3 months ago

Hi There, I suppose, you are using ASDM to manage the firepower. With that you should be able to...

yogdhanu commented on VDB update to Firepower module on ASA in FireSIGHT System / 3D System 3 months ago

Hi There, Yes VDB needs to be updated separately apart from FMC/module upgrade. FMC or module...

yogdhanu commented on Firepower Allow Rule for File Malware Detection? in FireSIGHT System / 3D System 3 months ago

Hi There, Yes, you are right about the behavior. Only allow rules can have intrusion or file...

yogdhanu commented on Firepower Threat Defense - NAT and ACL import Issue in FireSIGHT System / 3D System 8 months ago

Hi Policy deployment failure reason can be found from the FMC logs or FTD logs from CLI side. It...

yogdhanu commented on What is the different between End-point IPS and Network IPS? in Intrusion Prevention Systems/IDS 8 months ago

As the name suggests, its mostly a security software installed on endpoint which is a PC and...

yogdhanu commented on FTD registering to FMC scenario in FireSIGHT System / 3D System 9 months ago

Hi The approach would be best to pre-register the device and then install it and then re-register...

yogdhanu commented on FIRESIGHT Disk Usage in FireSIGHT System / 3D System 10 months ago

There is a health alert module which can be used for disk usage alert. You can turn it on and...

yogdhanu commented on How to verify SSL decryption in FirePOWER? in FireSIGHT System / 3D System 11 months ago

Hi You can check the connection events. Enable the SSL filters in SSL policy to see which ssl rule...

yogdhanu commented on Network Users Discovery. in FireSIGHT System / 3D System 11 months ago

Hi Use this to verify the permission. http://www.cisco.com/c/en/us/support/docs/security/firesight...

yogdhanu commented on FireSight/User Agent Error: [2201] - Report login information from IP to IP failed after TIME [A call to SSPI failed, see inner exception.] in FireSIGHT System / 3D System 11 months ago

This is known issue. Please uninstall the Microsoft update KB3161606 and KB3161608 Upon closer...

yogdhanu commented on Network Users Discovery. in FireSIGHT System / 3D System 11 months ago

Hi Network discovery does discover hosts and applications but this cannot be used in access control...

yogdhanu commented on 5506-x Firepower does file blocking work? in Intrusion Prevention Systems/IDS 11 months ago

Hi File blocking does work and if the right policies are configured, then transfer of MP4 file...

yogdhanu commented on How To block Packet Sniffer on AVC in Intrusion Prevention Systems/IDS 11 months ago

If you want to block the file download itself, you need to use File policy which can block certain...

yogdhanu commented on firesight URL filtering in Intrusion Prevention Systems/IDS 11 months ago

Hi You can try to check the URL which CNN is trying to go to and then add them in allowed list...

yogdhanu commented on What does "BLACKLIST DNS reverse lookup response for known malware domain spheral.ru - Win.Trojan.Glupteba (1:31600)" mean? in Intrusion Prevention Systems/IDS 11 months ago

Hi It does not necessarily mean that the PC or DC are infected. This rule is for reverse DNS...

yogdhanu commented on Noob to sourcefire 5.3 could use some answers to some questions. in Sourcefire API 11 months ago

Hi You would need to check the IPS events in the firesight. Check that specific event for source...

yogdhanu commented on Cisco Firepower configuration through ASDM in FireSIGHT System / 3D System 11 months ago

Hi Vaibhav, You don't need to create new access control policy. Edit the default policy and then...

yogdhanu commented on Firesight drops SQL well known traffic in FireSIGHT System / 3D System 11 months ago

Hi It might to due to any IPS rules. I would suggest enable logging on all the rules in access...

yogdhanu commented on FirePower Policy files in file-system in FireSIGHT System / 3D System 12 months ago

Hi You can find the policy on the sensor itself where the policies are applied. It will be under /...

yogdhanu commented on Cannot add manager in ASA in FireSIGHT System / 3D System 1 year ago

Hi There can be multiple reasons for this. If you are sure that network is not blocking the...

yogdhanu commented on Error in FireSight - "Unable to connect to DB". in FireSIGHT System / 3D System 1 year ago

Is this a new installation? or it was registered to different FMC and now registered to another one...

yogdhanu commented on Fire Power 7010. RPC timed out. in FireSIGHT System / 3D System 1 year ago

Hi Yes the network connectivity is must for the policy apply to work. Rate if helps. Yogesh

yogdhanu commented on Fire Power 7010. RPC timed out. in FireSIGHT System / 3D System 1 year ago

Actually it needs to be created in there. Create the file /etc/sf/rpc_timeout.conf on the...

yogdhanu commented on block psiphon application on source fire. in FireSIGHT System / 3D System 1 year ago

Yes that should be right. Rate if helps. Yogesh

yogdhanu commented on ASA 5506x with FTD not decrypting traffic in FireSIGHT System / 3D System 1 year ago

Hi Issue could be anywhere in the configuration or something else. Do you see any logs with ssl...

yogdhanu commented on block psiphon application on source fire. in FireSIGHT System / 3D System 1 year ago

Navigate to System>updates and download the update. It will download the latest VDB update....

yogdhanu commented on block psiphon application on source fire. in FireSIGHT System / 3D System 1 year ago

Hi Please update the VDB to latest. I am running VDB 270 which has this application. Rate if helps...

yogdhanu commented on block psiphon application on source fire. in FireSIGHT System / 3D System 1 year ago

Hi Chawki, You can try to use the application block on firepower to block proxy application. There...

yogdhanu commented on Fire Power 7010. RPC timed out. in FireSIGHT System / 3D System 1 year ago

Hi Please check if there is enough bandwidth available between the firesight and sensor. You can...

yogdhanu commented on Cisco AMP for Networks without AMP for endpoints in Advanced Malware Protection (AMP) 1 year ago

Hi For network AMP with firepower, you don't have to manually register. Once you have malware...

yogdhanu commented on Captive portal for guest access on ASA5506X in FireSIGHT System / 3D System 1 year ago

Hi Please use this article as reference for configuring captive portal. http://www.cisco.com/c/en/...

yogdhanu commented on SSL decryption performance in FireSIGHT System / 3D System 1 year ago

All the data in terms of throughput would be same. Only thing is firepower appliance are better...

yogdhanu commented on SSL decryption performance in FireSIGHT System / 3D System 1 year ago

Hi You are right. From design point of view, design network based on assumption that the throughput...

yogdhanu commented on Redo the sfr install on 5585-X module command in FireSIGHT System / 3D System 1 year ago

Hi What do you want to change? you can change the network and all other config from sfr cli. Login...

yogdhanu commented on AMP for endpoints in Advanced Malware Protection (AMP) 1 year ago

Hi Your accounts team should be able to provide you the link for that.

yogdhanu commented on AMP for endpoints in Advanced Malware Protection (AMP) 1 year ago

You would get the cloud account credentials when you purchase the amp for endpoint. For on-prem...

yogdhanu commented on AMP for endpoints in Advanced Malware Protection (AMP) 1 year ago

Hi Endpoint clients will be monitored from Cloud. You can integrate cloud to FMC to check the...

yogdhanu commented on You have no Firepower hosts in Intrusion Prevention Systems/IDS 1 year ago

Purge host information from system>tools >Data purge Purge only host and network discovery...

yogdhanu commented on Firesight user mapping issue with mobile devices in FireSIGHT System / 3D System 1 year ago

Hi If you are using user identity service based on user agent, its expected. User Agent learns the...

yogdhanu commented on Events are pruning too quickly!! in Event Analysis 1 year ago

Hi It could just be that too many events are being generated which are making the database limit...

yogdhanu commented on SFR not detecting all ASA interfaces in FireSIGHT System / 3D System 1 year ago

Hi What's the ASA version? there is an existing bug which is fixed in 9.5(2.6) and above. https...

yogdhanu commented on FTD Virtual in FireSIGHT System / 3D System 1 year ago

Hi Yes the FTD virtual is a combination of ASA and firepower. Its available with name "...

Bio

User Badges:
  • Badge.
    Cisco Employee

yogdhanu's Stats

Points337
Discussion started 0
Answers marked as Correct 42
Endorsed 1
Content Rated 2