9 Comments

  1. evan
    June 27, 2018 @ 4:47 pm

    job well done. Great dedication and a good result.

    Reply

    • lammle
      June 30, 2018 @ 5:44 pm

      Thank you!

      Reply

  2. Shavat Zalpuri
    September 22, 2018 @ 2:58 am

    Hi sir,

    I have a query in our environment, we have implemented Firepower , after the implementation we got an issue that bulk FTP is not working.

    After passing the traffic through pre-filter policy as fast-path bulk FTP started.

    As per the article, if we do fast-path packet wil avoid snort engine, so do you suspect that there is some issue with our snort engine ?

    Bug or some other thing .

    Reply

    • lammle
      September 22, 2018 @ 6:06 am

      No, I don’t think that you have something wrong with the snort engine, you have something wrong in your Access Control Policy that’s blocking it. Email me a pic of your ACP rules and I’ll take a look todd@lammle.com

      Reply

  3. Mahesh
    May 30, 2019 @ 11:26 am

    This is an issue with FTD handling FTP ( Active Vs Passive )

    Reply

    • lammle
      May 30, 2019 @ 11:31 am

      True, but you can fast path FTP to solve the issue

      Reply

  4. Vijay
    June 14, 2019 @ 2:00 am

    I want to know where does the “Network Analysis” policy come in the Packet flow?

    Reply

    • lammle
      June 14, 2019 @ 9:41 am

      Two places, at the beginning and end of the LINA process, and at every policy listed in the diagram for the SNORT process.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *