View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

Home » Security » SEC0175 - ASA FirePower IPS Custom Rule

SEC0175 - ASA FirePower IPS Custom Rule

Rating: 
4.666665
Average: 4.7 (3 votes)
Difficulty Level: 
0
Lab Document: 
<Please login to see the content>
Category: 
Security
The video shows you how to create a custom intrusion rule on Cisco ASA FirePower. We will generate a special HTTP request to simulate malicious traffic and build an intrusion rule to match the content of the request and drop it. You will learn available parameters that you can use on FireSight web interface Rule Editor to define attack signature.
 
Topic:
  • Intrusion Rule Editor
  • Custom Intrusion Rule
  • Intrusion Rule Content Matching
  • Custom HTTP Request
  • Wireshark Packet Capture
Tag: 
asa
firepower
sourcefire
ngfw
firesight
wireshark
ngips
ips
intrusion
http

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
http://www.linkedin.com/in/methachiewanichakorn

2 comments

Submitted by ezelarrosa on Fri, 03/06/2020 - 12:15

How can i except an HTTP URI?
I want to except a path with /admin content, but only a website.

Thanks

Submitted by admin on Tue, 04/21/2020 - 20:08

You can do a whitelist of the URL as part of Security Intelligence.