To quickly block IP communication to and from a certain IP address before traffic gets inspected by the Access Control Policy (ACP) in a Cisco Firepower system, you can use the Prefilter Policy. Here's how you can do it:

1. Access the Firepower Management Center (FMC) interface.

2. Navigate to Policies Access Control Prefilter.

3. Click "New Policy" to create a new Prefilter Policy, or edit an existing one.

4. In the Prefilter Policy, click "Add Rule".

5. In the new rule, set the Action to "Block".

6. Under the "Networks" section, specify the IP address you want to block in the Source Networks and/or Destination Networks fields.

7. Click "OK" to save the rule.

8. Apply the Prefilter Policy to the relevant interfaces or security zones.

9. Save and deploy the policy changes.

The Prefilter Policy processes traffic before the ACP, so this will effectively block the specified IP address before any further inspection takes place.

Question

To quickly block IP communication to and from a certain IP address before traffic gets inspected by the Access Control Policy (ACP) in a Cisco Firepower system, you can use the Prefilter Policy. Here's how you can do it:

1. Access the Firepower Management Center (FMC) interface.

2. Navigate to Policies > Access Control > Prefilter.

3. Click "New Policy" to create a new Prefilter Policy, or edit an existing one.

4. In the Prefilter Policy, click "Add Rule".

5. In the new rule, set the Action to "Block".

6. Under the "Networks" section, specify the IP address you want to block in the Source Networks and/or Destination Networks fields.

7. Click "OK" to save the rule.

8. Apply the Prefilter Policy to the relevant interfaces or security zones.

9. Save and deploy the policy changes.

The Prefilter Policy processes traffic before the ACP, so this will effectively block the specified IP address before any further inspection takes place.

Knowee AI · Accepted Answer