Cisco Bug: CSCut69420 - [ENH] Request for static IP/hostnames for AMP/cloud services
Jun 20, 2018
- Cisco Email Security Appliance
Known Affected Releases
10.0.0-203 10.0.1-087 8.5.6-073 8.5.6-092 8.5.6-106 9.0.0-500 9.1.0-032 9.5.0-034 9.5.0-067
ENH request Symptom: Customer has their ESA(s) very locked down for its communication out to the internet. Require static rules for the ESA communication out. However, they have an old firewall, and it will not take DNS names for the rules to get out to the internet. He wants to run AMP, reputation and analysis, URL filtering. Can we give them an IP addresses to use, or a CIDR range vs. the a.immunet.com and cloud-sa-amp.sourcefire.com and intel.api.sourefire.com addresses? Per TALOS, no ---> "Talos will be providing some of the static addresses, however, the URL filtering function in ESA is geo-sensitive and will always redirect to the closest or lower latency location. The other caveat is that we have plans for expanding to new locations such as the Cisco Cloud Services and we are not sure if this will be the fastest link for the customer." We need a solution for customers who don't expose their ESA to the full Internet, and have firewalls not capable of DNS rules. The guide for ESA that shows Firewall Rules needs to have destinations for the AMP and other services that have been added in the last year that aren't reflected. Customers have issues enabling AMP as well as the URL Filtering because of their FW rules. Conditions: AMP/URL filtering configured on appliance; network/router/firewall has limitations requiring static IP or hostnames for these services to provided access.
Related Community Discussions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases