Guest

Preview Tool

Cisco Bug: CSCvu31167 - DOC: File policy automatically enables inline normalization with Normalize TCP Payload option

Last Modified

Jul 12, 2020

Products (1)

  • Cisco Firepower Management Center

Known Affected Releases

6.2.3 6.3.0 6.4.0 6.5.0 6.6.0

Description (partial)

Symptom:
If an access control rule has a file policy, then Firepower automatically enables inline normalization with the Normalize TCP Payload option.  In order to minimize TCP evasion efforts inline normalization with Normalize TCP Payload option enables Pre-ACK Inspection mode which normalizes traffic immediately after packet decode and before any other Snort function is processed.
More about inline normalization, Post-ACK, and Pre-ACK inspection modes are available in the troubleshooting technote called "Enable the Inline Normalization Preprocessor and Understand Pre-ACK and Post-ACK Inspection"

Conditions:
An access control rule with file policy.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.