Cisco Bug: CSCvu31167 - DOC: File policy automatically enables inline normalization with Normalize TCP Payload option
Jul 12, 2020
- Cisco Firepower Management Center
Known Affected Releases
6.2.3 6.3.0 6.4.0 6.5.0 6.6.0
Symptom: If an access control rule has a file policy, then Firepower automatically enables inline normalization with the Normalize TCP Payload option. In order to minimize TCP evasion efforts inline normalization with Normalize TCP Payload option enables Pre-ACK Inspection mode which normalizes traffic immediately after packet decode and before any other Snort function is processed. More about inline normalization, Post-ACK, and Pre-ACK inspection modes are available in the troubleshooting technote called "Enable the Inline Normalization Preprocessor and Understand Pre-ACK and Post-ACK Inspection" Conditions: An access control rule with file policy.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases