08-17-2021 05:29 PM - edited 08-27-2021 04:43 PM
Anyone found a solution to get the following false positive not to display?
Following all appear enabled, but still show up as failed
Interzone Deny Rule With Logging
Intrazone Deny Rule with Logging
New Apps with Application Filter
Inbound Malicious IP Address Feed
Outbound Malicious IP Address Feed
HIP Profiles Used In Rule Base --- already used security policies where source = vpn
Quic App Deny - I have an exception for traffic from Cisco Umbrella forwarders
SSH Proxy / SSH Tunnel - I have a rule configured, but first must allow specific SSH connections
Looking at the Best Practices Assessment pdf file -> Policies, it looks like Device Group(s) vsys1 is passing most of these, but Device Group(s) shared is failing. I only have a single firewall. Any idea how to fix these? I do want to get these fixed up to show the report during an upcoming meeting, and explain where we have compensating controls, not that the report may be incorrect...
08-30-2021 08:43 AM
Hello, can you please submit a support ticket and attach your Tech Support File so that we can investigate what may be the cause of this issue? Once you have done so, please email the support ticket number to email@example.com
12-10-2021 12:49 PM
Any resolution to this?
12-10-2021 12:54 PM
No, I couldn't get any response whatsoever.
11-11-2022 08:29 AM
A year later, zero change. 👎
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!