Internet Access Requirements
By default, the ASA FirePOWER module is configured to directly connect to the Internet on ports 443/tcp (HTTPS) and 80/tcp (HTTP), which are open by default on the ASA FirePOWER module; see Communication Ports Requirements.
The following table describes the Internet access requirements of specific features of the ASA FirePOWER module.
Feature |
Internet access is required to... |
---|---|
intrusion rule, VDB, and GeoDB updates |
download or schedule the download of a intrusion rule, GeoDB, or VDB update directly to an appliance. |
network-based AMP |
perform malware cloud lookups. |
Security Intelligence filtering |
download Security Intelligence feed data from an external source, including the Intelligence Feed. |
system software updates |
download or schedule the download of a system update directly to an appliance. |
URL filtering |
download cloud-based URL category and reputation data for access control, and perform lookups for uncategorized URLs. https://updates-talos.sco.cisco.com IPV4:
IPv6
|
whois |
request whois information for an external host. |