Meraki

Community

MX Ingestion of external threat feed

Stealth_Network
Getting noticed
3 hours ago
3 hours ago

MX Ingestion of external threat feed

Hi,

 

Is there a way to configure the MX to ingest an IP address based threat feed. I know Firepower and other firewalls can do this but don't see any docs here that show how the MX's can do it. 

 

If not I will submit a feature request.

 

Thanks

0 Kudos
6 Replies 6
cmr
Kind of a big deal
Kind of a big deal
2 hours ago
2 hours ago

No, it uses the Cisco feeds.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to cmr
Stealth_Network
Getting noticed
19m ago
19m ago

Not sure what you are meaning here?

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
2 hours ago
2 hours ago

Create a layer 7 firewall rule to block access to a group.

 

Create a group and load all of the IP addresses into that.

 

PhilipDAth_0-1734030217887.png

 

 

In response to PhilipDAth
Stealth_Network
Getting noticed
27m ago
27m ago

I could do that but the group only allows you to add entries one at a time. I have hundreds.

 

 

0 Kudos
CptnCrnch
Kind of a big deal
Kind of a big deal
53m ago
53m ago

Using Cisco Defense Orchestrator (CDO), nowadays called Security Cloud Control, this would be useable via CSDAC (Dynamic Attributes Connector). Makes sense when you're dealing with more than "only" Meraki MX.

In response to CptnCrnch
DarrenOC
Kind of a big deal
Kind of a big deal
9m ago
9m ago

Think I know the answer already @CptnCrnch but is that free?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.