Cisco Cisco Firepower Management Center 4000

Any

feature dependent

The Advanced section of the Device tab displays a table of advanced configuration settings, as described 
in the following table.

You can use the Advanced section to edit any of these settings. See the following sections for more 
information:

Any

The Automatic Application Bypass (AAB) feature limits the time allowed to process packets through an 
interface and allows packets to bypass detection if the time is exceeded. The feature functions with any 
deployment; however, it is most valuable in inline deployments.

You balance packet processing delays with your network’s tolerance for packet latency. When a 
malfunction within Snort or a device misconfiguration causes traffic processing time to exceed a 
specified threshold, AAB causes Snort to restart within ten minutes of the failure, and generates 
troubleshoot data that can be analyzed to investigate the cause of the excessive processing time.

In Version 5.3.1 and higher, the default behavior for the AAB option varies by device, as follows:

Series 3: off

Series 2 and virtual: on

ASA FirePOWER: off

X-Series: not supported

If you upgrade from a version lower than 5.3, the existing setting is retained. You can change the bypass 
threshold if the option is selected. The default setting is 3000 milliseconds (ms). The valid range is from 
250 ms to 60,000 ms.

Application Bypass

The state of Automatic Application Bypass on the device. Series 2, Series 3, 

Virtual, 
ASA FirePOWER

Bypass Threshold

The Automatic Application Bypass threshold, in 
milliseconds.

Series 2, Series 3, 
Virtual

Inspect Local Router 
Traffic

Whether the device inspects traffic received on routed 
interfaces that is destined for itself, such as ICMP, DHCP, 
and OSPF traffic.

Series 3

Fast-Path Rules

The number of fast-path rules that have been created on the 
device.

8000 Series, 
3D9900