Cisco Cisco Firepower Management Center 4000

If your network does not contain any Modbus-enabled devices, you should not enable this 
preprocessor in an intrusion policy that you apply to traffic.

The Modbus preprocessor requires TCP stream configuration. When you enable the Modbus 
preprocessor and TCP stream configuration is disabled, you are prompted whether to enable the 
advanced setting when you save the policy.

See 

 and 

 for more information.

Both TCP stream configuration and the Modbus preprocessor must be enabled to allow processing 
of rules using Modbus keywords. When either is disabled and you enable rules that use Modbus 
keywords, you are prompted whether to enable the disabled advanced setting when you save the 
policy. See 

.

You can use the following procedure to modify the ports the Modbus preprocessor monitors.

Admin/Intrusion Admin

Select 

The Intrusion Policy page appears.

Click the edit icon (

) next to the policy you want to edit.

If you have unsaved changes in another policy, click 

 to discard those changes and continue. See 

 for information on saving unsaved changes in another 

policy.

The Policy Information page appears.

Click 

 in the navigation panel on the left.

The Advanced Settings page appears.

You have two choices, depending on whether 

 under SCADA Preprocessors is 

enabled:

If the configuration is enabled, click 

.

If the configuration is disabled, click 

, then click 

.

The Modbus Configuration page appears.

Optionally, modify the 

 that the preprocessor inspects for Modbus traffic. You can specify an integer 

from 0 to 65535. Use commas to separate multiple ports.

Optionally, click 

 at the top of the page to display rules associated 

with individual options.

Click 

 to return to the Modbus Configuration page.

Save your policy, continue editing, discard your changes, revert to the default configuration settings in 
the base policy, or exit while leaving your changes in the system cache. See the 

 table for more information.

Protection