Cisco Cisco Firepower Management Center 4000

Any port you add to the RPC 

 list should also be added in each TCP policy to the 

appropriate list of TCP reassembly ports, depending on whether you are monitoring client 
or server traffic, or both. Note, however, that reassembling additional traffic types (client, 
server, both) increases resource demands. For more information on configuring TCP 
reassembly ports, see 

.

Detects RPC fragmented records.

You can enable rules 106:1 and 106:5 to generate events for this option. See 

 for more information.

Detects more than one RPC request per packet (or reassembled packet).

You can enable rule 106:2 to generate events for this option. See 

 for 

more information.

Detects reassembled fragment record lengths that exceed the current packet length.

You can enable rule 106:3 to generate events for this option. See 

 for 

more information.

Detects partial records.

You can enable rule 106:4 to generate events for this option. See 

 for 

more information.

Protection

You can use the following procedure to configure the Sun RPC preprocessor. For more information on 
the Sun RPC preprocessor configuration options, see 

Admin/Intrusion Admin

Select 

.

The Intrusion Policy page appears.

Click the edit icon (

) next to the policy you want to edit.

If you have unsaved changes in another policy, click 

 to discard those changes and continue. See 

 for information on saving unsaved changes in another 

policy.

The Policy Information page appears.

Click 

 in the navigation panel on the left.