Professional Documents
Culture Documents
Training Series
Overview and Design
www.routehub.net
• Management port
• Console Port
FirePOWER Security Features
• Application Control
• Identity Control
• Security Intelligence
• Intrusion Detection and Prevention (IPS)
• URL Filtering
• Advanced Malware Protection (AMP)
• File Blocking
• SSL Decryption
Security Features – Application Control
• Filter traffic based on applications (Facebook, Skype, etc)
• Filter traffic based on micro-applications (e.g. Facebook Post, Chat)
• Require SSL Decryption
• Application Filtering not very reliable
Security Features – Identity Control
• Filter traffic based on the user account and group
• Integrated with Active Directory or LDAP
• Identity Control Methods:
• Active Authentication
• Passive Authentication
Security Features – Security Intelligence
• First line of security defense on the ASA FirePOWER appliance
• Provides a blacklist of networks/IPs with bad reputations
Security Features – URL Filtering
• Filter traffic based on web URL
• Block based on:
• Web categories (e.g. Violence, Nudity)
• Reputation
• Business Relevance
Security Features – IPS
• Last line of security defense on the ASA FirePOWER appliance
• Inspecting traffic for specific patterns of data in a traffic flow
Security Features – Malware Protection
• Filter files for malware/virus content
• Uses the Security Intelligence Cloud
• Looks at the files SHA-256 hash value
• Operations:
• Malware Lookup
• Block Malware
Security Features – File Blocking
• Filter traffic with files of certain types (e.g. ZIP, EXE)
• Files being uploaded or downloaded
Security Features – SSL Decryption
• Allows decrypting HTTPS websites for firewall inspection
Security Flow
• Action: Allow (continue for further inspection)
FMC
ASDM
Management Options: FMC
• Cisco ASDM
• Interfaces, VPN, NAT, Routing
• Cisco FirePOWER Management Center (FMC)
• NGFW features: Application Control, IPS, URL filtering, AMP, File Control, etc.
• Robust Reporting of FirePOWER services
Management Options: ASDM
• Cisco ASDM
• NGFW features: Application Control, IPS, URL filtering, AMP, File Control, etc.
• Interfaces, VPN, NAT, Routing
• Basic Reporting of FirePOWER services
Management Options: Comparisons
Cisco ASA Cisco ASA with FirePOWER
• Cons:
• Instability of features (e.g. SSL Decryption)
• Administration
• Late Feature support (e.g. SSL Decryption)
• SSL Decryption
• Version 5.4.1 and earlier: requires standalone SSL decryption appliance
• Supported on NGFW (e.g. Palo Alto, FortiGate, Cisco ASA using CX)
• Supported natively in Version 6.0 (November 2015) and later
• Considerations:
• Version 6.0 instabilities (SSL Decryption, URL Filtering)
• Recommended to use version 5.4.1 for production deployments
• Caution to use version 6.0 for production deployments
Video Series: Administration
• Administration using ASDM
Video Series: Topics
• Application Control
• Identity Control
• Security Intelligence
• Intrusion Detection and Prevention (IPS)
• URL Filtering
• Advanced Malware Protection (AMP)
• File Blocking
• SSL Decryption