Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1109
Views
0
Helpful
4
Replies

Can my firepower 2100 provide these protection to our network?

Go to solution
riderfaiz
Level 1
Level 1

‎08-15-2019 08:50 AM - edited ‎02-21-2020 09:24 AM

Hi everyone,

 

We have deployed a pair of 2100 in place managed by FMC back in 6 months ago. We also have some subscription to Cisco for malware and antivirus..etc.

My boss just mentioned one CDN provider...which they introduced some of the security or protections they can offer us to secure better our web servers, and even our network infrastructure. They claim that their service can protect from DDoS mitigation, SQL injections, reflection attacks, SMURF attacks, and some other attacks like ACK and layver 7...firepower

 

Do you think the Cisco Firepower with the annual subscriptions already provides the protections against those attacks mentioned? Or it is good/necessary to have it as "extra protection"? The vendor claims that no extra software/hardware needed...

 

May you tell me your opinions on this?

Thank you for your help in advance.


Takami Chiro

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to riderfaiz

‎08-17-2019 04:28 AM

I can't determine your risk profile. If it makes sense for your business then have at it. I'd only advise you to take marketing (from Cisco or anybody) with a grain of salt - be skeptical and don't fall for the hype.

Speaking of marketing (haha) you might consider Cisco Umbrella with the Secure Internet Gateway (SIG) Essentials (that's the new top tier subscription plan).

Also with Umbrella you get the added benefit of Cisco's Cyber Threat Response (CTR) that integrates threat intelligence with your context from Umbrella, AMP for Endpoints, Firepower, ESA etc. into one visibility console.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-15-2019 09:13 PM

A Content Delivery Network or CDN might be able to provide those protections for web servers whose content they host.

I cannot see how they could possibly provide those protections for your internal network though. Your traffic does not flow through their systems.

0 Helpful

Go to solution
riderfaiz
Level 1
Level 1
In response to Marvin Rhoads

‎08-16-2019 10:27 AM

Hi Marvin,

 

Good morning! I hate to do free advertise :) but the company name is called Cloudflar_

I think what they do is to "intercept" all the web/dns queries by their own dns server before passing the traffic to us.

So do you think my Firepower also provide a same task or protection...or is this service a good add-on?

Thank you!

 

Takami Chiro

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to riderfaiz

‎08-17-2019 04:28 AM

I can't determine your risk profile. If it makes sense for your business then have at it. I'd only advise you to take marketing (from Cisco or anybody) with a grain of salt - be skeptical and don't fall for the hype.

Speaking of marketing (haha) you might consider Cisco Umbrella with the Secure Internet Gateway (SIG) Essentials (that's the new top tier subscription plan).

Also with Umbrella you get the added benefit of Cisco's Cyber Threat Response (CTR) that integrates threat intelligence with your context from Umbrella, AMP for Endpoints, Firepower, ESA etc. into one visibility console.

0 Helpful

Go to solution
riderfaiz
Level 1
Level 1
In response to Marvin Rhoads

‎08-19-2019 07:22 AM

Marvin,

Thank yoU! The setup...according to them...seems to be easy so I may just give a try :) Thank you very much again for your response.

Takami Chiro
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card