cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
221
Views
0
Helpful
4
Replies
Beginner

Can my firepower 2100 provide these protection to our network?

Hi everyone,

 

We have deployed a pair of 2100 in place managed by FMC back in 6 months ago. We also have some subscription to Cisco for malware and antivirus..etc.

My boss just mentioned one CDN provider...which they introduced some of the security or protections they can offer us to secure better our web servers, and even our network infrastructure. They claim that their service can protect from DDoS mitigation, SQL injections, reflection attacks, SMURF attacks, and some other attacks like ACK and layver 7...firepower

 

Do you think the Cisco Firepower with the annual subscriptions already provides the protections against those attacks mentioned? Or it is good/necessary to have it as "extra protection"? The vendor claims that no extra software/hardware needed...

 

May you tell me your opinions on this?

Thank you for your help in advance.


Takami Chiro

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Master

Re: Can my firepower 2100 provide these protection to our network?

I can't determine your risk profile. If it makes sense for your business then have at it. I'd only advise you to take marketing (from Cisco or anybody) with a grain of salt - be skeptical and don't fall for the hype.

Speaking of marketing (haha) you might consider Cisco Umbrella with the Secure Internet Gateway (SIG) Essentials (that's the new top tier subscription plan).

Also with Umbrella you get the added benefit of Cisco's Cyber Threat Response (CTR) that integrates threat intelligence with your context from Umbrella, AMP for Endpoints, Firepower, ESA etc. into one visibility console.

4 REPLIES 4
Highlighted
Hall of Fame Master

Re: Can my firepower 2100 provide these protection to our network?

A Content Delivery Network or CDN might be able to provide those protections for web servers whose content they host.

I cannot see how they could possibly provide those protections for your internal network though. Your traffic does not flow through their systems.

Beginner

Re: Can my firepower 2100 provide these protection to our network?

Hi Marvin,

 

Good morning! I hate to do free advertise :) but the company name is called Cloudflar_

I think what they do is to "intercept" all the web/dns queries by their own dns server before passing the traffic to us.

So do you think my Firepower also provide a same task or protection...or is this service a good add-on?

Thank you!

 

Takami Chiro

 

Hall of Fame Master

Re: Can my firepower 2100 provide these protection to our network?

I can't determine your risk profile. If it makes sense for your business then have at it. I'd only advise you to take marketing (from Cisco or anybody) with a grain of salt - be skeptical and don't fall for the hype.

Speaking of marketing (haha) you might consider Cisco Umbrella with the Secure Internet Gateway (SIG) Essentials (that's the new top tier subscription plan).

Also with Umbrella you get the added benefit of Cisco's Cyber Threat Response (CTR) that integrates threat intelligence with your context from Umbrella, AMP for Endpoints, Firepower, ESA etc. into one visibility console.

Beginner

Re: Can my firepower 2100 provide these protection to our network?

Marvin,

Thank yoU! The setup...according to them...seems to be easy so I may just give a try :) Thank you very much again for your response.

Takami Chiro