Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
984
Views
0
Helpful
1
Replies

Deploy SFR: Inline or Monitor

Go to solution
fcorre
Level 1
Level 1

‎02-11-2019 07:41 AM - edited ‎03-12-2019 07:17 AM

Dear

How are you? Implementing two sfr modules in ASA failover firewall will be managed by an FMC. For 3 weeks you will be only monitoring the traffic and analyzed through the FMC to define the signature bases that we will block, I have a period to leave it in "Inline Tap Monitor Only", What do you recommend? or leave it online (sfr fail-open) without a monitor and in the FMC allow all traffic?

 

Firepower policy map
class firepower class
sfr fail-open monitor-only

 

Thanks very much.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-12-2019 07:01 PM

I'd say it's easier to do the monitor-only in the ASA policy-map configuration.

 

That way it's a one-line immediate effect change to revert it.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-12-2019 07:01 PM

I'd say it's easier to do the monitor-only in the ASA policy-map configuration.

 

That way it's a one-line immediate effect change to revert it.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card