Hello, we're looking to implement an FTDv as an edge device for our Azure network. Currently our on-prem consists of a physical ASA and an outsourced IPS device (iSensor by Dell Secureworks) that sits in front of the ASA. My question is, are the IPS, AMP, and other security features of the FTDv managed by Cisco? For example will they automatically update definition files, actively quarantine/drop packets? In essence we don't have the man power to commit someone fully to managing rules and security, we'd like something with minimal management. Should we be looking at possibly using an ASAv with a separate outsourced IPS appliance in the cloud?
The FTDv would be a great solution for you. You can schedule updates (GeoDB, IPS etc..) So you wont need a man to manage rules and security. You will how ever need to manually upgrade the appliance, allthought this can be scheduled (But i wouldn't advice you to do that). Cisco Talos are the one giving you the updates
Troubleshooting a failed ISE Upgrade Readiness Tool Assessment
About the Author
Richard Atkin is an Engineer at a Cisco Partner in the UK, specialising in ISE, WiFi & Prime... I'm also currently learning about APIs, Webhooks, AWS, (etc et...
Security Product and architecture introduction-NGFW portflio(8/6)
The following document will enable you to add a Mobility Express Controller to your ISE instance in dCloud.
You will need a dCloud ERK (Endpoint Router Kit) to be able to use the Mobility Express controller with the dCloud Mobility Deep Di...