Hello, we're looking to implement an FTDv as an edge device for our Azure network. Currently our on-prem consists of a physical ASA and an outsourced IPS device (iSensor by Dell Secureworks) that sits in front of the ASA. My question is, are the IPS, AMP, and other security features of the FTDv managed by Cisco? For example will they automatically update definition files, actively quarantine/drop packets? In essence we don't have the man power to commit someone fully to managing rules and security, we'd like something with minimal management. Should we be looking at possibly using an ASAv with a separate outsourced IPS appliance in the cloud?
Thanks for any help with this question!