Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2071
Views
0
Helpful
1
Replies

Activating NGFW features on Firepower in Datacenter

mateens
Level 1
Level 1

‎08-27-2020 02:04 AM - edited ‎08-27-2020 02:40 AM

Hi,

I have a 4115 FTD at datacenter. Traffic from several locations passes through the firewall. These are connected through IPVPN and IPsec VPN to access resources in the datacenter ca.5000+ clients. Customer want NGFW features activated on the firewall for increased security after migrating from ASA. All licenses are active.

1. What is best practice for activting these features in this type of environment ? IPS,URL Filtering,AMP,AVC 

2. Is there any prefered order or level ?

3. Is it possible to start with lowest possible settings for these and tighten them gradually over time ?

 

@Marvin Rhoads  @Mohammed al Baqari 

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-28-2020 04:55 AM

IPS with balanced security and connectivity ruleset along with Firepower recommendations setting is always a good start. URL Filtering is only of use if there is Internet-bound traffic going through the firewall. AMP is only of use if you see the streams with files in an unencrypted form. So a lot depends on the traffic flowing through the firewall.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card