12-06-2016 03:45 PM - edited 03-12-2019 01:37 AM
Hello,
We have an ASA 5525-X that has IPS capability, we apparently purchased FirePOWER along with the virtual appliance option, do we need to install FirePOWER within disk0:/? Currently IPS is installed and not being used, we don't have a module installed within the firewall, is it still possible to run FirePOWER on this device? and if so, would the FirePOWER filter all traffic through the virtual appliance or through the ASA itself.
Is there a document on how to convert from IPS to FirePOWER?
Thanks In Advance.
Solved! Go to Solution.
12-07-2016 04:22 AM
It's not clear what virtual appliance you are referring to - there's a FirePOWER Management Center VM and a separate product that is a FirePOWER appliance VM. There's also the FirePOWER module on the ASA 5500-X series.
An ASA FirePOWER module runs on the parent ASA as a sort of VM. It bootstraps from disk0: and then uses the Solid State Drive (SSD) on the ASA for the full product installation and local storage of events. It can be managed locally (using ASDM) or, more commonly, from a remote FirePOWER Management Center. the FMC is where you configure and deploy policies. It also gets events from the managed FirePOWER modules on remote ASAs. The actual traffic filtering takes place on the ASA working with its installed FirePOWER service module.
Here's how to convert from the old style Cisco IPS:
http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html
Once you have the FirePOWER (sfr) module installed, have a look at the Quick Start guide:
http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/sfr/firepower-qsg.html
12-07-2016 04:22 AM
It's not clear what virtual appliance you are referring to - there's a FirePOWER Management Center VM and a separate product that is a FirePOWER appliance VM. There's also the FirePOWER module on the ASA 5500-X series.
An ASA FirePOWER module runs on the parent ASA as a sort of VM. It bootstraps from disk0: and then uses the Solid State Drive (SSD) on the ASA for the full product installation and local storage of events. It can be managed locally (using ASDM) or, more commonly, from a remote FirePOWER Management Center. the FMC is where you configure and deploy policies. It also gets events from the managed FirePOWER modules on remote ASAs. The actual traffic filtering takes place on the ASA working with its installed FirePOWER service module.
Here's how to convert from the old style Cisco IPS:
http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html
Once you have the FirePOWER (sfr) module installed, have a look at the Quick Start guide:
http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/sfr/firepower-qsg.html
12-07-2016 03:18 PM
Many thanks Marvin!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide