Solved: Best Practices for Implementing FirePower

mikgruff3 · ‎03-30-2015

I'm looking for a best practices for deploying FireSight? Can someone help me?

thanks

-mikgruff

Marvin Rhoads · ‎03-30-2015

There's not a general purpose guide outside the product configuration guide on the support page.

Partners do have access to a guide developed for Proof of Value deployments that is pretty comprehensive but that is not published publicly.

There are some useful tips on the recent Cisco Live presentations on this area but they're more PowerPoint than deployment guide.

View solution in original post

Marvin Rhoads · ‎03-30-2015

There's not a general purpose guide outside the product configuration guide on the support page.

Partners do have access to a guide developed for Proof of Value deployments that is pretty comprehensive but that is not published publicly.

There are some useful tips on the recent Cisco Live presentations on this area but they're more PowerPoint than deployment guide.

mikgruff3 · ‎03-30-2015

Thanks Marvin.

Nicolas BOULET · ‎04-03-2015

hi

it would be great to publish this proof of value guide, or some whitepaper because i'm playing for one week with this great product, but there's a lot of options !

gamoore · ‎04-03-2017

Hi Marvin, do you know if that Partner POV guide has been updated. There has been 1 major upgrade (6.0), and a couple minor upgrades (6.1, 6.2) since I saw the POV guide?

Marvin Rhoads · ‎04-04-2017

gamoore ,

Yes the FirePOWER POV Guide has been updated to reflect the availability of an FMC installed in dCloud and is currently using FirePOWER 6.1 as its baseline.

You can find the current POV Guide here:

https://communities.cisco.com/docs/DOC-64969

(Partner access required.)

NETAD · ‎11-17-2017

Hey Marvin, is it recommended to start in monitor mode and eventually move it to inline?

c880gm-d2h1 · ‎11-20-2017

Hi,

I was wondering the same, what is the best practice to deploy the Firepower whit the default action as discovery network only or with and IPS policy like balanced security and connectivity without the drop when inline button, and then after a certain period of time, for example after a week, use the cisco recommendations, but now with the drop when inline option enabled.

Best Regards,

UJ. Garcia.

Andy Viar · ‎05-23-2015

This site's video training has been helpful: http://www.labminutes.com/video/sec/ASA%20FirePower

toddlammle · ‎11-22-2017

also, try www.lammle.com/firepower for FTD videos and training and www.lammle.com/about/blog for a long list of FTD issues that are discussed.

erickflamenco · ‎06-11-2018

hi,

Take a look at Cisco Firepower NGIPS Tuning and Best Practices CTHCRT-2000

https://clnv.s3.amazonaws.com/2017/usa/pdf/CTHCRT-2000.pdf

Best Regards,

toddlammle · ‎06-11-2018

I saw this last year. It’s okay. John has an updated talk on this going on this week at cisoc live