02-07-2017 06:39 AM - edited 03-12-2019 06:16 AM
Hi.
I am very new and inexperienced to the FirePower functionality and have some thoughts and questions on this topic.
We have recently invested in Cisco ASA 5515 with FirePower.
Currently it is only configured in Passive Monitor-Only Forwarding Mode.
I am thinking about getting this configured to Inline Tap Monitor-Only Mode.
If I understand the Cisco documentation correctly, I can start making policies and see what the SFR module would have done with the traffic, without actually implementing/doing anything.
The issue is, that our ASA firewalls already have been running in production for a while, and because of this have the necessary ACL’s and policies in place. We copied the main configuration from our old ASA's to the new 5515 series.
So my question is: Will configuring the SFR module in inline TAP Monitor-only Mode affect the policies already running on the ASA?
02-08-2017 10:25 PM
No it wont.
02-09-2017 01:26 AM
Tnx for the reply.
But could you elaborate a little, so i understand a more how this works?
02-09-2017 10:52 AM
If it is in monitor only mode, then it sends a copy of the data to the FirePower module that matches your service policy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide