02-17-2020 06:36 AM
Hi all, i'm finding it a bit of a minefield determining if the FPR-2100-NGFW is EAL4 certified (common criteria) https://www.commoncriteriaportal.org/products/
According to the CC site it is not, however this link from Cisco suggests that it is (but doesn't say to which level) - https://www.cisco.com/c/en/us/td/docs/security/firepower/2100/hw/guide/b_install_guide_2100/overview.html
Ideally i'd like to take advantage of having this fwall deployed with IPS available, as i understand it the only way to achieve this is to run with the firepower image. Or is there a way to run ASA code and then access the firepower module separate?
thanks
Solved! Go to Solution.
02-18-2020 12:39 AM
You're welcome.
I'd recommend you first inquire with your Cisco account manager whether CC certification testing is underway or planned for the 2100 series.
02-17-2020 07:47 PM
I don't believe the 2100 series was specifically evaluated. I suspect the stub reference in the documentation is incorrectly copied over from the 4100/9300 series documentation.
If you run ASA code (logical device) on any Firepower 1000, 2100 or 4100 series appliance then you cannot also run either an FTD device or configure a Firepower service module.
02-18-2020 12:18 AM
Thanks Marvin, appreciate the response. So i'm looking at the 4300 or higher, which given the price point isn't a starter in this scenario
I don't really want to be running separate IPS appliances - i guess i could consider the 5525X
02-18-2020 12:39 AM
You're welcome.
I'd recommend you first inquire with your Cisco account manager whether CC certification testing is underway or planned for the 2100 series.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide