Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
619
Views
0
Helpful
1
Replies

Deploying FTDv on prem vs cloud

MuathA.
Level 1
Level 1

‎06-20-2023 06:58 PM

Hello, 

 

We are currently in the process of building the network infrastructure for one of our clients, and the IT management is considering deploying FTDv (Firepower Threat Defense virtual) in a public cloud, specifically on an ESXi server. I have a few questions regarding this:

1. Is it possible to deploy FTDv in the cloud to protect the LAN network on-premises?
2. If FTDv is deployed in the cloud, how would the traffic flow work? For example, if a user on-premises wants to ping 8.8.8.8, would the packet go through an IPsec tunnel to the cloud network and then be subjected to NAT from the inside to the outside interface of the FTDv?
3. Is it an ideal and common design practice to deploy FTDv in the cloud, particularly if the client lacks sufficient resources and powerful physical servers on-premises? Or should I advise them to invest in a physical server and deploy FTDv on-premises?

 

Thanks!

 

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-20-2023 09:48 PM

Firewalls installed in the cloud are almost always used to secure access to and from resources in that same cloud. While you could technically route your on-premise traffic via an IPsec tunnel to that cloud firewall and thence on to the Internet, it would not make sense for any use case I can think of. Performance would be decreased and you would pay for the traffic going into and coming out of the cloud that doesn't need to go there in the first place.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card