Firepower 6.3.x Passive Identity policy load on nodes and best practice
I tested successfully in a Lab to have Passive Identity information shared via PxGrid between ISE 2.6 and FMC 6.3.
What I would like to know is the following
1) load that Identity policy can have on a Firepower node (for both ASA+FirePOWER and FTD) and if fine tuning of rules in Identity policy is a must to avoid an impact on the nodes and FMC
2) While configuring a realm on FMC, is there any difference if all security groups are added rather than just adding the ones that will be used for any access rule? is the impact going to be on the FMC or on the Firepower nodes?
3) In case of limiting the number of groups downloaded from the realm configuration, is that going to impact the "visibility" of the passive authentication or just the option to use the SGs in access rules? (practically, if I don't have a SG imported in the realm configuration, can I still see in FMC when a user from that SG is making traffic or that user will not be detected ?)
Any other suggestion are welcome in case anyone already implemented a scenario like this.
Hello team I have configured guest access on ise which is working fine.But rigth now when requestion access, guest can put 4 numeric value in phone number fields. How to force use filling the account creation form with a minimum of 8 numer...
QuestionHello , somebody know if it´s possible to remove the device registration status from the MyDevices portal for the spanish page?By default the status is dispalyed (registered/Pending), this condition was fixed in the english page after load a...
Dears, Please note that I have ASA 5515 running version 9.4.(4)20 and managed through FDM. In addition, I have FMC version 220.127.116.11 for the IPS. I need to upgrade the only the ASA to the latest supported version that work with the FMC version 6.0...
To participate in this event, please use the button to ask your questions
This topic is a chance to clarify your questions about Cisco Threat Response, from its components and new features to ...
Community Live Slides- How to optimize your Cisco Security investments with Threat Response
(Live event - formerly known as Webcast- Tuesday February 18, 2020 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris)
This event had place on Tuesday 18th, Februa...