cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10038
Views
20
Helpful
4
Replies

FirePOWER deployment Best practices / CVD's / deployment guide

Steven Hawkins
Level 1
Level 1

Hi folks!

After a few interactions with FirePOWER, Cisco TAC, Cisco LIve!  Lunch and Learn, and "The Hub" - 

I find myself feeling like still searching for good documentation for a few "Best practices" that would apply to many scenarios.

When I have talked to TAC, the interaction usually involves at some point, the TAC engineer explaining well - you really should be doing such and so thing, because it's best practice.

Are there any deployment guides, best practices guides, or CVD's out there, officially or unofficially?

As a Cisco Partner, I'm left struggling to understand the best way to implement FirePOWER for my customers.


Really the only thing I've found so far is:
LABSEC-2339 - Intermediate - Cisco ASA with FirePOWER services (2016 Berlin) - 4 Hours
https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=89476&tclass=popup
http://d2zmdbbm9feqrf.cloudfront.net/2016/eur/pdf/LABSEC-2339-LG.pdf
http://d2zmdbbm9feqrf.cloudfront.net/2016/eur/pdf/LABSEC-2339.pdf

Any help is very appreciated - thanks guys!

4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

Steven,

As a partner you have access to the POV deployment guides in the Security Partner Community.

Please refer to https://communities.cisco.com/docs/DOC-55882 (partner access required).

Hi Marvin,

Thanks for the response - I did read that, and it did help me get through installing the FirePOWER module software on to the ASA, and get it managed in FirePOWER Management center.

Specifically I'm looking for advice/documentation of what a "basic policy set" looks like for a few scenarios.


Besides the lab guide I referenced above, and the POV Best Pratices guide (for transparent mode), I've not really seen anything referencing advice on what a basic set of policies should contain.

In addition to the policy sets in above, I've found BRKSEC-2018 from Cisco Live! US 2015 to be useful.

Ed Padilla Jr
Level 1
Level 1

Steven, 

   Best practices, is like what is the Utopian practice.   Best practices varies from industry to industry. get to know the company business, and what is their mission and critical assets. Start from there, and do a security network layout.  By ingress/egress traffic, guest/visitor access, R/D, Financial, HR, marketing, regions, etc.  Try to get the most visibility with the minimal cost.  Happy Research

Review Cisco Networking for a $25 gift card