Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10037
Views
20
Helpful
4
Replies

FirePOWER deployment Best practices / CVD's / deployment guide

Steven Hawkins
Level 1
Level 1

‎07-13-2016 01:37 PM - edited ‎03-10-2019 06:38 AM

Hi folks!

After a few interactions with FirePOWER, Cisco TAC, Cisco LIve!  Lunch and Learn, and "The Hub" - 

I find myself feeling like still searching for good documentation for a few "Best practices" that would apply to many scenarios.

When I have talked to TAC, the interaction usually involves at some point, the TAC engineer explaining well - you really should be doing such and so thing, because it's best practice.

Are there any deployment guides, best practices guides, or CVD's out there, officially or unofficially?

As a Cisco Partner, I'm left struggling to understand the best way to implement FirePOWER for my customers.


Really the only thing I've found so far is:
LABSEC-2339 - Intermediate - Cisco ASA with FirePOWER services (2016 Berlin) - 4 Hours
https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=89476&tclass=popup
http://d2zmdbbm9feqrf.cloudfront.net/2016/eur/pdf/LABSEC-2339-LG.pdf
http://d2zmdbbm9feqrf.cloudfront.net/2016/eur/pdf/LABSEC-2339.pdf

Any help is very appreciated - thanks guys!

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-13-2016 01:41 PM

Steven,

As a partner you have access to the POV deployment guides in the Security Partner Community.

Please refer to https://communities.cisco.com/docs/DOC-55882 (partner access required).

Steven Hawkins
Level 1
Level 1
In response to Marvin Rhoads

‎07-13-2016 01:52 PM

Hi Marvin,

Thanks for the response - I did read that, and it did help me get through installing the FirePOWER module software on to the ASA, and get it managed in FirePOWER Management center.

Specifically I'm looking for advice/documentation of what a "basic policy set" looks like for a few scenarios.


Besides the lab guide I referenced above, and the POV Best Pratices guide (for transparent mode), I've not really seen anything referencing advice on what a basic set of policies should contain.

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Steven Hawkins

‎07-13-2016 01:54 PM

In addition to the policy sets in above, I've found BRKSEC-2018 from Cisco Live! US 2015 to be useful.

Ed Padilla Jr
Level 1
Level 1

‎07-18-2016 09:54 AM

Steven, 

   Best practices, is like what is the Utopian practice.   Best practices varies from industry to industry. get to know the company business, and what is their mission and critical assets. Start from there, and do a security network layout.  By ingress/egress traffic, guest/visitor access, R/D, Financial, HR, marketing, regions, etc.  Try to get the most visibility with the minimal cost.  Happy Research

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card