Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1589
Views
0
Helpful
1
Replies

firepower ips config guide

Go to solution
mulhollandm
Level 1
Level 1

‎10-25-2016 03:52 PM - edited ‎03-10-2019 06:42 AM

folks

I have a pair of 5585x boxes with firepower and I have to set up the firepower ips

I only want ips so I'm looking a simple guide to understand how to configure and deploy a firepower ips policy

can someone point me in the right direction please?

thanks to anyone taking the time to respond

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-26-2016 01:26 PM

I have found Cisco Live presentation BRKSEC-2018 (from 2015) to be very useful. It has a nice overview and goes into some detail about the various policies that should be setup. 

It can be found here: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=83675

See from slide 57 onward which starts by explaining 

Six basic policies need to be defined:

•System Policy—manages system-level settings such as audit logs, mail relay, etc
•Health Policy—a collection of health module settings to check the health of devices
•Network Discovery Policy—defines how the system collects data of network assets
•File Policy—used to perform file control and AMP (Applied as part of Access Control Rule)
•Intrusion Policy—defines IPS rules to be enabled for inspection (Applied as part of Access Control Rule)
•Access Control Policy—permits/denies traffic through the device, defines which Intrusion/File policies are applied to traffic flows

Later sections walk through each of those.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-26-2016 01:26 PM

I have found Cisco Live presentation BRKSEC-2018 (from 2015) to be very useful. It has a nice overview and goes into some detail about the various policies that should be setup. 

It can be found here: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=83675

See from slide 57 onward which starts by explaining 

Six basic policies need to be defined:

•System Policy—manages system-level settings such as audit logs, mail relay, etc
•Health Policy—a collection of health module settings to check the health of devices
•Network Discovery Policy—defines how the system collects data of network assets
•File Policy—used to perform file control and AMP (Applied as part of Access Control Rule)
•Intrusion Policy—defines IPS rules to be enabled for inspection (Applied as part of Access Control Rule)
•Access Control Policy—permits/denies traffic through the device, defines which Intrusion/File policies are applied to traffic flows

Later sections walk through each of those.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card