Solved: Re: FMC for ASA 5525-X with Firepower/Firepower IPS

marine253 · ‎10-14-2018

Hello , I have been quoted the above ASA with firepower and Firepower IPS.

My question is , is FMC required to managed the ASA 5525-x firepower/IPS or can i do this via ASDM?

Will i be able to create firewall/IPS policies without FMC?

Thank you,

Mohammed al Baqari · ‎10-14-2018

Yes you can manage firepower IPS using ADSM in terms of creating policies,
etc as long as it is running as service mode instead of FTD.

However, FMC provide more features than configuration such as correlation
policies, advanced monitoring and IOC, NMAP scans, etc.

For one device I suggest that you stick with ASDM as FMC will be overkill.

View solution in original post

Mohammed al Baqari · ‎10-15-2018

Correct.

View solution in original post

Mohammed al Baqari · ‎10-14-2018

Yes you can manage firepower IPS using ADSM in terms of creating policies,
etc as long as it is running as service mode instead of FTD.

However, FMC provide more features than configuration such as correlation
policies, advanced monitoring and IOC, NMAP scans, etc.

For one device I suggest that you stick with ASDM as FMC will be overkill.

marine253 · ‎10-14-2018

Hello,

What do you mean by service mode?

We want to use all the FTD features available as we purchased all the required FTD licenses etc..

Mohammed al Baqari · ‎10-14-2018

In meant that you are going to run ASA as firewall and FirePower as service
module.

FTD is basically converting ASA with FirePower Service module to operate as
single unit.

Now which method to use (ASA+SM or FTD) is subject to your requirements,
mainly feature set. Not all features in ASA are supported in FTD yet.

marine253 · ‎10-14-2018

Ah ok , thank you.

I am going to use ASA + SM. Then if i refer to your previous post , no need for FMC to manage the SM? ASDM should do it right?

Thank you,

Mohammed al Baqari · ‎10-15-2018

Correct.