We have four Firepower firewalls along an edge at different locations sharing an ACL policy and NAT policy on the FMC. So we make a change in the policy, it is pushed to all four Firewalls.
However, there are a handfull of rules that are specific to each Firewall only (and not the others). Say for example, each has it's own specific DMZ which aren't in the same zone/IG as the other firewall interfaces. Now, when I add those rules specific to only one Firewall into the policy and try to push the policy to all Firewalls, I get the "this policy references interface not applicable to this firewall" error (words to that effect) which makes total sense.
So what would be best practice in this instance? Ideally, I would like to be able to apply multiple policies to each Firewall...one policy all four firewall have, then a single policy for each of the firewalls containing only the 'locally significant' stuff, but that doesn't seem like a thing.
Any advice (such as read about xxxx) would be greatly appreaciated.
This month, we're excited to bring awareness to a newly formed partnership between Cisco Secure and IBM.
Securing today's dynamic enterprise applications is critical. With hybrid and multi-cloud adoption, traditional network-based security ran into limita...
Listen: https://smarturl.it/CCRS8E42Follow us: twitter.com/CiscoChampion
APIClarity is an open source, cloud-native visibility tool for APIs. It utilizes a Service Mesh framework to capture and analyze API traffic and identify potential risks.
Hello everyone, A new video in the Cisco Secure Terraform Series has just been published. If you are interested in Infrastructure as Code, and Terraform, you don't want to miss out on this amazing series with Jason "Canadian Bacon" Maynard! Newe...
The Cisco Secure Firewall and SecureX teams are looking for feedback from active Secure Firewall users who may or may not have already activated SecureX. Your responses will help us improve the Firepower experience in SecureX. Th...