01-18-2018 02:18 AM - edited 02-21-2020 07:09 AM
Hi,
I'm looking for an IPS and IDS solution to protect my my medium sized company's network. Can anyone please recommend the best IPS and IDS solution for my company?
Thanks
Anton
01-18-2018 07:12 AM
Posting that question on the Cisco Support Community kind of leads you to a Cisco product. :)
Which one depends a lot on your existing security products and the amount of throughput your require.
01-18-2018 08:07 AM
Hi Marvin,
Thanks for your reply.
Yes I'm looking cisco IPS/IDS product.
Currently I'm running IP/IDS on asa firewall itself. I'm looking for a centralized IPS/IDS solution for our company as we have few branches in different cities.
Thanks
01-18-2018 08:19 AM
Does all the traffic go through a single firewall at Hqs for Internet access or does each branch have direct Internet access?
Which IPS type are you currently running and on what hardware model? Firepower is the current generation and it offers centralized management of policy, devices and logs via the Firepower Management Center product.
01-19-2018 08:25 AM
Hi Marvin,
Each branch has its own direct internet access.
We're running firepower on every branch's cisco asa 5516 firewall.
Thanks
01-19-2018 09:27 AM
As long as each branch has direct Internet access and an ASA with Firepower services, there's always going to be distributed IPS functionality.
You should be using Firepower Management Center (FMC) to centrally manage all of the policies and gather all of the connection events.
01-23-2018 02:34 AM
Thanks Mervin.
Can you run Firepower Management Center (FMC) on the cloud?
Thanks
01-23-2018 05:19 AM
FMC can run in the cloud. It's supported natively in AWS:
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/aws/fmcv-aws-qsg.html
It's not supported on other cloud providers' platforms like Microsoft's Azure or Google's GCP.
01-23-2018 05:53 AM
Thanks Marvin!
01-23-2018 06:07 AM
You're welcome.
Please give a helpful rating or mark your question as answered if it has been.
02-05-2018 06:49 AM
Hi Marvin,
Just a quick question.
I have Protection, Control, URL Filtering licenses on all our branch office ASA. So, I'm planing to deploy a Firepower Management Center to centrally manage them, in order to do that,
Do I still need a separate licenses for those features to be activated in FMC?
Do I still need a separate license for FMC?
Thanks
02-05-2018 06:56 AM
When you manage classic licenses (such as are used by ASA Firepower modules) you install the license keys on FMC itself. If you had previously been using ASDM, you will need to rehost those licenses to FMC.
FMC itself is a licensed product. The VM form factor can be purchased with license to manage either 2, 10 or unlimited (in reality up to 25 maximum) sensors (remote devices).
02-05-2018 07:10 AM
Thanks for your quick reply.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide