Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1954
Views
0
Helpful
4
Replies

Is A Firepower NGFW Worth It IF You Dont Have The Threat/Malware/URL Licenses?

Go to solution
1timcisco
Level 1
Level 1

‎07-15-2021 07:54 AM

I'm in the infosec field and have a firepower 1010 at home with a base license.  I use it for practice and to manage my home network. 

I was wondering from a security perspective if using this level FW is worth using without the Threat/Malware/URL Licenses vs just using any old firewall from walmart?  I am asking because getting these licenses will cost about $400 USD.  I need to learn about firewalls but my day job is not managing firewalls.  Although, I do need to know how the latest enterprise security solutions work and I feel the only way to do that is to get some time working with it at home.  Thanks for any suggestions or comments.  

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to 1timcisco

‎07-15-2021 09:56 AM - edited ‎07-15-2021 09:58 AM

@1timcisco 

Certainly if you are using FMCv to manage the FTD you will learn a lot more than you would with a walmart firewall and to a certain extent the if using FDM to manage the FTD. You'll be able to test most of the core firewall, vpn concepts on enterprise level firewall, that a lot of customer use.

 

No it's not risky in a home/lab, this is how most of us learn.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎07-15-2021 08:56 AM

If you Looking NGFW, that is the feature you need to Look for. If you looking basic FW you do not need advanced features, no point buying FTD ( for the investment point of view) - but as you mentioned learning, good place to start, you have hands on new tools.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Rob Ingram
VIP
VIP

‎07-15-2021 09:16 AM

@1timcisco 

As you appear to already have purchased the hardware, if you aren't planning on purchasing those licenses then you might be better off re-imaging the device to run ASA software (it can run FTD or ASA code). This is assuming you can get the image for the device.

 

The FTD without using an FMC to manage the device, uses local management via FDM, this has less features than if managed via the FMC. Using ASA software you will be able to configure more of the firewalls features (minus the NGFW features) and learn more about the firewall than you would using FDM. Features missing on FDM include Quality of Service, PBR etc

0 Helpful

Go to solution
1timcisco
Level 1
Level 1
In response to Rob Ingram

‎07-15-2021 09:53 AM

@Rob Ingram 

I am using the FMCv to manage the 1 Firepower 1010 device but the license says its not in compliance.  Is that risky for home/lab use?  Am I gaining much by using FMCv vs the built in FTD?

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to 1timcisco

‎07-15-2021 09:56 AM - edited ‎07-15-2021 09:58 AM

@1timcisco 

Certainly if you are using FMCv to manage the FTD you will learn a lot more than you would with a walmart firewall and to a certain extent the if using FDM to manage the FTD. You'll be able to test most of the core firewall, vpn concepts on enterprise level firewall, that a lot of customer use.

 

No it's not risky in a home/lab, this is how most of us learn.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card