Solved: Hi Marvin,Yes recently spoke

sossie · ‎03-08-2015

Hello all,

I've had a bit of a google but can't find anything. We are a MSP and manage ASA firewalls for multiple clients. We are looking to deploy Firepower on ASA5500x models for clients, with the VMware virtual appliance for firepower management at the clients locally.

Is there a way to centrally monitor several firepower installs? We have email alerts for intrusion events but looking for something a bit more fancy for a NOC type view.

For maintenance of rules and policys we would still use the local install, and for more detailed analysis we would look at the local firepower interface.

Thanks, Simon

Marvin Rhoads · ‎03-11-2015

There's not a "manager of managers" for multiple FireSIGHT Management Centers (new name for old Defense Center).

Of course a given FMC can manage multiple sensors / ASA FirePOWER modules but a given sensor or module can only be managed by a single FMC.

View solution in original post

adawa · ‎03-09-2015

Hello, Simon.

Have you checked out Cisco FireSight, which complements Cisco ASA with FirePower services. This is more of threat management console and I'm not sure it can help you monitor Firewall installs. Although, this is a good tool to look into, either way.

http://www.cisco.com/c/en/us/products/security/defense-center/index.html

By the way, do you guys resell Cisco, like the ASA itself?

sossie · ‎03-18-2015

Hi Adawa,

Yes we are a cisco partner and resell Cisco products.

Yes we have used Firesight, Marvin responded with what I was wondering about. Sounds like there isn't anything in particular that manages multiple FireSights.

Simon

Marvin Rhoads · ‎03-18-2015

Simon,

i recently heard there's here's a possibility that the feature you're asking about may be in release 6.0 so keep a watch out for that.

sossie · ‎08-26-2015

Hi Marvin,

Yes recently spoke to our Cisco/SourceFire account manager. My understanding is that the version 6 Firesight will be heading that way and is targeted for early next year.

I also got the impresson that general firewall config will move out of the ASDM to the Firesight. It will be a bit like Checkpoint with the manager/gateway setup. (It needs to, its not clean having two management interfaces)

Cheers

MARK BAKER · ‎11-25-2015

Hi Simon and Marvin,

With general firewall configs moving to Firesight Manager, do you know if this means that ASA5585-X firewall ACLs can be managed by Firesight Manager? I'm not possitive, but it looks like Prime Security Manager is EoS/EoL and I have been trying to determine if Firesight Manager can replace it for non-Firepower ASAs.

Thank you,

Mark

Marvin Rhoads · ‎11-26-2015

Mark,

No you cannot manage ASA ACLs with FirePOWER Manager 6.0. For now it's either ASDM or Cisco Security Manager. As you mentioned, thre's some capability in the EoS PRSM but I've not seen any customers using that feature.

There's a new unified image coming that will accomplish that - look for it to be phased in starting next year (2016).

Marvin Rhoads · ‎03-11-2015

There's not a "manager of managers" for multiple FireSIGHT Management Centers (new name for old Defense Center).

Of course a given FMC can manage multiple sensors / ASA FirePOWER modules but a given sensor or module can only be managed by a single FMC.

Is there a central management for muiltiple firepower ASA's?