Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
289
Views
0
Helpful
1
Replies

Network Discovery (Firepower) for Hosts What is external?

DannyDulin
Level 1
Level 1

‎04-17-2023 06:47 AM

Hello Everyone.

I need a little help discerning what devices to include in my Network Discovery policy.

Please allow me to explain the topology.

Our Firepower is protecting servers we have in an external data center. You could almost consider this a branch office.

We also have servers and clients at our Headquarters. These devices access the servers in the external data center. Although the headquarters devices are not public devices, they are still "outside" the external data center and outside the protection of the Firepower.

Should we exclude the Headquarters devices from the Network Discovery policy since they are not protected by the Firepower?

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-17-2023 08:00 AM

Network Discovery policy isn't as critical as it will just enrich data about observed hosts.

More important is to set your HOME_NET and EXTERNAL_NET variables correctly in your Objects, Variable Set. Those affect what is considered inside and outside with respect to Snort rules.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card