09-18-2016 08:24 AM
If you had OpenDNS setup in your environment, would you still have URL filtering on your Sourcefire network device or not?
Solved! Go to Solution.
10-15-2016 03:13 PM
Depending on the company size you may want to combine multiple solutions. If we are talking about a SMB customer ASA w/ Firepower Services using Security Intelligence (IP Reputation) and Web Filtering (Domain/URL Reputation) might be just enough.
In a larger deployment where the customer wants to break SSL and have a wider range of options considering web filtering, WSA would be the logical choice for web traffic. If this would not scale or the customer is not interested in a on-premise solution you may want to use CWS to complement the on-site Firepower solution which is used for NGFW features like AVC, IPS and AMP.
Firepower / OpenDNS / WSA are used for different purposes. Depending on the customer requirements you may have to combine these solutions.
09-21-2016 06:25 PM
Anybody!!!???
09-22-2016 09:29 AM
eduardxhako,
I am moving your post to the NGFW/Firewalls space in the Security community for better visibility and feedback.
Since you are a Cisco Partner, you may want to also post to the Cisco Partner Security Community for additional information.
Kelli Glass
Moderator for Cisco Customer Communities
10-15-2016 04:42 AM
As always in IT it really depends. What are you trying to achieve by using URL filtering? Do you only want to block malicious traffic or have granular control on which content users can access?
OpenDNS is great to filter out malicious domains before they are even accessed but keep in mind that OpenDNS and FirePOWER do not use the same feeds in regards to domain reputation, since Firepower uses Talos Feeds for Security Intelligence (IP/DNS Reputation) and Brightcloud feeds for URL filtering.
TCO will be higher if you use both solutions, but you will end up with a better security solution.
Let me know if this answers your question.
10-15-2016 02:37 PM
Thank you for your input Oliver.
I just wanted to know how different these services are from one another, or how similar.
Now, what if i wanted to use both of them for Granular Control and Block Malicious traffic? Which one would do a better job?
The other thing is, what about WSA (or CWS) for web filtering if we add that to the mix?
I know that more is better in this case, but our customer's company sizes differ. We have small ones, medium, and big ones.
What would be a good solution for each one of them? Small companies can't afford to have all of them.
10-15-2016 03:13 PM
Depending on the company size you may want to combine multiple solutions. If we are talking about a SMB customer ASA w/ Firepower Services using Security Intelligence (IP Reputation) and Web Filtering (Domain/URL Reputation) might be just enough.
In a larger deployment where the customer wants to break SSL and have a wider range of options considering web filtering, WSA would be the logical choice for web traffic. If this would not scale or the customer is not interested in a on-premise solution you may want to use CWS to complement the on-site Firepower solution which is used for NGFW features like AVC, IPS and AMP.
Firepower / OpenDNS / WSA are used for different purposes. Depending on the customer requirements you may have to combine these solutions.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide