- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2016 08:24 AM
If you had OpenDNS setup in your environment, would you still have URL filtering on your Sourcefire network device or not?
Solved! Go to Solution.
- Labels:
-
NGFW Firewalls
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2016 03:13 PM
Depending on the company size you may want to combine multiple solutions. If we are talking about a SMB customer ASA w/ Firepower Services using Security Intelligence (IP Reputation) and Web Filtering (Domain/URL Reputation) might be just enough.
In a larger deployment where the customer wants to break SSL and have a wider range of options considering web filtering, WSA would be the logical choice for web traffic. If this would not scale or the customer is not interested in a on-premise solution you may want to use CWS to complement the on-site Firepower solution which is used for NGFW features like AVC, IPS and AMP.
Which one would do a better job?
Firepower / OpenDNS / WSA are used for different purposes. Depending on the customer requirements you may have to combine these solutions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2016 06:25 PM
Anybody!!!???

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-22-2016 09:29 AM
eduardxhako,
I am moving your post to the NGFW/Firewalls space in the Security community for better visibility and feedback.
Since you are a Cisco Partner, you may want to also post to the Cisco Partner Security Community for additional information.
Kelli Glass
Moderator for Cisco Customer Communities
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2016 04:42 AM
As always in IT it really depends. What are you trying to achieve by using URL filtering? Do you only want to block malicious traffic or have granular control on which content users can access?
OpenDNS is great to filter out malicious domains before they are even accessed but keep in mind that OpenDNS and FirePOWER do not use the same feeds in regards to domain reputation, since Firepower uses Talos Feeds for Security Intelligence (IP/DNS Reputation) and Brightcloud feeds for URL filtering.
TCO will be higher if you use both solutions, but you will end up with a better security solution.
Let me know if this answers your question.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2016 02:37 PM
Thank you for your input Oliver.
I just wanted to know how different these services are from one another, or how similar.
Now, what if i wanted to use both of them for Granular Control and Block Malicious traffic? Which one would do a better job?
The other thing is, what about WSA (or CWS) for web filtering if we add that to the mix?
I know that more is better in this case, but our customer's company sizes differ. We have small ones, medium, and big ones.
What would be a good solution for each one of them? Small companies can't afford to have all of them.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-15-2016 03:13 PM
Depending on the company size you may want to combine multiple solutions. If we are talking about a SMB customer ASA w/ Firepower Services using Security Intelligence (IP Reputation) and Web Filtering (Domain/URL Reputation) might be just enough.
In a larger deployment where the customer wants to break SSL and have a wider range of options considering web filtering, WSA would be the logical choice for web traffic. If this would not scale or the customer is not interested in a on-premise solution you may want to use CWS to complement the on-site Firepower solution which is used for NGFW features like AVC, IPS and AMP.
Which one would do a better job?
Firepower / OpenDNS / WSA are used for different purposes. Depending on the customer requirements you may have to combine these solutions.
