Solved: products in security portfolio

ciscoworlds · ‎10-21-2016

Hi; I'm new in security, despite that I've worked a while with ASA 5500-x, but the new changes in Cisco products made me confused. I started to search the internet and watch some videos to grasp the fundamentals, but it confused me even more. so I decided to ask here.

my main question is the meaning and application of these terms:

1. what is "Firepower Management Center"?

2. what is FireSight? is it another name for "Firepower Management Center"?

3. is the "Firepower NGFW" another name for Firepower Treat Defense (FTD) unified image (which is new and under development)?

4. if I want to download Firepower image from the Cisco and put it on a SSD drive on my ASA 5515-x, which image need to be downloaded? (Firepower NGIPS or Firepower NGFW)?

I really think these different names and acronyms are confusing, so please clarify me if you don't mind. tnx.

Flavio Costa · ‎10-21-2016

Hey!

1. what is "Firepower Management Center"? The Cisco Firepower Management Center is the administrative nerve center for a number of Cisco security products running on a number of different platforms. It provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. The Management Center is the centralized point for event and policy management for the following solutions:

● Cisco Firepower Next-Generation Firewall (NGFW)

● Cisco ASA with FirePOWER Services

● Cisco Firepower Next-Generation IPS (NGIPS)

● Cisco FirePOWER Threat Defense for ISR

● Cisco Advanced Malware Protection (AMP)

2. what is FireSight? is it another name for "Firepower Management Center"? Yes, FireSIGHT naming convention was used till release 5.4. Understanding new terminologies: http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118521-technote-firesight-00.html; Release notes: http://www.cisco.com/c/en/us/support/security/defense-center/products-release-notes-list.html

3. is the "Firepower NGFW" another name for Firepower Treat Defense (FTD) unified image (which is new and under development)? Kind of, first of all, the FTD is the unified image of ASA with FirePOWER Services (you get it right!), hence, you will no longer need ASDM to manage L3-4 features of the firewall, FMC with full parity (on roadmap), will do it all (L3-L7 features). The Next Generation Firewall name, emphasizes that our solution has not only basic firewall features, but also advanced ones, like integrated NGIPS, URL filtering, malware protection with AMP, and so on.. So we can say that ASA with FirePOWER is our NGFW, FTD as you said, is the name of that unified image.

4. if I want to download Firepower image from the Cisco and put it on a SSD drive on my ASA 5515-x, which image need to be downloaded? (Firepower NGIPS or Firepower NGFW)? Firepower NGFW, but please, before proceeding to that, check the performance hit before enabling any features, it's possible that you need to migrate to a new appliance in order to have a NGFW.

I hope that clarifies everything!

.:|:.:|:. Flavio Costa
CISCO Virtual Systems Engineer - Security
Sao Paulo, Brazil

View solution in original post

Flavio Costa · ‎10-21-2016

Hey!

1. what is "Firepower Management Center"? The Cisco Firepower Management Center is the administrative nerve center for a number of Cisco security products running on a number of different platforms. It provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection. The Management Center is the centralized point for event and policy management for the following solutions:

● Cisco Firepower Next-Generation Firewall (NGFW)

● Cisco ASA with FirePOWER Services

● Cisco Firepower Next-Generation IPS (NGIPS)

● Cisco FirePOWER Threat Defense for ISR

● Cisco Advanced Malware Protection (AMP)

2. what is FireSight? is it another name for "Firepower Management Center"? Yes, FireSIGHT naming convention was used till release 5.4. Understanding new terminologies: http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118521-technote-firesight-00.html; Release notes: http://www.cisco.com/c/en/us/support/security/defense-center/products-release-notes-list.html

3. is the "Firepower NGFW" another name for Firepower Treat Defense (FTD) unified image (which is new and under development)? Kind of, first of all, the FTD is the unified image of ASA with FirePOWER Services (you get it right!), hence, you will no longer need ASDM to manage L3-4 features of the firewall, FMC with full parity (on roadmap), will do it all (L3-L7 features). The Next Generation Firewall name, emphasizes that our solution has not only basic firewall features, but also advanced ones, like integrated NGIPS, URL filtering, malware protection with AMP, and so on.. So we can say that ASA with FirePOWER is our NGFW, FTD as you said, is the name of that unified image.

4. if I want to download Firepower image from the Cisco and put it on a SSD drive on my ASA 5515-x, which image need to be downloaded? (Firepower NGIPS or Firepower NGFW)? Firepower NGFW, but please, before proceeding to that, check the performance hit before enabling any features, it's possible that you need to migrate to a new appliance in order to have a NGFW.

I hope that clarifies everything!

.:|:.:|:. Flavio Costa
CISCO Virtual Systems Engineer - Security
Sao Paulo, Brazil

ciscoworlds · ‎10-21-2016

Thanks for your detailed answer :)