Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
15
Helpful
5
Replies

Recommended Firewall [Security] reading

Go to solution
fbeye
Level 4
Level 4

‎03-31-2018 06:43 AM - edited ‎02-21-2020 07:35 AM

Hello

 

I was wondering what sort of path and direction to take on learning more about the security aspect of Cisco.

 

I am getting acquainted with the ASA setup and then I see the NGFW (CX IPS?) and then FirePOWER (also part of the NGFW platform??).

 

Are they all equaly important or are any phasing out or does one trump the other... or does one combine them all and make them obsolete (if the better one is better used).

I have no problems reading about everything but I also don’t wanna invest time on a structure that won’t be used too much longer. 

 

Basically caooy, is there a general reading “path” I should take?

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to fbeye

‎04-01-2018 11:25 AM

Firepower is not a protocol, it is the name of the NGFW solution (hardware/software).

ASA hardware run Firepower as an additional module, there is dedicated Firepower devices that don't run ASA firmware (NGIPS/FTD etc).

The firepower is licensed for all the additional features not available on the ASA - URL Filtering, Application/User control, Malware etc.

View solution in original post

5 Replies 5

Go to solution
Rob Ingram
VIP
VIP

‎03-31-2018 06:54 AM

Hi,

My personal thoughts are that ASA will be around for a few good years yet. Firepower is the future though, this book here is probably useful. I don't believe the CX has much of a future.

HTH

Go to solution
fbeye
Level 4
Level 4
In response to Rob Ingram

‎03-31-2018 07:52 AM

Well that is pleasing... I seem to be in the correct path. 2 weeks ago I received Cisco ASA: All-in-one Next-Generation Firewall, IPS, and VPN Services (3rd Edition) and have been reading (and re reading chapters) and it’s such a rush. I did also purchase the book you suggested 2 days ago and it should be coming Monday. 

What happened was all of a sudden my mind got confused and wondered if all of these were various (equal) safegurds or if some were phasing out and so on so forth. 

 

Is FirePOWER a title for a series of protocols or is FirePOWER a protocol itself? Is ASA categorized under FirePOWER (Newer implementations) or completely separate. 

 

I understand ASA are access list permission type configurations but I also am under the impression FirePOWER is more of a license format?

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to fbeye

‎04-01-2018 11:25 AM

Firepower is not a protocol, it is the name of the NGFW solution (hardware/software).

ASA hardware run Firepower as an additional module, there is dedicated Firepower devices that don't run ASA firmware (NGIPS/FTD etc).

The firepower is licensed for all the additional features not available on the ASA - URL Filtering, Application/User control, Malware etc.

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to fbeye

‎04-01-2018 06:21 PM

The FTD book recommended by RJI is the current gold standard. It will explain a lot of the answers to your questions.

 

Classic Cisco IPS is end of life and the CX module is end of sales for several years and approaching end of life.

Go to solution
fbeye
Level 4
Level 4

‎04-01-2018 08:26 PM

Awesome.

 

Thank you, both.

 

Looking forward to finishing my current book and beginning the new one, as suggested.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card