02-05-2020 09:51 PM
can someone told me what is the difference between SFR and IPS module ?
02-05-2020 10:07 PM - edited 02-05-2020 10:20 PM
Hi,
In Cisco ASA, we used to have legacy IPS modules for intrusion prevention services only.
After Cisco acqusition of Firepower, they started integrating Firepower services in ASA by adding additional module they called Firepower module/SFR which offers three services:
- NGIPS
- Advance Malware Protection
- Content/URL Filtering
Each of these features requires licenses to enable it on ASA in addition to ASA with SFR module.
In some of the ASA 5500-X , we have two type of software codes available. ASA code with additional module SFR/Firepower services and second one is FTD. FTD or Firepower Threat Defence is a unified software code having functionality of ASA ( L3/L4 Routing, NAT, Routing ) + Firepower ( AMP, Content Filtering, NGIPS) combined or unified.
ASA with Firepower Serivces/SFR is two seperate engines reside in a box while FTD is a single unified code for both type of features. Some of the ASA 5500-X appliances do supports FTD code also but release notes need to be checked for latest version as we have started seeing that some of the ASA's cannot suppor latest software release of FTD.
Cisco have now new Firepower appliances that can run ASA code ( ASA only ) or FTD code. Different platforms are available depending on the size or requirements like FTD 1000/2000/4000/9300.
02-05-2020 11:07 PM
02-06-2020 12:14 AM - edited 02-06-2020 12:24 AM
Hi,
Control is the the license that comes free. It will allow policy for application control, feature is called AVC or application visibility and control
. Policies can be allow or block applications which can be for every one or for specific users.
Protection is NGIPS license that will provide protection against intrusion. Those intrusions typically targeted against known vulnerabilities of our operating systems. Further it will also add Security intelligence which will block the connections if initiated from malicious or bad reputed source from outside.
Have a look on below.
02-06-2020 10:27 PM
@akash.tiwari let us know for any further info.
- plz rate solution as helpful/accepted as solution if it helped you out. It will be helpful for others who's seeking answers for similar query
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide