firepower

miracle_david@yahoo.com · ‎07-18-2020

Hi specialists,

When starting-up firepower & face to "locally config", what will occur if I choose "Yes"?
Policies-->Network discovery-->Networks-->Add rule What's the difference between "host" & "user"?
What does "generate event" do with a signature? policies-->access control-->intrusion
Does it support PAT?

Thanks

balaji.bandi · ‎07-18-2020

When starting-up firepower & face to "locally config", what will occur if I choose "Yes"?

BB - this means you need to have FDM to manage firepower.

Policies-->Network discovery-->Networks-->Add rule What's the difference between "host" & "user"?

BB -
user input data—Data added through the Firepower System user interface. You can modify a host’s operating system or application identity through this interface.
host import input data—Data imported using a command line utility.

more information can be find here :

https://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/Introduction_to_Network_Discovery.html#ID-2221-000001f4

What does "generate event" do with a signature? policies-->access control-->intrusion

BB - If any of the policy matches, it generates for review or co-relation

https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Getting_Started_with_Intrusion_Policies.html

Does it support PAT?

BB- yes it does

configuration for reference :

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/212702-configure-and-verify-nat-on-ftd.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

miracle_david@yahoo.com · ‎07-20-2020

Thanks sir for replying all my questions spectacularly.

What does Network Discovery do?

How long is Firepower's recommendation for Network Discovery? Shall I remove Network discovery after it finished its duty?

What's the difference between signature & policy in NGIPS?

Thanks

balaji.bandi · ‎07-21-2020

have you got time to read the document which i was suggested on other post ?

Most of the below questions already answereed : (let me answer in short)

What does Network Discovery do?

BB- discover your network devices

How long is Firepower's recommendation for Network Discovery? Shall I remove Network discovery after it finished its duty?

BB - 10min to few days or months - depends on network size and what you like to discover in the network

What's the difference between signature & policy in NGIPS?

BB - Thread will help you

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

miracle_david@yahoo.com · ‎07-21-2020

Thanks sir for your great replies, actually, I had a look to your documents but you're right I'll read them in-depth. By the way, do u live in US?

balaji.bandi · ‎07-21-2020

Sure you need to read more documents to understand, so some time we over look.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

miracle_david@yahoo.com · ‎07-22-2020

Hi again, I'm studying document about NAT u sent me earlier. I faced these expressions "interface group", "LINA CLI" What do them mean? Which Firepower ver is it? & What Firepower version is standard in today's market?

What does "translate hits" mean in "show nat"? show cap CAPI, show cap CAPO?

Thanks again