Threat Intelligence Feeds or Reputation-Based filtering is a crucial part of the security configuration to prevent the intruders from entering the network. As security administrators, we want to ensure that the intruders do not compromise the network under any circumstances. Reputation-based filtering can be performed based on the following:
TALOS provides the Threat Intelligence Feeds and updates them regularly. Firepower Threat Defense devices ingest these feeds through the management console, which can be either Firepower Management Center or Firepower Device Manager. The user can configure the frequency of updating the feeds.
While TALOS provides a comprehensive list of feeds, the key is to collaborate and integrate with third-party sources for threat intelligence.
Cisco Threat Intelligence Director (TID) provides the capability for third-party integration of security feeds. TID enhances the system’s ability to block connections that are based on Security Intelligence Feeds from third-party sources such as the following:
TID supports an extra SHA-256 parameter that has values in addition to IP and URL.
TID supports other ingestion parameters such as STIX and TAXII.
TID configuration does not require policy redeployment.
This feature is available on FMC version 6.2.2 or above with 15GB memory.
To know more about Third-Party Integration of Security Feeds with FMC (Cisco Threat Intelligence Director), read:
Hello, I have FTD on ASA 1010 and I would like to block file exchange to and from google drive. I have set up a rule with no luck. Where do you suggest is the best place to put the rule? Access policy or somewhere else? Thanks and reg...
Hi,I tried guest flow in ISE 2.7 and I'm facing issue with initial MAC authentication for redirect. I have standard configuration - identity source Guest Users with "If User now found" option set to Continue - the standard settings I guess.When the MAC ar...
Hi,I have issue with loading conditions editor in ISE 2.7. It worked fine, but suddendly stopped loading. The page loads but with no content and there's only blue circle like it's loading. I tried to do new upgrade from 2.6 and the situation is still the ...
Dear All, We have some requirement related to cisco FTD form FDM. What I need in configuration ?There is a Cisco Core switch installed in same DC which is configured as Layer 2, one separate L3 VLAN needs to be created which will be forwarding a...
I am unable to connect VPN through my mobile device. I tried both android and iphone phones, but both are failing. Please find the log file as attached. I am getting following message "The secure gateway has rejected the connection attempt. A new connecti...