cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Security ATXs FAQ: Secure Firewall (formerly NGFW)

1118
Views
0
Helpful
0
Comments
Here are some commonly asked questions and answers to help with your adoption of Cisco Secure Firewall. Subscribe (how-to) to this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.
 
Q. What’s the important updates on Firepower 7.0?
Snort 3 Inspection engine is released, it is more efficient and provides better performance and scalability than Snort 2. Please reference the release note to get more information about Snort3 and other new features: Cisco Firepower Release Notes, Version 7.0.0/7.0.x.

Q. Do I have to purchase a URL license to use the URL list in Security Intelligence?
No, Security Intelligence feature is covered in Threat License.
 
Q. Is there an intention to further integrate Umbrella in roadmap as that would make App and URL filtering central to Umbrella rather device per device mases on FTD deployments?
A: The best integration between Umbrella and Firepower can be achieved with SecureX. From that web console, it's possible to have events and visibility from both solutions.

Q. Does the Firepower Management Center require a license?
A. Firewall Management Center physical or virtual appliances running version 6.0 or later do not require separate management licenses. You can purchase either a physical or virtual FMC appliance. Managed devices still require classic or Smart subscription feature licenses. FMC Virtual Smart SKUs can manage any device running Threat Defense (FMC) software.

Q. Which AMP feature is recommended? Block file or block malware?
A. Block Files rules allow you to block specific file types, regardless disposition of the file is malicious or not. Block Malware rules allow you to calculate the SHA-256 hash value of specific file types, query the AMP cloud to determine if files traversing your network contain malware, then block files that represent threats.

Q. How to add a single IP to blacklist in Security Intelligence?
A. There are two ways to blacklist IP/Domain/URL
1. Right click on the IP/URL that you want to blacklist from connection event table.
2. Include all the IP/DNS/URL you want to blacklist in text files accordingly, have these text files uploaded to Objects > Object Management > Security Intelligence > Network Lists/DNS Lists/URL Lists

Q. How does Firepower detect the vulnerabilities of each host?
A. The main method is to passively check the data packets flowing through the firewall, extract the host-related information, roughly determine the operating system, and the version of some applications, and then compare the obtained information with the known vulnerability database (on different operating systems, The application version will have different known vulnerabilities).
 

Looking for more resources? Go to Cisco Network Security ATXs Resources for the latest guides, recordings and more.


Want to learn more and get real-time Cisco expert advice? Register for the upcoming Ask the Experts (ATXs) sessions.

Simply click on the preferred session time to reserve your spot today! Through live Q&A and solution demos, Ask the Experts (ATXs) real-time sessions help you tackle deployment hurdles and learn advanced tips to maximize your use of Cisco technology.

Level (Lifecycle Pit Stop) Session Name Date PT GMT SGT
Fundamental (Onboard) Use Case Overview and Planning: Internet Edge Protection (new) Jan 12 9:30 AM 9:30 AM 9:30 AM
Feb 2 9:30 AM 9:30 AM 9:30 AM
Getting Started: Stealthwatch (new) Feb 16 9:30 AM 9:30 AM 9:30 AM
Fundamental (Implement) Installation/ Implementation Best Practices: Internet Edge Firewall Jan 19 9:30 AM 9:30 AM 9:30 AM
Feb 9 9:30 AM 9:30 AM 9:30 AM
Advanced (Optimize) Upgrade Planning and Best Practices: Upgrading ISE Jan 25 9:30 AM 9:30 AM 9:30 AM
Feb 24 9:30 AM 9:30 AM 9:30 AM


Don’t want to miss any ATXs? Bookmark the Security ATXs calendar and register for new sessions as they're added, so you can discover more best practices and important tips for your technology.

Create
Recognize Your Peers
Content for Community-Ad