cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Key Features in Cisco Secure Firewall Version 7.x

754
Views
10
Helpful
4
Comments

At the core of the new Firewall Threat Defense (FTD) software version 7.x, Snort 3 provides faster and superior threat protection and performance, includes better SecureX integration so SecOPS teams can quickly pivot and correlate events from multiple products. This new version also brings multiple functionalities to secure the remote worker and cloud deployments.

You can ask Cisco Expert JJ Ponce Dominguez any Cisco Secure Firewall Software upgrade question using the JuanPonceDominguez_0-1641581091404.png button below the post.

Cisco Secure Firewall - Firepower 7.x - (Updated Jan 22).png

We invite you to visit the Cisco Secure Firewall youtube channel, where many of the new features are explained in detail:

https://www.youtube.com/cisco-netsec

Customers running older software versions 6.2, 6.3, 6.4 and 6.5 should upgrade to at least version 6.6.5 or higher. The Cisco Secure Firewall LevelUp tool provides guidance and assistance to help with this process.

The LevelUp tool will provide an upgrade checklist including best practices and key factors to consider before upgrading. Learn more about how to get your report by visiting the following resource:

levelup.png

https://www.cisco.com/c/m/en_us/products/security/firewalls/setup-guide.html#~upgrade 

Ready to begin your upgrade? Take advantage of new software features and resolve issues by starting with the below content:

Comments
Marvin Rhoads
VIP Community Legend

@Juan Ponce Dominguez Migrating to Snort 3 appears to removed the ability to directly generate and use "Firepower Recommendations" for IPS policies. Instead we must first do it for Snort 2 and then manually sync Snort 2 and Snort 3 policies.

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/snort3/config-guide/snort3-configuration-guide-v70/tailoring-intrusion-protection.html

With the older version we could simply schedule a task to do this automatically.

Can you comment on this?

Juan Ponce Dominguez
Cisco Employee

Hello @Marvin Rhoads ,

Version 7.1.0 FMCs now support intrusion rule recommendations for FTD devices with Snort 3, including Version 7.0.0/7.0.x devices.

To configure this feature, edit the Snort 3 version of an intrusion policy and click the Recommendations button (in the left pane, next to All Rules)

More here: https://www.cisco.com/c/en/us/td/docs/security/firepower/710/snort3/config-guide/snort3-configuration-guide-v71/tailoring-intrusion-protection.html#ID-2213-000000e4_snort3

JJ

Marvin Rhoads
VIP Community Legend

Thanks @Juan Ponce Dominguez for that update on 7.1.

Do you know if the feature will be back-ported into 7.0.x since 7.0 is the designated Extra Long Term Release and 7.1 is only a Short Term Release?

https://www.cisco.com/c/en/us/products/collateral/security/firewalls/bulletin-c25-743178.html

Juan Ponce Dominguez
Cisco Employee

Hello @Marvin Rhoads , there are no plans to add this functionality to 7.0 releases, just 7.1 onwards.

JJ

Create
Recognize Your Peers
Content for Community-Ad