--> Firepower Threat Defense can be configured either in Next Generation Firewall Mode or Next Generation IPS Mode.
i) Firewall Mode
--> Firewall mode can be either configured in Routed Mode or Transparent Mode.
--> In Routed mode, each and every interface of the FTD is associated with an IP Address.
--> Access Control Policies are used to filter the traffic which is moving between the one or more interfaces of FTD.
--> In Transparent Mode, Firepower threat defense will act as the bump in the wire.
--> All the interfaces in the FTD will be grouped into one bridge group and assigned one IP address on bridge group interface.
--> No modification of network is required if you configure FTD mode into the Transparent mode.
ii) Next Generation IPS mode
--> Firewall mode can be either configured in Inline IPS Mode or Passive IDS Mode.
--> In Inline Mode, IPS will be configured directly in the line of the packet flow, which allows inspecting all the traffic moving from inside network to outside network.
--> Access Control Policy is used to take action on inspected traffic whether to drop or monitor the traffic.
--> In Passive Mode, IPS will not be configured directly in the line of the packet flow. It is basically connected to the switch where we will configure SPAN to mirror all the traffic to IPS.
--> In Passive Mode, Firepower threat defense will act as the IDS, if it founds any abnormal activity it simply notifies the administrator.
--> It is possible to configure some interfaces of FTD to be in firewall mode and some interfaces to be in IPS mode.
i) Firewall Mode
--> Firewall mode can be either configured in Routed Mode or Transparent Mode.
--> In Routed mode, each and every interface of the FTD is associated with an IP Address.
--> Access Control Policies are used to filter the traffic which is moving between the one or more interfaces of FTD.
--> In Transparent Mode, Firepower threat defense will act as the bump in the wire.
--> All the interfaces in the FTD will be grouped into one bridge group and assigned one IP address on bridge group interface.
--> No modification of network is required if you configure FTD mode into the Transparent mode.
ii) Next Generation IPS mode
--> Firewall mode can be either configured in Inline IPS Mode or Passive IDS Mode.
--> In Inline Mode, IPS will be configured directly in the line of the packet flow, which allows inspecting all the traffic moving from inside network to outside network.
--> Access Control Policy is used to take action on inspected traffic whether to drop or monitor the traffic.
--> In Passive Mode, IPS will not be configured directly in the line of the packet flow. It is basically connected to the switch where we will configure SPAN to mirror all the traffic to IPS.
--> In Passive Mode, Firepower threat defense will act as the IDS, if it founds any abnormal activity it simply notifies the administrator.
--> It is possible to configure some interfaces of FTD to be in firewall mode and some interfaces to be in IPS mode.
Md.Kareemoddin ( CCIE # 54759)
No comments:
Post a Comment