Excellent.. I saw couple of Firepower videos on UA-cam, but your video has covered most of the required details in single video. Thanks for the detailed info..
Many Thanks it was a great explanation really helpful. I think while creating Action Control Policy (ACP) we should first create (Add Category) and in that category we have to create the new rules in these way it will be more granular.
Hi Jason. Great series of videos, thank you for taking the time to make and publish them. I tried to get an interface of the sensor set as SPAN, but no traffic was getting out of the unit. I open a TAC for more details and in short, I heard the FTD cannot generate a SPAN port, and an ERSPAN port listens for SPAN traffic and it too doesn’t generate data. With that said, I’m curious on how this design of yours with a SPAN port was exporting traffic - unless I got it wrong and it is an import interface. Thanks again for your series of videos.
Hi Alex, Thanks for the feedback. In regards to your question. The SPAN port is the source port on another device like a switch. Firepower receives this data on a passive port. Hope that clarifies.
If you are looking for more content around Cisco Security technologies then check out Jason Maynard’s YT channel (includes FTD as well as other Cisco security technologies). cs.co/Jason_Maynard_UA-cam_Channel
Hello, thnx for sharing this video, please if may I ask you how do you solve the feeds issue? Its un upper issue as you say on the video something upstream is blocking, if you let me know, cause i have this issue to in my lab. Thnx a lot again.
Thanks for reaching out! Please log on to the Cisco Firewalls Community (cs.co/6052Kv1ae) where you can connect with experts and peers, and have your FMC questions answered. Have a great day!
my job is cyber security so i think i should add remote desk control on my pc to communicate with the company pc to add and removed any file malware ...etc even blocked the IP if they want, can you tell me which soft wear ...many thanks. Paul
Unfortunately, this feature is not available in FMC. Please check out this Cisco Community thread for more details: community.cisco.com/t5/firewalls/firepower-threat-defense-real-time-log-viewer/td-p/2936567
Can I manage asa 5508-x without FMC and configure routing, ie BGP ? I was reading FDM is installed as default to manage it , but not sure if it supports routing configuration. I need to configure networking on a new site where there are no servers yet to install FMC on.
Hi there. FMC is needed to configure ASA 5508-X. For more details, please refer to this discussion in the Cisco Community: community.cisco.com/t5/firewalls/asa-5508-x-ftd-asdm-fmc-limitations/td-p/3384009
Hello Guys, I need some help please, I'm trying to configure FMC with "configure-network" after set the ip, mask and gateway parameters, I get error saying "unable to connect data-base at /path/PM_control.sock and this file is missing. When I check "pmtool status" i get pmtool:pmtool [ERROR] Unable to connect to UNIX socket at /var/sf/run/PM_Control.sock: No such file or directory
There are many steps and troubleshooting alternatives to solve this issue. We suggest opening a discussion in the community so experts in the area can assist you. You may also open a TAC case. Additionally, this is an example of a similar case: community.cisco.com/t5/firewalls/ip-address-change-virtual-fmc/td-p/3002904 Cisco FMC has many tricks, so it’s most probably going to need many back & forwards to solve it. Here's a general guide that shows the best practices of FMC configuration: www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/vmware/fmcv/FMCv-quick/setup-mcvirtual.html. I hope you find this helpful.
Great content. Can anyone pls let me know the way of adding multiple subnets in single Network object? What if I want to group more than 10 network objects in a single group? Thanks
Thank you for your feedback. Please log on to the Cisco Firewalls Community (community.cisco.com/t5/firewalls/bd-p/5966-discussions-firewalling) where you can connect with experts and peers, and have your FMC questions answered.
By now you probably know, but in case not you can indeed group 10 network objects (subnets or hosts) into a single group on the FMC. You can use ACLs to control access to many different subnets and hosts with object groups.
Hi Soliman. You would purchase the product from Cisco now called FMC (Firepower Management Center) and then it would be available for download. If you want a trial, you'll need to reach out to your local Cisco account team (scroll down and click on 'Contact Cisco' here: www.cisco.com/c/en/us/products/security/firepower-management-center/index.html)
Thank you. It is a great video to introduce the full picture on Firepower 👏
Thank you! I've been searching high and low for a video in FMC usage and yours provides just the detail and depth that I needed.
Excellent.. I saw couple of Firepower videos on UA-cam, but your video has covered most of the required details in single video. Thanks for the detailed info..
Great explanation thank you
excellent, really good video
This is awesome! Could you do more like it? You sir are great to learn from
Hi Mooreas - thanks for the feedback. I have a ton of videos available on my YT channel - cs.co/Jason_Maynard_UA-cam_Channel
Excellent video! Thank you!
Are there any videos for setting up the FMC 1600 and Firepower 1100?
The following video may be helpful to you: ua-cam.com/video/v_uZ9GbICBk/v-deo.html
Very nicely done. Thank U!
Thanks!
Excellent video!!!!
Many Thanks it was a great explanation really helpful. I think while creating Action Control Policy (ACP) we should first create (Add Category) and in that category we have to create the new rules in these way it will be more granular.
Great demo! Thanks a lot
Great video. Thank you!.
thank you !!
Thank you very useful
great info!
Hi Jason. Great series of videos, thank you for taking the time to make and publish them.
I tried to get an interface of the sensor set as SPAN, but no traffic was getting out of the unit. I open a TAC for more details and in short, I heard the FTD cannot generate a SPAN port, and an ERSPAN port listens for SPAN traffic and it too doesn’t generate data. With that said, I’m curious on how this design of yours with a SPAN port was exporting traffic - unless I got it wrong and it is an import interface.
Thanks again for your series of videos.
Hi, Can you share other videos posted by Jason, thanks in advance Regards, Pavan
Hi Alex, Thanks for the feedback. In regards to your question. The SPAN port is the source port on another device like a switch. Firepower receives this data on a passive port.
Hope that clarifies.
Nice overview
Would you demonstrate how the firepower prevent from attack like mallware or something
FTD 101, is that coming soon? one of the best run throughs for FMC, well done!
If you are looking for more content around Cisco Security technologies then check out Jason Maynard’s YT channel (includes FTD as well as other Cisco security technologies).
cs.co/Jason_Maynard_UA-cam_Channel
Hello, thnx for sharing this video, please if may I ask you how do you solve the feeds issue? Its un upper issue as you say on the video something upstream is blocking, if you let me know, cause i have this issue to in my lab. Thnx a lot again.
Thanks for reaching out! Please log on to the Cisco Firewalls Community (cs.co/6052Kv1ae) where you can connect with experts and peers, and have your FMC questions answered. Have a great day!
my job is cyber security so i think i should add remote desk control on my pc to communicate with the company pc to add and removed any file malware ...etc even blocked the IP if they want, can you tell me which soft wear ...many thanks. Paul
You can find out more about our services here: cs.co/6058KqWAo, thanks for your interest!
If you want to block certain URLs, what exactly is the monitor action going to accomplish that?
how is network discovery dealing with assets that chages its IP address.. like PCs for instance?
Hi there, we'd love to help! Please refer to this link: cs.co/6054KmZmk. Let us know if this helps.
Thanks for the video! Can you tell me what is 10.1.253.1 that you used as your default static route?
We're glad you liked the video. 10.1.253.1 is the IP default gateway.
An upstream device towards the internet. This is the route that is used to get to any (0.0.0.0) route that is not otherwise connected or defined
Ty for the video! is it possible to enable real time monitor in FMC?
Unfortunately, this feature is not available in FMC. Please check out this Cisco Community thread for more details: community.cisco.com/t5/firewalls/firepower-threat-defense-real-time-log-viewer/td-p/2936567
"click on the link below", where is the link please?
Hi James. The link is now in the video description.
Can I manage asa 5508-x without FMC and configure routing, ie BGP ? I was reading FDM is installed as default to manage it , but not sure if it supports routing configuration. I need to configure networking on a new site where there are no servers yet to install FMC on.
Hi there. FMC is needed to configure ASA 5508-X. For more details, please refer to this discussion in the Cisco Community: community.cisco.com/t5/firewalls/asa-5508-x-ftd-asdm-fmc-limitations/td-p/3384009
Can you configure load balancing on dual outside WAN interfaces?
Helllo , it possible to share Images FMC and FTP , the old Link does't work
Here is the link to the Cisco FMC, Ahmed: www.cisco.com/c/en/us/products/security/firepower-management-center/index.html?DTID=esoytb000259
Hello Guys, I need some help please, I'm trying to configure FMC with "configure-network" after set the ip, mask and gateway parameters, I get error saying "unable to connect data-base at /path/PM_control.sock and this file is missing. When I check "pmtool status" i get pmtool:pmtool [ERROR] Unable to connect to UNIX socket at /var/sf/run/PM_Control.sock: No such file or directory
There are many steps and troubleshooting alternatives to solve this issue. We suggest opening a discussion in the community so experts in the area can assist you. You may also open a TAC case. Additionally, this is an example of a similar case: community.cisco.com/t5/firewalls/ip-address-change-virtual-fmc/td-p/3002904
Cisco FMC has many tricks, so it’s most probably going to need many back & forwards to solve it. Here's a general guide that shows the best practices of FMC configuration: www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/vmware/fmcv/FMCv-quick/setup-mcvirtual.html. I hope you find this helpful.
Great content. Can anyone pls let me know the way of adding multiple subnets in single Network object? What if I want to group more than 10 network objects in a single group? Thanks
Thank you for your feedback. Please log on to the Cisco Firewalls Community (community.cisco.com/t5/firewalls/bd-p/5966-discussions-firewalling) where you can connect with experts and peers, and have your FMC questions answered.
By now you probably know, but in case not you can indeed group 10 network objects (subnets or hosts) into a single group on the FMC. You can use ACLs to control access to many different subnets and hosts with object groups.
how to get firesight source
Hi Soliman. You would purchase the product from Cisco now called FMC (Firepower Management Center) and then it would be available for download. If you want a trial, you'll need to reach out to your local Cisco account team (scroll down and click on 'Contact Cisco' here: www.cisco.com/c/en/us/products/security/firepower-management-center/index.html)
unfortunately I can push "like" button only one time :D
798 Nigel Mews
Dach Spring
Honestly, this technology is rubbish. You can't do the simplest things with this crap. smartlicense, FMC & FTD-->rubbish
True most of the functions can be handled with Zscaler….Who uses DMZ anymore everything is cloud based now.
Great Content! Thank you!
Thanks!