Cisco Firepower Threat Defense 6 2 2: Some differences when leveraging Firepower
Вставка
- Опубліковано 10 лют 2025
- Walk through of some differences when leveraging Firepower Threat Defense.
This session will include the following items:
IPS
- Rules and Firepower Recommendations
- Variable Sets
- Example Policy Build
Network Discovery
- Example Policy Build
Hosts and Vulnerabilities
Firepower Advanced Malware Protection
- Example Policy Build
- Retrospection
- File Trajectory
Application Visibility and Control (OpenAppID)
- Example Policy Build
- Custom Application Creation
Jason you're such a great teacher, i want to ask how about prevent sql injection attack
Thanks @Juliano! Will see about adding and example for you.
I have a question on your entries on the Zones tab when "Adding Rules". I've started to see that the "Zones Tab" is being left blank. In this video you are explaining your entries. Why would you use this tab and what affects does it have?
Does it make a difference if you leave it blank?
Does it add granularity to the rule or just adds an additional Description or Explanation?
Hi David, zones are like any other attribute that define the rule. If you do not leverage a zone then it will look to match the flow from any zone, likewise if you define the zone it will only look for flows that only come from that zone. The goal is to uniquely define the flow that will match the rule with the least amount of attributes required. I talk a little bit about rules and attributes here - cisco.lookbookhq.com/ngfw_ftd_common-practices
Let me know if that helps.
Jason, do you teach Cisco Firepower FTD classes?
Hi mmccrack3n - No, I have not taught a full class. At least not yet.