Cisco Firepower Threat Defense (FTD)
- Length: 800 pages
- Edition: 1
- Language: English
- Publisher: Cisco Press
- Publication Date: 2017-12-14
- ISBN-10: 1587144808
- ISBN-13: 9781587144806
- Sales Rank: #580955 (See Top 100 Books)
Cisco Firepower Threat Defense (FTD): Configuration and Troubleshooting Best Practices for the Next-Generation Firewall (NGFW), Next-Generation … (AMP) (Networking Technology: Security)
The authoritative visual guide to Cisco Firepower Threat Defense (FTD)
This is the definitive guide to best practices and advanced troubleshooting techniques for the Cisco flagship Firepower Threat Defense (FTD) system running on Cisco ASA platforms, Cisco Firepower security appliances, Firepower eXtensible Operating System (FXOS), and VMware virtual appliances.
Senior Cisco engineer Nazmul Rajib draws on unsurpassed experience supporting and training Cisco Firepower engineers worldwide, and presenting detailed knowledge of Cisco Firepower deployment, tuning, and troubleshooting. Writing for cybersecurity consultants, service providers, channel partners, and enterprise or government security professionals, he shows how to deploy the Cisco Firepower next-generation security technologies to protect your network from potential cyber threats, and how to use Firepower’s robust command-line tools to investigate a wide variety of technical issues.
Each consistently organized chapter contains definitions of keywords, operational flowcharts, architectural diagrams, best practices, configuration steps (with detailed screenshots), verification tools, troubleshooting techniques, and FAQs drawn directly from issues raised by Cisco customers at the Global Technical Assistance Center (TAC). Covering key Firepower materials on the CCNA Security, CCNP Security, and CCIE Security exams, this guide also includes end-of-chapter quizzes to help candidates prepare.
- · Understand the operational architecture of the Cisco Firepower NGFW, NGIPS, and AMP technologies
- Deploy FTD on ASA platform and Firepower appliance running FXOS
- Configure and troubleshoot Firepower Management Center (FMC)
- Plan and deploy FMC and FTD on VMware virtual appliance
- Design and implement the Firepower management network on FMC and FTD
- Understand and apply Firepower licenses, and register FTD with FMC
- Deploy FTD in Routed, Transparent, Inline, Inline Tap, and Passive Modes
- Manage traffic flow with detect-only, block, trust, and bypass operations
- Implement rate limiting and analyze quality of service (QoS)
- Blacklist suspicious IP addresses via Security Intelligence
- Block DNS queries to the malicious domains
- Filter URLs based on category, risk, and reputation
- Discover a network and implement application visibility and control (AVC)
- Control file transfers and block malicious files using advanced malware protection (AMP)
- Halt cyber attacks using Snort-based intrusion rule
- Masquerade an internal host’s original IP address using Network Address Translation (NAT)
- Capture traffic and obtain troubleshooting files for advanced analysis
- Use command-line tools to identify status, trace packet flows, analyze logs, and debug messages
Table of Contents
Part I Troubleshooting and Administration of Hardware Platform
Chapter 1 Introduction to the Cisco Firepower Technology
Chapter 2 FTD on ASA 5500-X Series Hardware
Chapter 3 FTD on the Firepower eXtensible Operating System (FXOS)
Chapter 4 Firepower Management Center (FMC) Hardware
Chapter 5 Firepower System Virtual on VMware
Part II Troubleshooting and Administration of Initial Deployment
Chapter 6 The Firepower Management Network
Chapter 7 Firepower Licensing and Registration
Chapter 8 Firepower Deployment in Routed Mode
Chapter 9 Firepower Deployment in Transparent Mode
Part III Troubleshooting and Administration of Traffic Control
Chapter 10 Capturing Traffic for Advanced Analysis
Chapter 11 Blocking Traffic Using Inline Interface Mode
Chapter 12 Inspecting Traffic Without Blocking It
Chapter 13 Handling Encapsulated Traffic
Chapter 14 Bypassing Inspection and Trusting Traffic
Chapter 15 Rate Limiting Traffic
Part IV Troubleshooting and Administration of Next-Generation Security Features
Chapter 16 Blacklisting Suspicious Addresses by Using Security Intelligence
Chapter 17 Blocking a Domain Name System (DNS) Query
Chapter 18 Filtering URLs Based on Category, Risk, and Reputation
Chapter 19 Discovering Network Applications and Controlling Application Traffic
Chapter 20 Controlling File Transfer and Blocking the Spread of Malware
Chapter 21 Preventing Cyber Attacks by Blocking Intrusion Attempts
Chapter 22 Masquerading the Original IP Address of an Internal Network Host
Appendix A Answers to the Review Questions
Appendix B Generating and Collecting Troubleshooting Files Using the GUI
Appendix C Generating and Collecting Troubleshooting Files Using the CLI