Month: July 2024
Fulfilling Prerequisites – Cisco Network Discovery Policy
Fulfilling Prerequisites Before you begin configuring a network discovery rule, consider the following issues: Figure 9-5 Adaptive Profiles Setting for an Access Control Policy Configurations In the following section, you first learn the options to create reusable objects for network resources. Then you learn the steps to configure a network discovery policy using predefined…
Explore MoreBest Practices for Network Discovery – Cisco Network Discovery Policy
Best Practices for Network Discovery A network discovery policy enables Secure Firewall to discover applications, hosts, and users in a network. A threat defense discovers a network passively; it does not directly affect the traffic flow. However, to ensure optimal performance, you should consider the following best practices when you enable network discovery: Figure 9-3…
Explore More“Do I Know This Already?” Quiz – Cisco Network Discovery Policy
“Do I Know This Already?” Quiz The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read…
Explore MoreEvent Analysis in IPS-Only Mode – Cisco IPS-Only Deployment in Inline Mode
Event Analysis in IPS-Only Mode If a threat defense is deployed in the dedicated IPS-only mode with an inline interface pair, and a packet matches against an intrusion rule with block action, the management center marks the connection event with Intrusion Block. Let’s see how it works on live traffic. Figure 6-14 shows two different…
Explore MoreInline Set Configuration – Cisco IPS-Only Deployment in Inline Mode
Inline Set Configuration Now, begin the second part of the configuration—adding the interface pair to an inline set—by following these steps: Step 1. On the Device Management page of your selected threat defense, go to the Inline Sets tab and click the Add Inline Set button. The Add Inline Set window appears. Step 2. Under…
Explore MoreInline Mode Configuration – Cisco IPS-Only Deployment in Inline Mode
Inline Mode Configuration In the following sections, you configure an inline set and then deploy the interface settings to a threat defense. The configuration example also includes the fault-tolerance features that can help you avoid downtime in case of a failure. Figure 6-5 provides an overview of the lab topology that is used in this…
Explore MoreInline Mode Versus Transparent Mode – Cisco IPS-Only Deployment in Inline Mode
Inline Mode Versus Transparent Mode Both inline mode and transparent mode work like bump in the wire, which means they are invisible to the connected devices. However, they are two different techniques. In inline mode, the interfaces on an interface pair are network agnostic. They can send and receive any traffic, as long as the…
Explore MoreInline Mode Essentials – Cisco IPS-Only Deployment in Inline Mode
Inline Mode Essentials A threat defense supports a wide variety of block actions, such as simple blocking, blocking with reset, interactive blocking, and interactive blocking with reset. However, a block action cannot drop any suspicious packet if the interfaces are misconfigured or set up with an improper mode. Figure 6-1 shows a list of the…
Explore More“Do I Know This Already?” Quiz – Cisco IPS-Only Deployment in Inline Mode
“Do I Know This Already?” Quiz The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read…
Explore MoreIntegrated Routing and Bridging (IRB) – Cisco Firewall Deployment in Transparent Mode
Integrated Routing and Bridging (IRB) You have just learned how to create a Layer 2 bridge group on a threat defense in transport mode. Also, the preceding chapter described how to configure Layer 3 interfaces in routed mode. On a traditional firewall, when you enable a firewall mode, all the interfaces on that firewall solely…
Explore More