• October 6, 2024

Fulfilling Prerequisites – Cisco Network Discovery Policy

Fulfilling Prerequisites Before you begin configuring a network discovery rule, consider the following issues:    Figure 9-5 Adaptive Profiles Setting for an Access Control Policy Configurations In the following section, you first learn the options to create reusable objects for network resources. Then you learn the steps to configure a network discovery policy using predefined…

Explore More

Best Practices for Network Discovery – Cisco Network Discovery Policy

Best Practices for Network Discovery A network discovery policy enables Secure Firewall to discover applications, hosts, and users in a network. A threat defense discovers a network passively; it does not directly affect the traffic flow. However, to ensure optimal performance, you should consider the following best practices when you enable network discovery: Figure 9-3…

Explore More

“Do I Know This Already?” Quiz – Cisco Network Discovery Policy

“Do I Know This Already?” Quiz The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read…

Explore More

Event Analysis in IPS-Only Mode – Cisco IPS-Only Deployment in Inline Mode

Event Analysis in IPS-Only Mode If a threat defense is deployed in the dedicated IPS-only mode with an inline interface pair, and a packet matches against an intrusion rule with block action, the management center marks the connection event with Intrusion Block. Let’s see how it works on live traffic. Figure 6-14 shows two different…

Explore More

Inline Set Configuration – Cisco IPS-Only Deployment in Inline Mode

Inline Set Configuration Now, begin the second part of the configuration—adding the interface pair to an inline set—by following these steps: Step 1. On the Device Management page of your selected threat defense, go to the Inline Sets tab and click the Add Inline Set button. The Add Inline Set window appears. Step 2. Under…

Explore More

Inline Mode Configuration – Cisco IPS-Only Deployment in Inline Mode

Inline Mode Configuration In the following sections, you configure an inline set and then deploy the interface settings to a threat defense. The configuration example also includes the fault-tolerance features that can help you avoid downtime in case of a failure. Figure 6-5 provides an overview of the lab topology that is used in this…

Explore More

Inline Mode Versus Transparent Mode – Cisco IPS-Only Deployment in Inline Mode

Inline Mode Versus Transparent Mode Both inline mode and transparent mode work like bump in the wire, which means they are invisible to the connected devices. However, they are two different techniques. In inline mode, the interfaces on an interface pair are network agnostic. They can send and receive any traffic, as long as the…

Explore More

Inline Mode Essentials – Cisco IPS-Only Deployment in Inline Mode

Inline Mode Essentials A threat defense supports a wide variety of block actions, such as simple blocking, blocking with reset, interactive blocking, and interactive blocking with reset. However, a block action cannot drop any suspicious packet if the interfaces are misconfigured or set up with an improper mode. Figure 6-1 shows a list of the…

Explore More

“Do I Know This Already?” Quiz – Cisco IPS-Only Deployment in Inline Mode

“Do I Know This Already?” Quiz The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read…

Explore More

Integrated Routing and Bridging (IRB) – Cisco Firewall Deployment in Transparent Mode

Integrated Routing and Bridging (IRB) You have just learned how to create a Layer 2 bridge group on a threat defense in transport mode. Also, the preceding chapter described how to configure Layer 3 interfaces in routed mode. On a traditional firewall, when you enable a firewall mode, all the interfaces on that firewall solely…

Explore More