• November 13, 2024

Verifying the Interface Status – Cisco Firewall Deployment in Transparent Mode

Verifying the Interface Status After deploying a threat defense by using the management center web interface, you can verify any configuration settings from the threat defense CLI. Example 5-6 shows the interface configuration of a threat defense in transparent mode. Both member interfaces are in bridge group 1 and have no IP addresses. Only BVI1…

Explore More

Verification – Cisco Network Discovery Policy

Verification Now you can verify the functionality of network discovery by passing network traffic through a threat defense. First, from your client computers, go to various websites on the Internet. Doing so generates traffic through the threat defense. If the network discovery policy is properly configured and deployed, you will be able to view discovery…

Explore More

Reusable Objects – Cisco Network Discovery Policy

Reusable Objects Managing the rules using IP addresses could be cumbersome when you have an access control policy with thousands of rules. However, if you use objects in a rule, you don’t need to remove the old rule and add a new one to reflect the new IP addresses; rather, you simply edit and update…

Explore More

Tip – Cisco Firewall Deployment in Transparent Mode

Tip Cisco Secure Firewall offers two unique rule actions—Trust and Fastpath—that can expedite management traffic traversing the device. In an access control rule, you can set the action to Trust to let the OSPF traffic go through the threat defense without any further inspection. However, the more optimal method for bypassing an inspection is to…

Explore More