Network technologies and trends

Jan 2 2018   4:48AM GMT

A review for Cisco Press title “Cisco Firepower Threat Defense (FTD)” by Najmul Rajib

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Tags:
ASA
CCIE
CCNA
CCNP
Cisco
Cisco Press
DNS
firewall
Security
SSL

The recently released Cisco Press title “Cisco Firepower Threat Defense (FTD)” by Najmul Rajib is a great treat to read as he addresses most of the new concepts and new approach one has to adapt to enhance his/her Cisco’s Firepower technology.

 

 

 

 

 

 

 

 

Courtesy: Cisco Press

This title comes with 22 chapters divided into four parts and follows a standard Cisco Press format of chapter summary and followed by quiz

• Part I Troubleshooting and Administration of Hardware Platform
• Part II Troubleshooting and Administration of Initial Deployment
• Part III Troubleshooting and Administration of Traffic Control
• Part IV Troubleshooting and Administration of Next-Generation Security Features

The evolution of Firepower is a good starting point of this title as it addresses the concepts of Defence Center, FireSIGHT Systems and Firepower systems in very concise manner and also this gives a good understanding of Firepower System Software Components.

The ASA reimaging chapter is quite elaborative and gives all the steps one should follow to reimage their ASA with unified FTD image. The chapter comes with great screen shots of the steps one should follow. If one wants to re-image their ASA Firewall with unified FTD image they can also see my post published some in April 2017.

Part II of this title addresses the administration and troubleshooting steps, licensing and registration process, followed by the Firepower deployment modes.

Whereas Part III focusses more into the troubleshooting and administration of traffic like how one can capture a traffic from Firepower engine, how one can download a .pcap file. How to inspect an SSL traffic, though this section could have been more elaborative as it addresses to fail the SSL interception in detail.

Part IV concludes this title with some advanced troubleshooting and administrating tips for Cisco’s Next Generation Security features like blocking a DNS query, URL filtering, discovering and blocking traffic based on applications.

One can certainly make use of this title to enhance their knowledge about Cisco Next-Generation Firewalls as it comes with best practices for the various topic, few such topics which grabbed our attention was a deployment of FTD in routed mode and blocking DNS query. Also, this title happens to be very handy guide for CCNA Security, CCNP Security, and CCIE Security exams preparations.

If the VPN capabilities of FTD was discussed it would have added some more value as this is a key feature of any Next-Generation Firewalls.

To conclude it’s a well-written title by Najmul Rajib which helps one to understand what FTD is and how one can start working with FXOS as it comes with a good example and best practices.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: