The authoritative visual guide to Cisco Firepower Threat Defense
(FTD)
This is the definitive guide to best practices and advanced
troubleshooting techniques for the Cisco flagship Firepower Threat
Defense (FTD) system running on Cisco ASA platforms, Cisco Firepower
security appliances, Firepower eXtensible Operating System (FXOS), and
VMware virtual appliances.
Senior Cisco engineer Nazmul Rajib draws on unsurpassed experience
supporting and training Cisco Firepower engineers worldwide, and
presenting detailed knowledge of Cisco Firepower deployment, tuning, and
troubleshooting. Writing for cybersecurity consultants, service
providers, channel partners, and enterprise or government security
professionals, he shows how to deploy the Cisco Firepower
next-generation security technologies to protect your network from
potential cyber threats, and how to use Firepower's robust command-line
tools to investigate a wide variety of technical issues.
Each consistently organized chapter contains definitions of keywords,
operational flowcharts, architectural diagrams, best practices,
configuration steps (with detailed screenshots), verification tools,
troubleshooting techniques, and FAQs drawn directly from issues raised
by Cisco customers at the Global Technical Assistance Center (TAC).
Covering key Firepower materials on the CCNA Security, CCNP Security,
and CCIE Security exams, this guide also includes end-of-chapter quizzes
to help candidates prepare.
- Understand the operational architecture of the Cisco Firepower NGFW,
NGIPS, and AMP technologies
- Deploy FTD on ASA platform and Firepower appliance running FXOS
- Configure and troubleshoot Firepower Management Center (FMC)
- Plan and deploy FMC and FTD on VMware virtual appliance
- Design and implement the Firepower management network on FMC and FTD
- Understand and apply Firepower licenses, and register FTD with FMC
- Deploy FTD in Routed, Transparent, Inline, Inline Tap, and Passive
Modes
- Manage traffic flow with detect-only, block, trust, and bypass
operations
- Implement rate limiting and analyze quality of service (QoS)
- Blacklist suspicious IP addresses via Security Intelligence
- Block DNS queries to the malicious domains
- Filter URLs based on category, risk, and reputation
- Discover a network and implement application visibility and control
(AVC)
- Control file transfers and block malicious files using advanced
malware protection (AMP)
- Halt cyber attacks using Snort-based intrusion rule
- Masquerade an internal host's original IP address using Network
Address Translation (NAT)
- Capture traffic and obtain troubleshooting files for advanced
analysis
- Use command-line tools to identify status, trace packet flows,
analyze logs, and debug messages