Używamy cookies, aby ułatwić korzystanie z Portalu. Możesz określić warunki przechowywania, dostępu do plików cookies w Twojej przeglądarce. Dowiedz się więcej.
strona główna Strona główna | Nowości | Promocje | Zapowiedzi Twoje konto | Zarejestruj | Schowek | Kontakt | Pomoc
mapa działów
Szukaj: szukanie zaawansowane
Książki \ Cisco

Cisco Firepower Threat Defense (FTD) Język: 2


Cena Brutto: 316.05

Cena netto: 301.00

Wersja: Drukowana
Autor Nazmul Rajib
Liczba_stron 800
Wydawnictwo Cisco Press
Data_Wydania 2017-12-06
Cisco Firepower Threat Defense (FTD)

This is the definitive guide to best practices and advanced troubleshooting techniques for the Cisco flagship Firepower Threat Defense (FTD) system running on Cisco ASA platforms, Cisco Firepower security appliances, Firepower eXtensible Operating System (FXOS), and VMware virtual appliances.

Senior Cisco engineer Nazmul Rajib draws on unsurpassed experience supporting and training Cisco Firepower engineers worldwide, and presenting detailed knowledge of Cisco Firepower deployment, tuning, and troubleshooting. Writing for cybersecurity consultants, service providers, channel partners, and enterprise or government security professionals, he shows how to deploy the Cisco Firepower next-generation security technologies to protect your network from potential cyber threats, and how to use Firepower’s robust command-line tools to investigate a wide variety of technical issues.

Each consistently organized chapter contains definitions of keywords, operational flowcharts, architectural diagrams, best practices, configuration steps (with detailed screenshots), verification tools, troubleshooting techniques, and FAQs drawn directly from issues raised by Cisco customers at the Global Technical Assistance Center (TAC). Covering key Firepower materials on the CCNA Security, CCNP Security, and CCIE Security exams, this guide also includes end-of-chapter quizzes to help candidates prepare.

·        Understand the operational architecture of the Cisco Firepower NGFW, NGIPS, and AMP technologies

·         Deploy FTD on ASA platform and Firepower appliance running FXOS

·         Configure and troubleshoot Firepower Management Center (FMC)

·         Plan and deploy FMC and FTD on VMware virtual appliance

·         Design and implement the Firepower management network on FMC and FTD

·         Understand and apply Firepower licenses, and register FTD with FMC

·         Deploy FTD in Routed, Transparent, Inline, Inline Tap, and Passive Modes

·         Manage traffic flow with detect-only, block, trust, and bypass operations

·         Implement rate limiting and analyze quality of service (QoS)

·         Blacklist suspicious IP addresses via Security Intelligence

·         Block DNS queries to the malicious domains

·         Filter URLs based on category, risk, and reputation

·         Discover a network and implement application visibility and control (AVC)

·         Control file transfers and block malicious files using advanced malware protection (AMP)

·         Halt cyber attacks using Snort-based intrusion rule

·         Masquerade an internal host’s original IP address using Network Address Translation (NAT)

·         Capture traffic and obtain troubleshooting files for advanced analysis

·         Use command-line tools to identify status, trace packet flows, analyze logs, and debug messages

Introduction xxv

Part I Troubleshooting and Administration of Hardware Platform

Chapter 1 Introduction to the Cisco Firepower Technology 1

History of Sourcefire 1

    Evolution of Firepower 2

    FirePOWER Versus Firepower 3

Firepower Threat Defense (FTD) 6

    FirePOWER Service Versus Firepower Threat Defense (FTD) 6

    Firepower System Software Components 7

    Firepower System Hardware Platforms 9

    Firepower Accessories 10

Summary 11

Chapter 2 FTD on ASA 5500-X Series Hardware 13

ASA Reimaging Essentials 13

Best Practices for FTD Installation on ASA Hardware 14

Installing and Configuring FTD 16

    Fulfilling Prerequisites 16

    Upgrading Firmware 18

    Installing the Boot Image 26

    Installing the System Software 32

Verification and Troubleshooting Tools 44

    Navigating to the FTD CLI 44

    Determining the Version of Installed Software 46

    Determining the Free Disk Space on ASA Hardware 47

    Deleting a File from a Storage Device 48

    Determining the Availability of Any Storage Device or SSD 48

    Determining the Version of the ROMMON Software or Firmware 50

Summary 52

Quiz 52

Chapter 3 FTD on the Firepower eXtensible Operating System (FXOS) 55

Firepower 9300 and 4100 Series Essentials 55

    Architecture 57

    Software Images 58

        Firepower Extensible Operating System (FXOS) 59

        FTD Software 60

        Firmware 60

    Web User Interfaces 61

Best Practices for FTD Installation on Firepower Hardware 62

Installing and Configuring FTD 64

    Fulfilling Prerequisites 64

        Deleting Any Existing Logical Devices 64

        Upgrading the FXOS Software 65

        Enabling Interfaces 67

    Installing FTD 71

        Uploading the FTD Software Image 72

        Adding a Logical Device for FTD 73

        Completing the Initialization of FTD 77

Verification and Troubleshooting Tools 79

    Navigating to the FTD CLI 79

    Verifying the FXOS Software 81

    Verifying the Status of a Security Application 82

    Verifying the Security Modules, Adapters, and Switch Fabric 84

    Verifying the Hardware Chassis 87

    Verifying the Power Supply Unit (PSU) Modules 90

    Verifying the Fan Modules 92

Summary 94

Quiz 94

Chapter 4 Firepower Management Center (FMC) Hardware 97

FMC Component Essentials 97

    On-Box Managers 98

    Off-Box Managers 99

    Cisco Integrated Management Controller (CIMC) 101

    Internal USB Storage for the System_Restore Image 104

    User Interfaces 104

Best Practices for FMC Reimage 105

    Pre-installation Best Practices 105

    Post-installation Best Practices 108

Installing and Configuring the FMC 109

    Fulfilling Prerequisites 109

    Configuration Steps 110

        Step 1: Load the System_Restore Image 111

        Step 2: Configure the Network Settings 114

        Step 3: Choose a Transport Protocol 114

        Step 4: Download and Mount an ISO File 116

        Step 5: Run the Installation 117

        Step 6: Initialize the System 120

Verification and Troubleshooting Tools 122

    Identifying the FMC on a Rack 122

    Determining the Hardware and Software Details of the FMC 124

    Determining the RAID Battery Status 124

    Determining the Status of a Power Supply Unit (PSU) 125

        Checking Logs on the CLI 125

        Enabling Alerts on the GUI 127

        Performing a Complete Power Cycle 129

        PSU Checklist 129

    Verifying the Fans 129

Summary 132

Quiz 132

Chapter 5 Firepower System Virtual on VMware 135

FMC and FTD Virtual Essentials 135

    Supported Virtual Environments 135

    ESXi Versus VI 136

    VMware Installation Package in a Tarball 136

    Disk Provisioning Options 137

Best Practices for Firepower Virtual Appliance Deployment 138

    Pre-deployment Best Practices 138

    Post-deployment Best Practices 140

Installing and Configuring a Firepower Virtual Appliance 141

    Fulfilling Prerequisites 142

    Creating a Virtual Network 144

        Creating a Network for FMC Virtual 145

        Creating a Network for FTD Virtual 148

        Using Promiscuous Mode 152

    Deploying an OVF Template 154

    Initializing an Appliance 160

        Initializing an FMC Virtual Appliance 161

        Initializing an FTD Virtual Appliance 162

Verification and Troubleshooting Tools 163

    Determining the Status of Allocated Resources 164

    Determining the Status of a Network Adapter 165

    Upgrading a Network Adapter 166

Summary 170

Quiz 170

Part II Troubleshooting and Administration of Initial Deployment

Chapter 6 The Firepower Management Network 173

Firepower System Management Network Essentials 173

    The FTD Management Interface 173

    Designing a Firepower Management Network 176

Best Practices for Management Interface Configuration 180

    Configuring a Management Network on FMC Hardware 180

    Configuration Options 180

        Using the GUI During the First Login 180

        Using the GUI On Demand 182

        Using the Command-Line Interface 183

    Verification and Troubleshooting Tools 184

Configuring a Management Network on ASA Hardware 186

    Configuration 186

    Verification and Troubleshooting Tools 187

Configuring a Management Network on a Firepower Security Appliance 190

    Configuring the FXOS Management Interface 190

    Verification of the FXOS Management Interface Configuration 191

    Configuring the FTD Management Interface 192

    Verification of the FTD Management Interface Configuration 194

Summary 197

Quiz 197

Chapter 7 Firepower Licensing and Registration 199

Licensing Essentials 199

    The Smart Licensing Architecture 199

        Cisco Smart Software Manager (CSSM) 200

        CSSM Satellite 201

    Firepower Licenses 202

Best Practices for Licensing and Registration 203

Licensing a Firepower System 203

    Licensing Configuration 204

        Evaluation Mode 205

        Registering with the CSSM 206

    Verifying a Smart License Issue 209

Registering a Firepower System 211

    Registration Configuration 211

        Setting Up FTD 211

        Setting Up the FMC 212

    Verifying the Registration and Connection 215

    Analyzing the Encrypted SFTunnel 221

Summary 229

Quiz 230

Chapter 8 Firepower Deployment in Routed Mode 231

Routed Mode Essentials 231

Best Practices for Routed Mode Configuration 233

Configuring Routed Mode 233

    Fulfilling Prerequisites 234

    Configuring the Firewall Mode 234

    Configuring the Routed Interface 235

        Configuring an Interface with a Static IP Address 235

        DHCP Services 238

    FTD as a DHCP Server 240

    FTD as a DHCP Client 241

Verification and Troubleshooting Tools 243

    Verifying the Interface Configuration 243

    Verifying DHCP Settings 246

Summary 249

Quiz 249

Chapter 9 Firepower Deployment in Transparent Mode 251

Transparent Mode Essentials 251

Best Practices for Transparent Mode 252

Configuring Transparent Mode 253

    Fulfilling Prerequisites 254

    Changing the Firewall Mode 254

    Deploying Transparent Mode in a Layer 2 Network 255

        Configuring the Physical and Virtual Interfaces 256

        Verifying the Interface Status 261

        Verifying Basic Connectivity and Operations 264

    Deploying an FTD Device Between Layer 3 Networks 267

        Selecting the Default Action 268

        Adding an Access Rule 269

    Creating an Access Rule for SSH 272

        Verifying Access Control Lists 274

Summary 276

Quiz 276

Part III Troubleshooting and Administration of Traffic Control

Chapter 10 Capturing Traffic for Advanced Analysis 277

Traffic Capture Essentials 277

Best Practices for Capturing Traffic 278

Configuring Firepower System for Traffic Analysis 278

    Capturing Traffic from a Firepower Engine 279

        tcpdump Options 280

        Downloading a .pcap File Generated by Firepower Engine 285

    Capturing Traffic from the Firewall Engine 288

        Downloading a .pcap File Generated by Firewall Engine 291

        Enabling HTTP Service in FTD 293

    Capturing Traffic from the FMC 298

        Downloading a .pcap File Generated by FMC 299

Produkty Podobne
LISP Network Deployment and Troubleshooting: The Complete Guide to LISP Implementation on IOS-XE, IOS-XR, and NX-OS
IT Essentials Course Booklet, 7th Edition
CCNA 200-301 Official Cert Guide, Volume 1
Integrated Security Technologies and Solutions - Volume II: Cisco Security Solutions for Network Access Control, Segmentation, Context Sharing, Secure Connectivity and Virtualization
LISP Network, The: Evolution to the Next-Generation of Data Networks
Hyperconverged Infrastructure Data Centers: Demystifying HCI
Cisco Digital Network Architecture: Intent-based Networking for the Enterprise
Understanding Session Border Controllers: Comprehensive Guide to Designing, Deploying, Troubleshooting, and Maintaining Cisco Unified Border Element (CUBE) Solutions
Data Analytics for IT Networks: Developing Innovative Use Cases
CCNA Cybersecurity Operations Companion Guide
Więcej produktów