Cisco Firepower comprises a comprehensive list of security features in general.
Moreover, These features must be part of any Next-Generation Firewall solution.
Hence, All of these features revolve around the analytics and automation engine, which in Cisco’s case is Cisco Telos.
So, This module provides direct intelligence feed for different firewall components to work properly and secure the network.
In addition to that fiscal firepower as-
- the next generation intrusion prevention system module,
- the application visibility and control module,
- the advanced malware protection module,
- the network profiling module,
- you are developing module identity policy control
- and VPN module.
Fiscal firepower also provides options for high availability and resiliency, such as clustering and failover, the basic firewall.
It also have features like routing, switching and access control list are also part of Cisco firepower.
After that, is the detailed list of features that every component provides on a broader category.
Therefore, we can divide these into five major categories:
- Next-Generation Firewall features,
- and licensing.
After that, The major benefit of Cisco is that both the next generation firewall features inherited from Sourcefire.
And so the legacy firewall features of EMC are packaged in a single license for ease of use and deployment.
However, The third category covers the intrusion prevention and Detection Systems Analytics and the Malware Protection Dynamic Analysis.
Hence, It includes sandboxing, you are blacklisting and many more features.
Moreover, the next generation firewall features cover the zone with spiraling user authentication.
Therefore, you are a reputation, SSL, decryption and other features.
So, the legacy features include the clustering high availability network address, translation, switching and routing.
The management category covers the inbox management, as well as the centralized management.
The one who fired Power Management Center in case of multiple firewalls.
Lastly, the single package licensing covers all the features of firepower and legacy AC.
FTD Features- Cisco Firepower
|Threat||NGFW||ASA||Management||Licensing & Packaging|
3. File capture
4. Network AMP
5. Dynamic Analysis
6. Security Intelligence
URL &DNS Blacklisting
7. DNS sink holing
8. File pre-classification using Clam AV
9. Compliance engine
10. Inline and passive mode support
|1. Zone based unified rule table |
3. Active and passive user identity
4. App id and visibility
5. URL Reputation
6. Integrated SSL decryption policy
8. Syslog from device from connection and IDS/IPS Events
10. Rate limiting (6.1)
11. YouTube EDU(6.1)
12. Google safe search (6.1)
|1. Intra chassis clustering with state sharing |
2. High availability with state sharing
6. Select ALG Functionality
7. Firewall basics
8. Syslog for non-connection Events
9. Tunnel policy (6.1)
10. Rate-limiting (6.1)
|1. Off-box FMC|
2. Diagnostic CLI
3. Domains with full RBAC
4. On-box WebUI (6.1)
5. HA management
6. Clustering Management
7. Device inventory. Deploy
8. Image management
10. Health Monitoring
11. Unified system authentication and platform settings
12. Unified navigation/menu and look and feel.
|1. Single package with ASA & SF|
2. New Licensing model using smart licensing
You can also read- Internet of Things using Arduino Part-1 (Introduction)