Cisco FTDv License
Cisco Firepower Threat Defense Virtual Appliance
Cisco FTDv is a unified software image combining Cisco ASA and Cisco Firepower feature into one hardware and software complete system. Cisco FTDv is a virtualized image of FTD that could be deployed on virtual machine.
Cisco FirePower Threat Defense (FTD) powerful features are:
- Next-Generation Intrusion Prevention Systems (NGIPS)
- URL Filtering
- Application visibility and control (AVC)
- Advanced Malware Protection
- ISE Integration
- SSL Decryption
- Captive Portal
- Multi-Domain Management
The Cisco Firepower NGIPS is a next generation intrusion prevention system that shares a management console with the Cisco firewall offerings, called the Firepower Management Center (FMC).
Event Tracker which is integrated with Cisco Firepower NGIPS, collects log from Cisco FirePower Threat Defense and generates a detailed reports, alerts, dashboards and saved searches. These features of Event Tracker help users to view the serious and vital information on every platform.
Activities like, IDS events are will be included details which outlines the targeted host and source of attack. Reports also consists of events of activities such as SSLVPN/ VPN/ WebVPN access, user command execution, and system activities.
IPS events include Blocked connections, File and Malware detection summary, Allowed URL’s summary, and many more. It includes information such as, date, time, the type of exploit, and contextual information about the source of the attack and its target.
Cisco FirePower Threat Defense provides alerts as soon as any critical event is activated. With these alerts, users will be able to get real time occurrences of events such as, possible attack that is will be carried out, SSLVPN/ VPN/ WebVPN login success, failures and logout events.
For IPS event, connection blocked due to malicious entity is discovered by NGIPS engine, alerts are directly sent to their email services.
Visual/graphical representation consists of events such as blocked/ allowed connections, security event summary count, and geo-location information which can be viewed on Event Tracker ‘dashboard’.
Dashboard also displays events associated with IDS such as the time of possible attacks from unknown or suspicious sources, data about suspicious URLs, Files, SSL Flow Status, threat name, SHA Disposition, source IP address, and Protocol/service used for establishing connection with Cisco FirePower Threat Defense.
Automated risk ranking and impact flags
Prioritize threats by gaining full visibility over your environment. Reduce the noise and volume of events to hone in on the high-impact items requiring immediate administrator action. Set rule recommendations that correlate host profiles with a level of vulnerability to automate impact analysis and contextualize the data, leveraging the best-of-breed Snort open-source intrusion prevention system (IPS).
License portability across clouds
Deploy appliances everywhere, from your super data center to your branch office, with the portability of one license to support virtual and physical solutions across public or private clouds (VMware, KVM, Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI), government clouds). Expand, contract, or relocate workloads over time and span physical, virtual, and public cloud infrastructures with one license.
Unified management and automated threat correlation
Stop more threats by containing known and unknown malware with leading Advanced Malware Protection (AMP) and URL filtering. Reduce the complexity of managing multiple security products through a unified management of integrated tools.
Cisco FirePower Threat Defense vs. ASA with FirePower
Cisco FirePower Threat Defense is contained all ASA features such as L2-L4 stateful firewall, application inspection, NAT, ACL, Routing and HA and there is no need to configure two separate instances and it could be managed by integrating with FMC.
Features and specifications
Cisco FirePower Threat Defense Smart License
Cisco FTDv smart license is now available for this product and it could be purchased with a Cisco smart account. After that, by all FTD instances can be registered in CSSM. Also, Cisco FTD PLR smart license is able to activate all product instanced permanently and with no need to connectivity through Internet.