Cisco Firepower
FEATURES
Firepower appliances with FTD support;
Firewall, including NGFW with L7 detection and control,
Malware prevention using Cisco AMP,
URL Filtering,
Security Intelligence with security feeds for reputation blocks,
Routing and NAT including BGP, OSPF, EIGRP, IS-IS, RIP and static routing,
IDS/IPS,
VPN Site-to-Site and Remote Access.
Firepower Solutions include the FMC (Firepower Management Center) which is a centralized device for management all Firepower devices.
MODELS
1000 Series
Best for smaller businesses and branch offices.
2100 Series
Ideal for larger branch offices and medium-sized organizations.
3100 Series
Designed for enterprise, campus, and data center environments.
4100 Series
Designed for enterprise, campus, and data center environments.
9100 Series
Optimized for service providers and high-performance data centers.
NGFWv Series
Optimized for service providers and high-performance data centers.
3100 Series
Ideal for larger branch offices and medium-sized organizations.
FPR 3110, 3120,
8x10/100/1000MBase-T copper ports, 8x1/10G SFP ports, 2 SSD slots w/ SW RAID1, 1 netmodslot (10G), 2 PSUs (FRU), 4 fans (FRU)
FPR 3130, 3140
8x10/100/1000MBase-T copper ports, 8x1/10/25G SFP ports, 2 SSD slots w/ SW RAID1, 1 netmodslot (25G), 2 PSUs (FRU), 4 fans (FRU)
Successor to the Firepower 2100 series platform with 1RU form factor with 4 base models
NGFW performance (FW+AVC+IPS): 5/10/15/20Gbps,
SW support: FTD 7.1, ASA 9.17, FXOS 2.11
4200 Series
Ideal for larger branch offices and medium-sized organizations.
FPR4215, 4225, 4245
8x1/10/25G SFP28 ports, 2 SSD slots w/ SW RAID1, 2 netmodslots (100G), 2 PSUs (FRU), 3 fans (FRU)
NGFW performance (FW+AVC+IPS): 35/65/125Gbps
Successor to the Firepower 4100 series "Queensway" platform with 1RU form factor
SW support is now FTD 7.4, ASA 9.20, FXOS 2.14, slip due to Marvell exiting Ethernet Contoller
cdFMC
Question 1
Customer wants to use cdFMC. What is the complete BOM, he is currently using FTD 1120 with FDM, once we get the license I will change the FDM to FTD remote management.
Answer:
To build a cdFMC BOM, you need to order the CDO Base license using - CDO-SEC-SUB --> CDO-BASE-LIC. One Base license is for 1 tenant. After the Base license, you need to order the device license as well. The Device licenses are based on the model number and quantity per model. The Device license for the Firepower 1120 is L-FPR1120-P=
Kindly see the Ordering guide below:
Question
What is the log retention limit and log capacity limit for cdFMC with base license.?
Answer:
Currently, events must be stored in Cisco SAL as there is not current storage "built" into cdFMC. cdFMC is only for device configuration and management.
Question
If base license is not enough for log retention and capacity what is the additional license customer has take.
Answer:
There are 2 options in order to have events and log retention in cdFMC:
1. On-prem Logging with FMC - an on-prem FMC can be deployed as Analytics only FMC and the events are sent and stored to the on-prem FMC
2. Cloud based Logging with SAL SaaS:
To order SAL you need to start with SAL-SUB and from inside of that SKU, you can select your desired SAL Package and your desired Log Retention Period.
Please check the ordering guide:
Cisco Security Analytics and Logging Ordering Guide
Cisco Security Analytics and Logging Configuration Guide for Cloud-Delivered Firewall Management Center
Question
Does cdFMC give the equivalent reports as on prem FMC?
Answer:
Unfortunately, cdFMC reports are not 100% equivalent to FMC. It does not have templates for reports but there is a High Level Security Report available in cdFMC.
See: Reporting:
https://www.cisco.com/c/dam/en/us/products/se/2019/8/Collateral/firepower-feature-matrix.pdf#page=28
cdFMC presentation that you might find helpful: https://salesconnect.cisco.com/#/content-detail/b7f949ef-a050-4b33-a409-8beb8be16463
REFERENCES
CRED
LINKS
Cisco Firepower Compatibility Guide
Secure Firewall Application Detectors
Threat Defense Virtual (formerly FTDv/NGFWv) Data Sheet