Introduction to FTD

--> FTD stands for Firepower Threat Defense.

--> The Firepower Threat Defense software, is the unified operating system which provides following services in a single image,

i) Built-in stateful firewall ( Used to filter the packets based upon Layer 3/4 information)

ii) Normal and Advanced Routing Protocol Support ( Support Static and Dynamic Routing Protocol)

iii)Next-generation intrusion prevention systems (NGIPS)( avoids well-known attacks by matching the network packets to the signature database )

iv)Application visibility and control (AVC) ( Filters Application and Provides visibility of Applications running in the network)

v) URL filtering ( Block/Allow URLs)

vi)Advanced Malware Protection (AMP)  ( Checks for Malware in the files which are sent over the network as well as provides a Data Loss Prevention feature)

vii) ISE Integration

Viii) SSL Decryption ( HTTPS )

--> FTD is available in both physical and virtual appliance.

--> FTD uses firepower extensible operating system(FXOS).

--> Firepower Management Center is used to configure FTD, it is similar to ASDM used for managing ASA.

--> FTD uses snort engine for Intrusion Detection and Prevention.





--> Firepower Threat Defense (FTD) Operating system is available on Cisco Firepower 4000 Series and the Firepower 9000 appliances.

--> It is possible to install the FTD Operating system in various ASA models such as ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, ASA 5512-X, ASA 5515-X, ASA 5516-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X.



--> You must have an SSD in your Cisco ASA, in order to install FTD in ASA.

--> FTD Managment is done by using the management interface of FTD. Basically, this interface communicates with FMC for configuring FTD.




 --> The first thing you need to do on FTD is to assign the IP address on the management interface.

Configure network ipv4 manual 192.168.45.5 255.255.255.0 192.168.45.1

Note: 192.168.45.5 is the IP Address assigned to FTD and 192.168.45.1 is the default gateway for the management interface.

--> Configure FMC IP Address after assigning the IP address to FTD.

configure manager add 192.168.45.150 cisco

Note: 192.168.45.150 is the IP address of FMC and cisco is the key used by both FTD and FMC.

Ref: Cisco.Com

MD.Kareemoddin

CCIE # 54759

0 Comments