SSFIPSLearning Services Lab Portal Link
Cisco Learning Lab Portal (Instructor & Student) Link Cisco Digital Learning Library (Course material Labs) Link FIREPOWER
Firepower Release notes Jan 2020 (6.5 and below) Link Licensing Firepower 6.5 Link Firepower Management Centre Config Guide 6.5 Link FMC Hardware and Virtual Platforms current 2019 Link FMC EOL Platforms (750,1500,2000,4000) Link Good Firepower Compatibility Guide Link Licensing Firepower 6.2.2 Link Firepower System Feature Licenses Link ASA & Firepower Data Sheet (Licensing etc June/2019) Link Firepower Ports and communication Protocols Link Firepower DDOS Protection through Radware Link Cisco Live LinksASA to FTD Migration Link
AMP & Thread Grid Integration ESA Link Firepower Platform Deep Dive Link Excellent Cisco Live Firepower Presentation Feb 2018 Barcelona FirePower for CCIE Security Candidates - BRKCCIE-3200 Useful FilesYou Tube Videos |
Course ContentFMC Configuration Guide 6.5 pdf (2700 pages) Link
Cisco Firepower Threat Defense OverviewAll security products Link
Firepower Ports and communication Protocols Link Good Product Overview 2100/4100/9300 Link Firepower Management Centre Configuration Guides Link Cisco Firepower NGFW Virtual Install and Upgrade Guides Link Cisco Firepower NGFW Install and Upgrade Guides Link Firepower Management Centre Installation Guide 6.0 later link SafeSearch Link Cisco more general Link VDB Updates Link All Management Platforms and devices Link Note the 5508 and 5512 do not support latest FTD ASA 5585-X EOL Cisco Defense Orchestrator CDO Link Lab minutes Multi domain management Video 1 of 2 Lab minutes Multi domain management Video 2 of 2 FMC Platforms 2020 Link Performance expressed in bps(M or G) FMC Configuration Guides Link FMC EOL Platforms (750,1500,2000,4000) Link Configuring Static and Default routes (Tunneled) Link Demo License 25 of everything despite saying 0 see video Licensing Firepower 6.5 Link Smart Licensing via Cisco Smart Software Manager Link Smart Software Satellite Server air gapped from internet Link vPC/Port-Channel (Nexus) Link Firepower NGFW Configuration
Security Certifications Compliance (CC/UCAPL) Link
UCAPL renamed to DoDIN APL Link Fail to Wire (Network Modules) Link 2100 and above Interface modes IPS mode (no f/w features) Link FXOS for 4100/9300 Link Multi-Instances on 4100/9300 Link FXOS for 2100 small subset of FXOS, int config, no cluster Link 2100 Architecture Link Difference between FXOS/ASA/Firepower (Cisco Comm) Link Not in course Firepower 1000 Series Link NAT ID, used a unique registration ID (no unique ip) Link Firepower Deep Dive Link Clustering on the 4100/9300 ASA (16 per module/chassis) Link CLustering FTD 4100/9300 now 6 On FTD all interfaces have security level = 0 Link (Search) "Traffic between FTD interfaces (inter) and (intra) is allowed by default" Security Levels Cisco Community question Link FTD Clustering 9300/4100 (6/cluster) Link Ver 6.2 Rel Link Configure clustering on FTD 9300 Link ASA Clustering 9300/4100 (16/cluster 9.13 code) Link Ethernet MIX (EMIX) Link Tunneled static route (For VPN Traffic) Link ASA to FTD Reimage guide (includes 550X) Link Health Monitoring running every 5 minutes. JDBC Driver for external FMC database access Link Firepower NGFW Traffic Control
Packet Processing Data Path (DAQ) Link
Packet Flow (Todd Lammle) Link Lina Code (ASA) before and after SNORT Process Link Excellent link to clarify FTD flows Link DAQ (Data Acquisition) Troubleshooting Link QOS Option on FTD is to Rate Limit Link Hardware by-pass fail-to-wire Link ACP Offloads, fastpath etc SmartNIC Link FlexConfig replaced by Service Policies 6.30 onwards Link This is to configure connection limits etc. Configuring TCP state bypass using FlexConfig Link elephant/fat flow Link Firepower Discovery
Network Discovery Configuration Link
Implementing Access Control Policies
Notes
1. 80% hit to do SSL Decryption on the box. 2. Yellow Triangle in Rule header indicates Licensing issue. 3. Blocked or trusted traffic, therefore no Network Discovery. 4. Talos maintained black/white list and custom. Interface modes IPS mode (no f/w features) Link Passive interfaces - Inline Sets (Interfaces) Link The FMC can record from 10 million events to 300 million Link Cisco Community Link on Max Events Link Backup/Restore including events Link Events are FIF0 Link Prefilters are only relevant to FTD and not classic devices ie ASA Security Intelligence
File Control and Advanced Malware ProtectionNext Generation IPSNetwork Analysis PoliciesStream preprocessor aka Stream5 Link
Snort rule numbering 123:7:1 (detec mech:SIgID:Rev) Link GID(generator ID);SIgID:Rev Network Analysis PoliciesDetailed Analysis TechniquesFirepower Platform IntegrationAlerting and Correlation PoliciesSystem AdminFirepower Troubleshooting |
