Cisco Firepower Active Directory integration is a prerequisite for identity-based access control. In this section, you will learn how to integrate Cisco FMC with Active Directory. In the next section, we continue the discussion to enable identity-based access control in the network.
DetailsCisco FTD NAT configuration is the topic of this section. In the last section, we discussed the concept of different types of NAT and how they are implement in a Cisco FTD device. In this section we implement examples of different types of NAT.
DetailsCisco Firepower SSL Decryption Policy gives the capability to inspect SSL encrypted contents over the network, otherwise encrypted traffic, such as HTTPS connections, which make up most of the Internet content, cannot be inspected.
In the last section, we implemented the “Decrypt Re-Sign” method, where users inside the network see all HTTPS/SSL applications outside the network with Firepower certificate.
https://rayka-co.com/lesson/cisco-ftd-ssl-decryption/
In this section we implement “Decrypt Known Key” method in which users from outside the network access our HTTPS/SSL applications inside the network with their real certificate but traffic will be first decrypted and inspected in firepower before they are forwarded to the servers.
Cisco FTD SSL Decryption Policy gives the capability to inspect SSL encrypted contents over the network, otherwise encrypted traffic, such as HTTPS connections, which make up most of the Internet content, cannot be inspected.
DetailsCisco FTD URL Filtering feature gives the capability to control the websites that users on your network can access based on category, reputation, and also manual..
DetailsCisco FTD Threat Intelligence Director (TID) is a supplemental security intelligence solution to block IPs, URLs, and domains with bad reputations based on third-party sources and not just based on a specific source from a specific vendor.
DetailsCisco FTD DNS Security Intelligence is used to quickly block connections to or from domain names with a bad reputation based on a database created by Cisco Talos security group. You have the option to drop DNS queries for malicious domain names or return a specific IP address called DNS sinkhole to redirect users to that sinkhole IP address and log the users accessing malicious domains.
DetailsCisco FTD Security Intelligence is used to black IPs, URLs and Domains with bad reputation. It uses mainly a database created by cisco Talos Security Group which periodically update the list of malicious senders and contents.
In this section, we will talk about security intelligence to block IPs and URLs with bad reputation. Blocking bad reputation domains will be discussed in the next video since the process is somehow different.