14. Cisco Firepower SSL Decryption: Decrypt Known Key

Cisco Firepower SSL Decryption Policy gives the capability to inspect SSL encrypted contents over the network, otherwise encrypted traffic, such as HTTPS connections, which make up most of the Internet content, cannot be inspected.
In the last section, we implemented the “Decrypt Re-Sign” method, where users inside the network see all HTTPS/SSL applications outside the network with Firepower certificate.
https://rayka-co.com/lesson/cisco-ftd-ssl-decryption/
In this section we implement “Decrypt Known Key” method in which users from outside the network access our HTTPS/SSL applications inside the network with their real certificate but traffic will be first decrypted and inspected in firepower before they are forwarded to the servers.

Details

8. Cisco FTD Security Intelligence ( IPs and URLs)

Cisco FTD Security Intelligence is used to black IPs, URLs and Domains with bad reputation. It uses mainly a database created by cisco Talos Security Group which periodically update the list of malicious senders and contents.
In this section, we will talk about security intelligence to block IPs and URLs with bad reputation. Blocking bad reputation domains will be discussed in the next video since the process is somehow different.

Details