ISE Adaptive Network Control (ANC)
Adaptive Network Control (ANC) is a feature of Cisco Identity Services Enginer (ISE) that can be used to monitor and control network access of authenticated endpoints. With ANC you have…
MACSec switch-to-host
MACsec provides secure communication on wired networks; it encrypts each packet on the wire so that communication cannot be monitored. There are 2 deployment types:- Switch-host (user facing/downlink) MACsec or…
FTD FQDN objects
The FQDN ACL feature allows the Firepower Threat Defense (FTD) firewall to use FQDN objects in the Access Control Policies (ACP). For this functionality to work, the FTD must be…
FTD Traffic Zones (ECMP)
Cisco Secure Firewall (FTD) Firewall supports Equal Cost Multi-Path (ECMP) routing using traffic zones to group interfaces to load balance traffic over multiple interfaces. ECMP supports asymmetric routing and load…
FTD DNS Security
Cisco FTD DNS based Security Intelligence allows you to identify a suspicious DNS query and blacklist the resolution of the dubious domain. When using DNS security provided by the FTD,…
FTD Control Plane ACL
Traffic usually traverses a firewall and routed between interfaces; in some circumstances it is beneficial to deny traffic destined “to” the FTDs interface. Like with the Cisco ASA, the Cisco…