MACSec switch-to-host

• Post author:Admin
• Post published:December 26, 2024
• Post category:Cisco/ISE

MACsec provides secure communication on wired networks; it encrypts each packet on the wire so that communication cannot be monitored. There are 2 deployment types:- Switch-host (user facing/downlink) MACsec or…

Continue ReadingMACSec switch-to-host

FTD FQDN objects

• Post author:Admin
• Post published:December 15, 2024
• Post category:Cisco/FTD

The FQDN ACL feature allows the Firepower Threat Defense (FTD) firewall to use FQDN objects in the Access Control Policies (ACP). For this functionality to work, the FTD must be…

Continue ReadingFTD FQDN objects

FTD Traffic Zones (ECMP)

• Post author:Admin
• Post published:December 1, 2024
• Post category:Cisco/FTD

Cisco Secure Firewall (FTD) Firewall supports Equal Cost Multi-Path (ECMP) routing using traffic zones to group interfaces to load balance traffic over multiple interfaces. ECMP supports asymmetric routing and load…

Continue ReadingFTD Traffic Zones (ECMP)

FTD DNS Security

• Post author:Admin
• Post published:November 15, 2024
• Post category:Cisco/FTD

Cisco FTD DNS based Security Intelligence allows you to identify a suspicious DNS query and blacklist the resolution of the dubious domain. When using DNS security provided by the FTD,…

Continue ReadingFTD DNS Security

FTD Control Plane ACL

• Post author:Admin
• Post published:November 13, 2024
• Post category:Cisco/FTD

Traffic usually traverses a firewall and routed between interfaces; in some circumstances it is beneficial to deny traffic destined “to” the FTDs interface. Like with the Cisco ASA, the Cisco…

Continue ReadingFTD Control Plane ACL

FTD Dynamic Objects

• Post author:Admin
• Post published:November 11, 2024
• Post category:Cisco/FTD

A new feature in the version 7.0 release of Cisco FMC/FTD (aka Cisco Secure Firewall) is Dynamic Objects. A Dynamic Object is a list of IP addresses/subnets, unlike a regular…

Continue ReadingFTD Dynamic Objects