Firepower Threat Defense packet processing
Dennis Perto
Leading engineering in the OT SOC | Public speaker | OSCP | CCNP Security | Bitcoin maximalist | OWASP Chapter Leader
Do you ever have that feeling that the documentation is not technical enough? I do.
I have seen a whole bunch of flowcharts and handmade graphics made to give insights in how a packet traverses the inside of the Firepower Threat Defense. Not two are the same.
Like many others, I also created a flowchart. This time I did not make a simple version. I need a place to lookup every operation of the software in the "rare" case of troubleshooting. What stopped my packet and why can I not see this in the logs? Am I even looking through the right logs?
Actually I have created a chart for FTD and another one for ASA with FirePOWER Services.
Please contact me if you find any of the charts incorrect or missing key components. I will update it when more knowledge is acquired from my part.
Firepower Threat Defense - NGFW mode
Firepower Threat Defense - NGIPS mode
ASA with FirePOWER Services
If you liked this post, please click "Like" so that others can find it.
About: Dennis Perto is an enthusiastic security consultant who places great honour in genuinely humble consulting. He believes in serving the client with expert knowledge, and in not being afraid to admit when he is not the right expert anymore. He enjoys configuring Cisco Firepower for every special need.
Feel free to connect with me here on LinkedIn, and follow me on Twitter: @PertoDK
M.S. Cybersecurity | CCIE #6495x2 | CISSP | Cybersecurity Technical Solutions Architect
7 年Wish i could like this post more than once
Leading engineering in the OT SOC | Public speaker | OSCP | CCNP Security | Bitcoin maximalist | OWASP Chapter Leader
7 年Updates are online, once more. :)
IT Consultant - Network Specialist p? Cygate | #CiscoVIP 2017-2023 | #CiscoChampion 2017-2018 |
7 年This so Great. Thank you for The Great effort!
Senior Network Architect, Team Leader at High Availability, Inc.
7 年Dennis, apologies if I'm blind but the charts are not showing up for me.
Leading engineering in the OT SOC | Public speaker | OSCP | CCNP Security | Bitcoin maximalist | OWASP Chapter Leader
7 年Edits have been deployed.