It is often overlooked that a Firepower sensor is capable of very rich logging of a lot of interesting metrics. These can beside the normal SecOps use-cases also provide valuable insight into the health of…
Setting up a quick ELK stack for use with Ciscos Firepower Threat Defense has never been easier. In this article I will showcase setting up a docker version of the ELK stack, together with the…
While for long time firewall has typically been something associated with large metal appliances sitting on the outskirts of an infrastructure. More and more are looking into virtualizing also this part of their infrastructure. The…
A lot of effort go into creating spec sheets and publish various numbers on what performance can be expected in order to help chose and size the right firewall model. This post tries to dive…
There are several ways of authenticating toward the management interface of a Palo Alto Networks Firewall (PANW). The authentications options boils down to three distinct ways namely (or mixes of the three): Local Username, Local…
A common use-case I encounter is the ability to dynamically update object lists referenced in policies at security perimeters (Firepower, FTD or others). This can come in one of two flavors: Security threat intelligence (aka…
Installing the FTD 6.2.2 update on a ASA 5515X I noticed that Cisco released FTD 6.2.2 yesterday (05-sep-2017), why I naturally had to put it in my Demolab right away in order to see if…
First look When you first log into the FTD for FDM with a browser you will see a nice graphical interface of the units with proper color coding (i.e. green means good and orange mean…
The PAN-OS 6.1 (running the Palo Alto Networks firewall) has recently been released. Here are my initial thoughts on the release. Short story… it is not a revolution.. more like a good piece of evolution….
I have had my hands on Ciscos new addition to their ASA firewall/IPS portfolio, the ‘Cisco ASA with Firepower Services’. And as with all technology there are both pros and cons to mention in this initial release…