Looking for instructions on how-to deploy FirePOWER Management Center(FMC) and FirePOWER Threat Defense(FTD)? Then you have come to the right place! The following blog post/videos will walk through a start to finish vFMC and vFTD perimeter deployment (many of these principles can apply to physical deployments). If you are not familiar with FMC/FTD check out my previous blog post.
Before you get started…I want to send a shout out to Jason Maynard Cisco Security CSE in Canada, he created the videos below…. Check out his other content here.
Feel free to use the comments section for questions or feedback! Let’s get started!
- FirePOWER management/FTD appliance – VMware Deployment – This video shows the initial steps in deploying vFMC and vFTD.
2. vFTD initial configuration – This video outlines configuration of vFTD interfaces and FMC management ip address (pointer to FMC responsible for managing the FTD appliance).
There is a two step process to manage FTD from FMC.
- “configure manager [IP of FMC] [key]” -Via CLI on the FTD appliance, point FTD appliance to FMC (note the password, you will need it in the next step)
- Add device – via GUI on FMC (see step 3)
3. vFMC initial configuration/register vFTD appliance – learn how to apply vFMC management ip address settings, licensing, etc.
- Adding devices to FMC (FMC Configuration)
4. FTD interface configuration – The following video shows the configuration of FTD routed interfaces. See the link below to learn more interface configuration options.
- FTD Interface configuration (Details on Routed, Transparent, Passive modes)
5. (Optional) Setup TAP interface (i.e. connect to span port)- A potential use case for this configuration is a branch site where I may want to span my internal data vlan(capture east/west traffic) and send it to my FTD appliance. The FTD appliance will then inspect traffic in/out(routed) and east/west(passive interface).
6. FTD Routing Configuration (Static/Dynamic Routing)- This video details inbound/outbound routing configuration.
- FTD Routing Overview
- Static Routing
- RIP – no thank you, no link needed because you shouldn’t be running RIP 🙂
- Multicast-PIM etc.
7. FTD NAT/PAT Configuration – The video highlights PAT (Port Address translation) configuration. PAT is typically used when there are many internal devices that need to share one public IP address . See the link below to learn more about NAT/PAT and configuration options.
8. FTD DHCP Server Configuration – This video shows how to setup a DHCP server for an inside network behind a FTD firewall. This configuration is typically used in a branch site or lab where a DHCP server is unavailable. Check out the link below to learn how to redirect DHCP/DNS request to a remote DHCP server.
9. FTD Platform Policy -When deploying network devices it is usually a best practice to configure management, time, access control settings etc. The following video highlights how to configure ( ssh access, icmp,smtp, snmp,syslog, time synchronization, timeouts etc. )
With FMC, there is the option to create a single policy and role it out to one or many devices. In my opinion, this greatly simplifies configuration.
Ok we are almost there….before actually routing traffic through the FTD appliance an Access Control Policy must first be created. This policy pulls together rule sets for L3/L4,L7(Application), URL filtering, IPS/IDS , and File/AMP (Advanced Malware Protection).
Before we jump into ACP configuration…Take a break, grab some coffee, and see you over in my next blog post!