Excellent.. I saw couple of Firepower videos on RUclips, but your video has covered most of the required details in single video. Thanks for the detailed info..
Many Thanks it was a great explanation really helpful. I think while creating Action Control Policy (ACP) we should first create (Add Category) and in that category we have to create the new rules in these way it will be more granular.
Hi Jason. Great series of videos, thank you for taking the time to make and publish them. I tried to get an interface of the sensor set as SPAN, but no traffic was getting out of the unit. I open a TAC for more details and in short, I heard the FTD cannot generate a SPAN port, and an ERSPAN port listens for SPAN traffic and it too doesn’t generate data. With that said, I’m curious on how this design of yours with a SPAN port was exporting traffic - unless I got it wrong and it is an import interface. Thanks again for your series of videos.
Hi Alex, Thanks for the feedback. In regards to your question. The SPAN port is the source port on another device like a switch. Firepower receives this data on a passive port. Hope that clarifies.
Hello, thnx for sharing this video, please if may I ask you how do you solve the feeds issue? Its un upper issue as you say on the video something upstream is blocking, if you let me know, cause i have this issue to in my lab. Thnx a lot again.
Thanks for reaching out! Please log on to the Cisco Firewalls Community (cs.co/6052Kv1ae) where you can connect with experts and peers, and have your FMC questions answered. Have a great day!
my job is cyber security so i think i should add remote desk control on my pc to communicate with the company pc to add and removed any file malware ...etc even blocked the IP if they want, can you tell me which soft wear ...many thanks. Paul
If you are looking for more content around Cisco Security technologies then check out Jason Maynard’s YT channel (includes FTD as well as other Cisco security technologies). cs.co/Jason_Maynard_RUclips_Channel
Can I manage asa 5508-x without FMC and configure routing, ie BGP ? I was reading FDM is installed as default to manage it , but not sure if it supports routing configuration. I need to configure networking on a new site where there are no servers yet to install FMC on.
Hi there. FMC is needed to configure ASA 5508-X. For more details, please refer to this discussion in the Cisco Community: community.cisco.com/t5/firewalls/asa-5508-x-ftd-asdm-fmc-limitations/td-p/3384009
Unfortunately, this feature is not available in FMC. Please check out this Cisco Community thread for more details: community.cisco.com/t5/firewalls/firepower-threat-defense-real-time-log-viewer/td-p/2936567
Great content. Can anyone pls let me know the way of adding multiple subnets in single Network object? What if I want to group more than 10 network objects in a single group? Thanks
Thank you for your feedback. Please log on to the Cisco Firewalls Community (community.cisco.com/t5/firewalls/bd-p/5966-discussions-firewalling) where you can connect with experts and peers, and have your FMC questions answered.
By now you probably know, but in case not you can indeed group 10 network objects (subnets or hosts) into a single group on the FMC. You can use ACLs to control access to many different subnets and hosts with object groups.
Hello Guys, I need some help please, I'm trying to configure FMC with "configure-network" after set the ip, mask and gateway parameters, I get error saying "unable to connect data-base at /path/PM_control.sock and this file is missing. When I check "pmtool status" i get pmtool:pmtool [ERROR] Unable to connect to UNIX socket at /var/sf/run/PM_Control.sock: No such file or directory
There are many steps and troubleshooting alternatives to solve this issue. We suggest opening a discussion in the community so experts in the area can assist you. You may also open a TAC case. Additionally, this is an example of a similar case: community.cisco.com/t5/firewalls/ip-address-change-virtual-fmc/td-p/3002904 Cisco FMC has many tricks, so it’s most probably going to need many back & forwards to solve it. Here's a general guide that shows the best practices of FMC configuration: www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/vmware/fmcv/FMCv-quick/setup-mcvirtual.html. I hope you find this helpful.
Hi Soliman. You would purchase the product from Cisco now called FMC (Firepower Management Center) and then it would be available for download. If you want a trial, you'll need to reach out to your local Cisco account team (scroll down and click on 'Contact Cisco' here: www.cisco.com/c/en/us/products/security/firepower-management-center/index.html)
Thank you. It is a great video to introduce the full picture on Firepower 👏
Thank you! I've been searching high and low for a video in FMC usage and yours provides just the detail and depth that I needed.
Excellent.. I saw couple of Firepower videos on RUclips, but your video has covered most of the required details in single video. Thanks for the detailed info..
This is awesome! Could you do more like it? You sir are great to learn from
Hi Mooreas - thanks for the feedback. I have a ton of videos available on my YT channel - cs.co/Jason_Maynard_RUclips_Channel
Great explanation thank you
Many Thanks it was a great explanation really helpful. I think while creating Action Control Policy (ACP) we should first create (Add Category) and in that category we have to create the new rules in these way it will be more granular.
excellent, really good video
Excellent video! Thank you!
Very nicely done. Thank U!
Thanks!
Are there any videos for setting up the FMC 1600 and Firepower 1100?
The following video may be helpful to you: ruclips.net/video/v_uZ9GbICBk/видео.html
Great demo! Thanks a lot
Excellent video!!!!
Great video. Thank you!.
Would you demonstrate how the firepower prevent from attack like mallware or something
Hi Jason. Great series of videos, thank you for taking the time to make and publish them.
I tried to get an interface of the sensor set as SPAN, but no traffic was getting out of the unit. I open a TAC for more details and in short, I heard the FTD cannot generate a SPAN port, and an ERSPAN port listens for SPAN traffic and it too doesn’t generate data. With that said, I’m curious on how this design of yours with a SPAN port was exporting traffic - unless I got it wrong and it is an import interface.
Thanks again for your series of videos.
Hi, Can you share other videos posted by Jason, thanks in advance Regards, Pavan
Hi Alex, Thanks for the feedback. In regards to your question. The SPAN port is the source port on another device like a switch. Firepower receives this data on a passive port.
Hope that clarifies.
Thank you very useful
Hello, thnx for sharing this video, please if may I ask you how do you solve the feeds issue? Its un upper issue as you say on the video something upstream is blocking, if you let me know, cause i have this issue to in my lab. Thnx a lot again.
Thanks for reaching out! Please log on to the Cisco Firewalls Community (cs.co/6052Kv1ae) where you can connect with experts and peers, and have your FMC questions answered. Have a great day!
If you want to block certain URLs, what exactly is the monitor action going to accomplish that?
great info!
my job is cyber security so i think i should add remote desk control on my pc to communicate with the company pc to add and removed any file malware ...etc even blocked the IP if they want, can you tell me which soft wear ...many thanks. Paul
You can find out more about our services here: cs.co/6058KqWAo, thanks for your interest!
FTD 101, is that coming soon? one of the best run throughs for FMC, well done!
If you are looking for more content around Cisco Security technologies then check out Jason Maynard’s YT channel (includes FTD as well as other Cisco security technologies).
cs.co/Jason_Maynard_RUclips_Channel
how is network discovery dealing with assets that chages its IP address.. like PCs for instance?
Hi there, we'd love to help! Please refer to this link: cs.co/6054KmZmk. Let us know if this helps.
Nice overview
Can you configure load balancing on dual outside WAN interfaces?
Can I manage asa 5508-x without FMC and configure routing, ie BGP ? I was reading FDM is installed as default to manage it , but not sure if it supports routing configuration. I need to configure networking on a new site where there are no servers yet to install FMC on.
Hi there. FMC is needed to configure ASA 5508-X. For more details, please refer to this discussion in the Cisco Community: community.cisco.com/t5/firewalls/asa-5508-x-ftd-asdm-fmc-limitations/td-p/3384009
thank you !!
Thanks for the video! Can you tell me what is 10.1.253.1 that you used as your default static route?
We're glad you liked the video. 10.1.253.1 is the IP default gateway.
An upstream device towards the internet. This is the route that is used to get to any (0.0.0.0) route that is not otherwise connected or defined
Ty for the video! is it possible to enable real time monitor in FMC?
Unfortunately, this feature is not available in FMC. Please check out this Cisco Community thread for more details: community.cisco.com/t5/firewalls/firepower-threat-defense-real-time-log-viewer/td-p/2936567
Great content. Can anyone pls let me know the way of adding multiple subnets in single Network object? What if I want to group more than 10 network objects in a single group? Thanks
Thank you for your feedback. Please log on to the Cisco Firewalls Community (community.cisco.com/t5/firewalls/bd-p/5966-discussions-firewalling) where you can connect with experts and peers, and have your FMC questions answered.
By now you probably know, but in case not you can indeed group 10 network objects (subnets or hosts) into a single group on the FMC. You can use ACLs to control access to many different subnets and hosts with object groups.
Hello Guys, I need some help please, I'm trying to configure FMC with "configure-network" after set the ip, mask and gateway parameters, I get error saying "unable to connect data-base at /path/PM_control.sock and this file is missing. When I check "pmtool status" i get pmtool:pmtool [ERROR] Unable to connect to UNIX socket at /var/sf/run/PM_Control.sock: No such file or directory
There are many steps and troubleshooting alternatives to solve this issue. We suggest opening a discussion in the community so experts in the area can assist you. You may also open a TAC case. Additionally, this is an example of a similar case: community.cisco.com/t5/firewalls/ip-address-change-virtual-fmc/td-p/3002904
Cisco FMC has many tricks, so it’s most probably going to need many back & forwards to solve it. Here's a general guide that shows the best practices of FMC configuration: www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/vmware/fmcv/FMCv-quick/setup-mcvirtual.html. I hope you find this helpful.
Helllo , it possible to share Images FMC and FTP , the old Link does't work
Here is the link to the Cisco FMC, Ahmed: www.cisco.com/c/en/us/products/security/firepower-management-center/index.html?DTID=esoytb000259
"click on the link below", where is the link please?
Hi James. The link is now in the video description.
how to get firesight source
Hi Soliman. You would purchase the product from Cisco now called FMC (Firepower Management Center) and then it would be available for download. If you want a trial, you'll need to reach out to your local Cisco account team (scroll down and click on 'Contact Cisco' here: www.cisco.com/c/en/us/products/security/firepower-management-center/index.html)
unfortunately I can push "like" button only one time :D
798 Nigel Mews
Dach Spring
Honestly, this technology is rubbish. You can't do the simplest things with this crap. smartlicense, FMC & FTD-->rubbish
True most of the functions can be handled with Zscaler….Who uses DMZ anymore everything is cloud based now.
Great Content! Thank you!
Thanks!