1 of 1 people found this helpful
It is possible to monitor the firewall in the latest NPM release. To my knowledge, not the IPS/IDS.
Should be able to send netflow to NTA - AVC - More than 3000 application-layer and risk-based controls can invoke tailored IPS threat-detection policies to improve security effectiveness.
Monitor the basic firewall, not FirePOWER with NPM - ASA with FirePOWER NGIPS - Highly effective threat prevention and a full contextual awareness of users, infrastructure, applications, and content help you detect multivector threats and automate the defense response.
Not to my knowledge - Reputation and URL filtering - This filtering provides comprehensive alerting and control over suspect web traffic. It enforces policies on hundreds of millions of URLs in more than 80 categories.
Not to my knowldege - AMP - Effective breach detection with low TCO offers protection value. Discover, understand, and stop malware and emerging threats missed by other security layers
Since the firepower has both the FTD (physical box) and then the vm (web interface) which device would I be able to monitor with Orion? I want to be able to monitor it similar to how we are now able to monitor the ASA.
Would I configure netflow on the FTD or cli?