1 of 1 people found this helpful
It is possible to monitor the firewall in the latest NPM release. To my knowledge, not the IPS/IDS.
Should be able to send netflow to NTA - AVC - More than 3000 application-layer and risk-based controls can invoke tailored IPS threat-detection policies to improve security effectiveness.
Monitor the basic firewall, not FirePOWER with NPM - ASA with FirePOWER NGIPS - Highly effective threat prevention and a full contextual awareness of users, infrastructure, applications, and content help you detect multivector threats and automate the defense response.
Not to my knowledge - Reputation and URL filtering - This filtering provides comprehensive alerting and control over suspect web traffic. It enforces policies on hundreds of millions of URLs in more than 80 categories.
Not to my knowldege - AMP - Effective breach detection with low TCO offers protection value. Discover, understand, and stop malware and emerging threats missed by other security layers
Since the firepower has both the FTD (physical box) and then the vm (web interface) which device would I be able to monitor with Orion? I want to be able to monitor it similar to how we are now able to monitor the ASA.
Would I configure netflow on the FTD or cli?
I think Firepower FXOS is currently buggy so until the Cisco BAU works with Solarwinds, I don't think we will be able to connect the FXOS side to Solarwinds. I currently have a TAC case open on the issue and I am going to see if I can move it up to the BAU to resolve. Also offer priv auth MD5 as well as SHA1 and up to AES-256 for privacy like the ASA and the NEXUS platforms. Of course the ASA side of Firepower works.