Lesson 2: Summary of Capabilities in FirePOWER
This Introduction to FirePOWER Services and Next-Generation Firewalls series is brought to you by Cisco Press author Omar Santos. Omar begins by breaking down the various capabilities incorporated in FirePOWER into three categories: threat innovation, enterprise management, and unified image. Focusing on threat innovation, Omar delves deeper into the inner workings of integrated SSL decryption. He covers, multiple deployment modes, flexible SSL support for HTTPS and StartTLS based-apps, decryption by URL category, and centralized enforcement of SSL certificate polices. Omar ends with Cisco Identity Services Engine (ISE) integration, a next-generation identity and access control policy platform that enables enterprises to enforce compliance, enhance infrastructure security, and streamline service operations by gathering real-time contextual information from networks, users, and devices. A combination of authentication, authorization, accounting (AAA), posture, and profiler into one.