Introduction to FirePOWER Services and the Next-Generation Firewalls: Lesson 4: FTD Deployment Modes and Access Policies



    FTD Deployment Modes and Access Policies

    This Introduction to FirePOWER Services and Next-Generation Firewalls series is brought to you by Cisco Press author Omar Santos. Omar begins by explaining the different modes supported within Firepower Threat Defense (FTD). Omar introduces routed mode, where two or more interfaces separate layer 3 domains. In this mode, the firewall typically acts as both a router and gateway for local hosts. While in transparent mode, the firewall acts as a bridge functioning at layer 2. Omar then goes into the different Next Generation Intrusion Prevention System (NGIPS) deployment modes, such as inline, inline tap, and passive. The differences lay in how traffic is handled as it passes through the device and whether NGIPS functions as an Intrusion Prevention System or Intrusion Detection System, the latter only logging a message when a known event is detected. Omar concludes with a look at policies and focuses on access control, a function that manages what and how traffic is allowed, blocked, inspected, and logged.


    Cisco Press Authors - Omar Santos


    Go to: Cisco Press Meet the Authors


    Previous Lesson