Lesson 4: FTD Deployment Modes and Access Policies
This Introduction to FirePOWER Services and Next-Generation Firewalls series is brought to you by Cisco Press author Omar Santos. Omar begins by explaining the different modes supported within Firepower Threat Defense (FTD). Omar introduces routed mode, where two or more interfaces separate layer 3 domains. In this mode, the firewall typically acts as both a router and gateway for local hosts. While in transparent mode, the firewall acts as a bridge functioning at layer 2. Omar then goes into the different Next Generation Intrusion Prevention System (NGIPS) deployment modes, such as inline, inline tap, and passive. The differences lay in how traffic is handled as it passes through the device and whether NGIPS functions as an Intrusion Prevention System or Intrusion Detection System, the latter only logging a message when a known event is detected. Omar concludes with a look at policies and focuses on access control, a function that manages what and how traffic is allowed, blocked, inspected, and logged.