Latest

Home / Security / Next Generation Firewalls : Cisco Firepower

Next Generation Firewalls : Cisco Firepower

January 26, 2018


Cisco come-up with the next generation firewalls called Cisco ASA Firepower which have various capabilities like NGIPS- Next Generation Intrusion Prevention, AVC- Application visibility and control, AMP- Advance Malware Prevention and URL filtering.

Fig 1.2- ASA Firepower 

It can be used as a module and run differently then ASA. The ASA Firepower module can software and Hardware.
  • Cisco Next generation firewalls have continuous analysis and retrospective detection feature while all other firewalls have limited feature.
  • Cisco Next generation firewalls continuously using network file trajectory feature while it is not available there in Palo-alto, Checkpoint and Fortinet Firewalls
  • Cisco Next Generation firewall have impact assessment and Security automation feature, so that feature is lacked there in other firewalls,  Cisco have adaptive threat management feature as well in their next generation firewall call ASA Firepower.
  • It also have Behavioral indicators of compromise ( loCs) included in Firepower.
  • They have inbuilt feature os user, network and endpoint awareness.
  • NGIPS- Next Generation Intrusion Prevention is signature based in Fortinet and Palo- Alto Firewalls but in Cisco Next generation Firepower, it is inbuilt.
  • They have the other features like advanced threat protection while other have limited feature.
  • You can also have Malware remediation feature in ASA Firepower.
Study has been done for the other features also like Threat intelligence ( Talos ), Cisco ASA Firepower can handled 1.5 million of Unique malware samples per day and that is much more than the other firewall category.

Unique study that Cisco ASA firewall can block up to 19.7 billion threats per day while other firewalls didn't have report. It also scanned 600 billion Emails while Fortinet firewall can do it up to 6 billion only. It can also handled 16 billion web requests per day while in competition Fortinet can only done 35 million of web requests, what a huge margin it is and yes Cisco firepower is advanced next generation firewall with full features.

So this is the basic features and the capability of Cisco ASA Firepower called the " Next Generation Firewall"

It is the basic tutorial on Cisco Firepower, we will come with other stuff in the next generation firewalls and the how it works in the real environment with the traffic flow.