Firewall and Security Platforms

Cisco Firepower

For years, Cisco has manufactured dedicated firewalls; in earlier years these devices were marketed under the name PIX. With technological advances, ten years later Cisco developed a new device that incorporated all of PIX’s capabilities and added new features, launching it as the Adaptive Security Appliance (ASA). However, in 2022, following a rebranding, Cisco began marketing its security products under the Cisco Secure name, and its hardware firewalls are offered under the Firepower brand. Nevertheless, Cisco Secure is not just a hardware firewall; it is a security appliance that provides firewall capabilities, antivirus, intrusion prevention (IPS), intrusion detection (IDS), VPN, SSL provisioning, and inspection of network packet content. By providing proactive defense against threats, this appliance stops attacks before they propagate through the network. Cisco’s next-generation security products deliver approximately three times the performance of the previous generation due to their use of the latest software and hardware implementations, which enables more precise investigation of security incidents and events. Moreover, thanks to the Snort3 software architecture and the use of features such as multi-core and multi-threading, software and hardware compatibility in these products has reached its highest level, allowing analysis at any level of data without loss of quality. Other features:

Cisco Firepower firewalls overview:    
1.General Structure Cisco Firepower is a modular security platform that can be deployed on:

• Hardware appliances: Series 1000, 2100, 4100, and 9300
• Virtual: FTDv (for VMware, KVM, AWS, Azure, etc.)
• Service modules inside certain routers/switches

2. Operating System and Architecture After acquiring Sourcefire, Cisco developed Firepower Threat Defense (FTD), an integrated OS that combines:

• ASA (traditional stateful firewall) capabilities
• Snort IPS (intrusion prevention system) engine
• Firepower can run in two main modes:   

 1-FTD mode – Unified system (ASA + NGIPS + AMP + URL        Filtering)
 2-ASA with Firepower Services – ASA as the firewall with          Firepower as    separate security module (older model,         less common now)

• Advanced identity-based access control
• Utilization of Cisco AMP, an advanced network-based anti-malware solution, and sandboxing
• Ability to monitor and manage application bandwidth based on automatic application identification
• Support for various types of VPNs for remote access
• Ability to be deployed as a virtual machine (VM)
• Option to add the Firepower intrusion detection system and protection against various DDoS attacks
• Suitable for networks with sensitive remote connections and teleworking, as well as for organizations with variable or evolving sizes
• Ability to add web access control for suspicious websites based on IP address and domain reputation