Post

Cisco Firepower Threat Defense (FTD)

Posted
By Sena Perdiana 2 min read


Cisco Firepower Threat Defense (FTD) is a security product offered by Cisco Systems. It combines firewall capabilities with advanced threat detection and prevention features. FTD is designed to protect networks and data centers from a wide range of cyber threats, including viruses, malware, intrusions, and other security risks.



Network Topology

Here’s the topology for this FTD deployment

x



Installing Firepower Threat Defense

First, download the installer on Cisco Download Central

x


Deploy the OVA, configure the management access

x

set the admin password


x

configure the management interface


Then boot up the VM

x



Accessing Firepower Threat Defense

After a minutes, the GUI should be accessible on the management interface

x

x


Configure the outside interface that has an access to internet

x


Configure the NTP

x


Then select the licensing type

x


Lastly, choose the deployment type, in this case we’ll use standalone

x


Now Cisco Firewall Threat Defense is up and running

x



Configuring Interfaces

On Interface, edit and configure the inside interface

x


This is the interface configuration for now

x


Deploy the config

x


Now if we try accessing both the Outside or Inside Interface from their respective network, they should all be accessible

x



Configuring NAT for Internet Access

On Policies » NAT, add new to allow dynamic translation from inside network to the outside interface

x


Then on Policies » Access Rules, add new rule to allow traffic from the inside to outside zone

x


Now on client’s PC on the inside network, we should have an internet connection

x


On Monitoring » Events, we can see the traffic from inside host to the internet

x


Clicking on the events show more details regarding the traffic

x


We can also see other monitoring stats which is pretty neat and handy

x

x

x



Configuring Static Destination NAT

Now we’re setting up a destination NAT so the inside host can be accessed using the outside public IP Address

x


On Policies » NAT, add a new Static NAT coming from outside to inside with the specified destination IP address

x


Then on Policies » Access Rules, add new rule to allow traffic from the outside to inside zone

x


Now if we try accessing the public IP, we should be connected to the inside host

x


And on Monitoring » Events, we can also see the translated traffic coming from outside here

x


Security, Cisco Firepower Threat Defense (FTD)
FTD
This post is licensed under CC BY 4.0 by the author.