News & Update
Improve network and security operations with Firepower multi-instance and Cisco Threat Response

Improve network and security operations with Firepower multi-instance and Cisco Threat Response

As one of the largest security companies in the world, we take great pride in building solutions that many thousands of organizations trust to secure their networks. Small businesses and large enterprises alike rely on Cisco firewalls to keep their organizations running. With our latest release, Firepower Threat Defense (FTD) 6.3, our team is delivering value and bringing new possibilities to Firepower customers of all sizes.

Multi-instance: Multi-tenancy and segmentation

New in FTD 6.3, multi-instance capability for Firepower 4100 and 9300 allows enterprises with multiple departments to completely isolate their management and traffic planes from one another through strict hardware resource reservation. Customers can now deploy multiple logical devices, each with a Firepower Threat Defense instance in a Docker container, on a single security module.

There are a number of reasons why an organization would want to partition a single physical security appliance into multiple virtual firewalls. Cisco Adaptive Security Appliance (ASA) software has supported virtual firewalls with multiple-context mode for quite some time. We previously discussed the problems that virtual firewalls can help solve and why we decided to take a fresh approach with the multi-instance capability for FTD.

Instances are fully independent and fault-isolated. This approach ensures that there are no questions about what the NGFW is doing and which resources it can access. And unlike other approaches, one NGFW instance can’t impact another’s resources.

Deployment is quick and easy. Once created, each instance looks and operates within Firepower Management Center like a physical device. Large environments and service providers can even deploy NGFW instances at scale using our open API.

To illustrate the benefits of multi-instance, let’s imagine a large enterprise that does a lot of business around the holidays, like a retailer or airline. Say that they have production and staging environments behind the same firewall. With a classic firewall multi-tenancy solution (such as ASA or a competitor’s), the DevOps folks who play in the staging environment during the holidays may inadvertently cause a spike of traffic, overload the firewall, and take down the production environment, causing loss of revenue. With multi-instance, each firewall partition is contained to its resources so no cross-impact on either management or data planes can take place; business is safe.

Firepower integration with Cisco Threat Response

 

Cisco Threat Response

Cisco Threat Response automates integrations across select Cisco Security products and accelerates detection, investigation and remediation. Firepower is the latest product to be integrated, with high-priority IPS events.

Migrate easily with the new Cisco Firepower Migration Tool

 

ASA to Firepower migration

It’s never been easier to move from an ASA to a Cisco NGFW, thanks to our new Firepower Migration Tool. It automatically converts the configuration of a supported ASA platform to a supported Cisco NGFW running Firepower Threat Defense.

https://blogs.cisco.com/security/improve-operations-with-firepower-multi-instance-and-cisco-threat-response