Cisco Firepower 6.4 Update

Cisco laucnhed the new Cisco Firepower 6.4 release with a lot’s of improvements,  new features and more integrations.

What’s new in 6.4 (FMC)?

 

    • FMCv in Azure
    • Object usage
    • Hit counts for access control and prefilter rules
    • New commands introduced for Connection-based troubleshooting
    • Events, Logging, and Analysis
      • Integration with Cisco Threat Response
      • Improvements to syslog messages for file and malware events
      • IntrusionPolicy field is now included in syslog
    • VPN enhancements
      • RA VPN: Duo as first factor in two-factor authentication
      • RA VPN: Secondary authentication
      • Site-to-site VPN: Dynamic crypto maps for point-to-point topologies
      • TLS crypto acceleration
    • Deployment time improvements
    • New REST API capabilities
    • API Explorer based on OAS
    • Snort Restart improvements

Cisco Firepower Management Center

What’s new in 6.4 (FTD/FDM)?

 

    • RA VPN and S2S VPN Enhancements
      • Support for RADIUS servers and Change of Authorization in remote access VPN.
    • Hit counts for access control and prefilter rules
    • Identity Enhancements:
      • Passive authentication with full ISE/ISE-PIC
      • ISE-PIC High Availability
      • Support for multipple AD realms
    • Objects – Nested and Range
    • Logging – Buffered logging and Custom Logging lists
    • Support for network range objects and nested network group objects
    • Full-text search options for objects and rules
    • External Authentication and Authorization using RADIUS for FTD CLI Users
    • Trusted certificate for management
    • FTD REST API version 3 (v3)
    • Cisco Threat Response support

Cisco FTD

 

How to upgrade it to the latest release?

 

The upgrade of the FMC/ASDM/FDM has to be done first than the ASA FirePower modules or Firepower Devices. The following tables show the requirements before the upgrade.

 

Firepower Management Center

Version 6.4.0
FMC
can manage Version 6.1 through 6.4.0.x devices
Version 6.4.0 devices require Version 6.4.0 FMC

 

 

Firepower Device Manager

Version 6.4.0
FDM
can manage one FTD device

 

 

ASDM

Version 7.12.1 ASDM can manage Version 5.3.x through 6.4.0
ASA FirePOWER modules
Version 6.4.0
ASA FirePOWER modules
require Version 7.12.1 ASDM

Connect with an Expert Today Contact us

Ruben Cocheno

Ruben Cocheno is a CCIE Consultant who has been working in the Networking & Security Industry since 2004. His vast experience across different Large Organizations gave him a set of tools that allows him to design, implement and support solutions within many diverse network technologies becoming more agnostic driven. When he is not working you can find him Blogging (www.cocheno.com), mentoring young pupils on networking/security subjects, practicing outdoors sports, or reading.