Cisco launched the new Cisco Firepower 6.4 release with a lot’s of improvements, new features, and more integrations.
What’s new in 6.4 (FMC)?
-
- FMCv in Azure
- Object usage
- Hit counts for access control and prefilter rules
- New commands introduced for Connection-based troubleshooting
- Events, Logging, and Analysis
- Integration with Cisco Threat Response
- Improvements to syslog messages for file and malware events
- IntrusionPolicy field is now included in syslog
- VPN enhancements
- RA VPN: Duo as first factor in two-factor authentication
- RA VPN: Secondary authentication
- Site-to-site VPN: Dynamic crypto maps for point-to-point topologies
- TLS crypto acceleration
- Deployment time improvements
- New REST API capabilities
- API Explorer based on OAS
- Snort Restart improvements
The Cisco Firepower Management Center provides extensive intelligence about the users, applications, devices, threats, and vulnerabilities that exist in your network. It also uses this information to analyze your network’s vulnerabilities. It then provides tailored recommendations on what security policies to put in place and what security events you should investigate.
What’s new in 6.4 (FTD/FDM)?
-
- RA VPN and S2S VPN Enhancements
- Support for RADIUS servers and Change of Authorization in remote access VPN.
- Hit counts for access control and prefilter rules
- Identity Enhancements:
- Passive authentication with full ISE/ISE-PIC
- ISE-PIC High Availability
- Support for multipple AD realms
- Objects – Nested and Range
- Logging – Buffered logging and Custom Logging lists
- Support for network range objects and nested network group objects
- Full-text search options for objects and rules
- External Authentication and Authorization using RADIUS for FTD CLI Users
- Trusted certificate for management
- FTD REST API version 3 (v3)
- Cisco Threat Response support
- RA VPN and S2S VPN Enhancements
To keep the bad guys out of your network, you’ve got to think and act one step ahead. That’s exactly what the threat-focused Cisco next-generation firewall was built to do. Join Cisco security experts now and get a firsthand look at the hardware, software, and management that make up this fully integrated solution.
How to upgrade it to the latest release?
The upgrade of the FMC/ASDM/FDM has to be done first than the ASA FirePower modules or Firepower Devices. The following tables show the requirements before the upgrade.
Firepower Management Center |
||
| Version 6.4.0 FMC |
can manage | Version 6.1 through 6.4.0.x devices |
| Version 6.4.0 devices | require | Version 6.4.0 FMC |
Firepower Device Manager |
||
| Version 6.4.0 FDM |
can manage | one FTD device |
ASDM |
||
| Version 7.12.1 ASDM | can manage | Version 5.3.x through 6.4.0 ASA FirePOWER modules |
| Version 6.4.0 ASA FirePOWER modules |
require | Version 7.12.1 ASDM |
Cisco Defence Orchestrator Security policy management allows a network operations team to easily manage policies across your Cisco security products. CDO is a cloud based application which orchestrates policies in one spot to keep your company protected against the latest threats.
