Branch, Cloud, Data Center, Security

Cisco Firepower 6.4 Update

Cisco Firepower 6.4 Update

Cisco launched the new Cisco Firepower 6.4 release with a lot’s of improvements, new features, and more integrations.

What’s new in 6.4 (FMC)?

 

    • FMCv in Azure
    • Object usage
    • Hit counts for access control and prefilter rules
    • New commands introduced for Connection-based troubleshooting
    • Events, Logging, and Analysis
      • Integration with Cisco Threat Response
      • Improvements to syslog messages for file and malware events
      • IntrusionPolicy field is now included in syslog
    • VPN enhancements
      • RA VPN: Duo as first factor in two-factor authentication
      • RA VPN: Secondary authentication
      • Site-to-site VPN: Dynamic crypto maps for point-to-point topologies
      • TLS crypto acceleration
    • Deployment time improvements
    • New REST API capabilities
    • API Explorer based on OAS
    • Snort Restart improvements

Cisco Firepower Management Center Dashboard

The Cisco Firepower Management Center provides extensive intelligence about the users, applications, devices, threats, and vulnerabilities that exist in your network. It also uses this information to analyze your network’s vulnerabilities. It then provides tailored recommendations on what security policies to put in place and what security events you should investigate.

What’s new in 6.4 (FTD/FDM)?

 

    • RA VPN and S2S VPN Enhancements
      • Support for RADIUS servers and Change of Authorization in remote access VPN.
    • Hit counts for access control and prefilter rules
    • Identity Enhancements:
      • Passive authentication with full ISE/ISE-PIC
      • ISE-PIC High Availability
      • Support for multipple AD realms
    • Objects – Nested and Range
    • Logging – Buffered logging and Custom Logging lists
    • Support for network range objects and nested network group objects
    • Full-text search options for objects and rules
    • External Authentication and Authorization using RADIUS for FTD CLI Users
    • Trusted certificate for management
    • FTD REST API version 3 (v3)
    • Cisco Threat Response support

To keep the bad guys out of your network, you’ve got to think and act one step ahead. That’s exactly what the threat-focused Cisco next-generation firewall was built to do. Join Cisco security experts now and get a firsthand look at the hardware, software, and management that make up this fully integrated solution.

How to upgrade it to the latest release?

 

The upgrade of the FMC/ASDM/FDM has to be done first than the ASA FirePower modules or Firepower Devices. The following tables show the requirements before the upgrade.

Firepower Management Center

Version 6.4.0
FMC
can manage Version 6.1 through 6.4.0.x devices
Version 6.4.0 devices require Version 6.4.0 FMC

Firepower Device Manager

Version 6.4.0
FDM
can manage one FTD device

ASDM

Version 7.12.1 ASDM can manage Version 5.3.x through 6.4.0
ASA FirePOWER modules
Version 6.4.0
ASA FirePOWER modules
require Version 7.12.1 ASDM
Cisco Defense Orchestrator Learn More

Cisco Defence Orchestrator Security policy management allows a network operations team to easily manage policies across your Cisco security products. CDO is a cloud based application which orchestrates policies in one spot to keep your company protected against the latest threats.

Related Posts