CDO onboarding ASA/FTD devices

Cisco Defense Orchestrator (CDO) is Cisco’s cloud-based management solution, which enables centralised management of security devices and policies. CDO provides the ability to share configuration such as network objects and policies across multiple Cisco devices (ASA, FTD, Meraki and IOS switches). CDO communicates with an organisations’ managed devices using a proxy called Secure Device Connector… Read More CDO onboarding ASA/FTD devices

ASA Remote Access VPN using LDAP

This post describes the procedure to configure a Cisco ASA firewall with LDAP authentication for AnyConnect Remote Access VPN access. Refer to the previous posts for configuring AnyConnect Remote Access VPNs. ASA AnyConnect IKEv2/IPSec VPNASA AnyConnect SSL-VPNASA Split Tunneling Active Directory Pre-requisites The following pre-requisites for Active Directory are required. An LDAP Service Account The… Read More ASA Remote Access VPN using LDAP

ISE integration with Stealthwatch

This post describes the steps to configure Cisco Stealthwatch Management Centre (SMC) and Cisco Identity Services Engine (ISE) using pxGrid. Once integrated with ISE, the SMC will learn the user session information (IP address/username bindings), Static TrustSec mappings and Adaptive Network Control (ANC) mitigation actions for quarantining endpoints. Versions used in this scenario: – Cisco… Read More ISE integration with Stealthwatch

FTD configuration using FDM

Cisco Firepower Threat Defense (FTD) firewall can be managed centrally using either Firepower Management Centre (FMC) or Cisco Defense Orchestrator (CDO), or locally using Firepower Device Manager. This post will describe how to configure the FTD using FDM and setup basic outbound internet access and permit inbound access to a hosted webserver. FTD Initial Configuration… Read More FTD configuration using FDM