Chapter 16Blacklisting Suspicious Addresses by Using Security Intelligence

To compromise a network, an attacker uses various techniques, such as spam, command-and-control (CNC) servers, phishing, and malware. The volume and sources of new threats are increasing every day. As a security engineer, you might find it challenging to keep the access control list of a firewall up to date with all the new suspicious addresses. To make this job easier, FTD offers a unique threat defense mechanism called Security Intelligence. This chapter describes the processes of configuring the Security Intelligence technology and verifying its operations.

Security Intelligence Essentials

Security Intelligence enables you to blacklist a suspicious address without ...

Get Cisco Firepower Threat Defense (FTD) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.