Chapter 21Preventing Cyber Attacks by Blocking Intrusion Attempts

One of the most popular features of Firepower Threat Defense (FTD) is that it can function as an intrusion detection system (IDS) as well as an intrusion prevention system (IPS). FTD uses Snort, an open-source IDS/IPS, to perform deep packet inspection. Snort can detect intrusion attempts and prevent cyber attacks in real time. When an FTD device runs Snort along with many other next-generation security technologies (described in recent chapters), the device turns into a next-generation intrusion prevention system (NGIPS). In this chapter, you will learn how to configure and deploy an intrusion policy on an FTD device.

Figure 21-1 shows a packet analyzed against a Snort ruleset ...

Get Cisco Firepower Threat Defense (FTD) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.