Chapter 21Preventing Cyber Attacks by Blocking Intrusion Attempts
One of the most popular features of Firepower Threat Defense (FTD) is that it can function as an intrusion detection system (IDS) as well as an intrusion prevention system (IPS). FTD uses Snort, an open-source IDS/IPS, to perform deep packet inspection. Snort can detect intrusion attempts and prevent cyber attacks in real time. When an FTD device runs Snort along with many other next-generation security technologies (described in recent chapters), the device turns into a next-generation intrusion prevention system (NGIPS). In this chapter, you will learn how to configure and deploy an intrusion policy on an FTD device.
Figure 21-1 shows a packet analyzed against a Snort ruleset ...
Get Cisco Firepower Threat Defense (FTD) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.