4. About your speaker
Jeff Fanelli
Principal Systems Engineer
Cisco Global Security Sales Organization
My city was was founded in
1701 by Antoine de la Mothe
Cadillac (some French guy)
52. Firepower App for Qradar
Shows hosts that are
potentially compromised
Which hosts on my
network have sent the
most malware
Intrusion events by
‘Impact’ or likelihood of
an attack impacting the
targeted system
Malware observed most
often on my network
Shows hosts that are
know to be
compromised
52
BRKSEC-2050
121. 121
BRKSEC-2050
Security Intelligence Network & URL Categories
Category Description
Attacker Active scanners and blacklisted hosts known for outbound malicious
activity
Malware Sites that host malware binaries or exploit kits
Phishing Sites that host phishing pages
Spam Mail hosts that are known for sending spam
Bots Sites that host binary malware droppers
CnC Sites that host command and control servers for botnets
Open Proxy Open proxies that allow anonymous web browsing
Open Relay Open mail relays that are known to be used for spam
Tor Exit Node Tor exit nodes
Bogon Bogon networks and unallocated IP addresses
132. • Create Shared Access Policy
• Add firewalls to management console
• Configure Interfaces and static routes on each firewall
• Configure dynamic routing for dedicated WAN (optional)
• Configure Shared VPN Policy
• Deploy policies
• Re-address firewalls for remote site and bring on-line!
Ordered Steps for Remote Site Configuration
180. 180
BRKSEC-2050
Running Show Commands from the FMC
• Use FTD CLI on FMC
• Supports three main CLIs
• Traceroute
• Ping
• Show
• Used to get information on
NAT, Routing, detailed
VPN information, etc..