06-11-2018 07:12 AM - edited 03-12-2019 05:21 AM
06-11-2018 07:47 AM
06-14-2018 03:29 AM
Remote access SSL VPN (AnyConnect) has a couple of caveats currently with respect to unsupported features:
Site-to-site IPsec VPN supports crypto maps but not VTIs. There's no DMVPN or FlexVPN support. The configuration guide covers most of what you need to know:
06-14-2018 07:29 AM
Thank you Marvin, I appreciate the help and especially the links you provided. I have another question, do you happen to know if the IPS service provided in the NGFW is managed by Cisco or does it manually need to be managed by an admin?
06-14-2018 10:07 AM
The local admin needs to setup things initially. There is the option to "set and forget" - updated Security Intelligence information, periodic IPS rule deployments etc. can all be completely automated.
It's not a managed service from Cisco per se although they provide the feeds and rules. Their backend information coming from Talos (Cisco's in-house security researchers) are part of what you're buying.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide