0 Replies Latest reply: Oct 6, 2017 5:52 PM by ashvaras RSS

5545 questions

ashvaras

Hi there!  I have some questions on the  ASA5545-FPWR-K9...I have done some research but can anyone advise me additionally that would be great!

 

 

1. Please confirm that the firewall is on the NIAP compliant firewalls:


https://www.niap-ccevs.org/Product/PCL.cfm?ID624=33

 

https://www.niap-ccevs.org/Product/PCL.cfm?par303=Cisco%20Systems%2C%20Inc%2E

 

So I've looked into this and Im not actually seeing the 5545 on the list…so is it not compliant?


 

2. Support for Alienvault USM plugin? (We are using AlienVault as our SIEM)

 

Im seeing a Cisco plugin but not a alien vault plugin - So the answer would be no?

https://www.alienvault.com/documentation/usm-anywhere/supported-plugins/configuring-cisco-firesight.htm


 

3. Support for various NCM products? Do you currently support plugins for any NCM tool or is this information normally provided via syslog files?

Limited support for the NCM products https://thwack.solarwinds.com/thread/102955 So this looks like a no?


 

4. Support for IPSEC tunneling of already IPSEC encrypted traffic (that is are there any issues with the inbound “clear text” traffic to the firewall being IPSEC encrypted?

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/vpn_overview.html

I dont really know if there is, Im trying to look over this document to see but advisement would be great


 

5. Support for two factor authentication? We are using Yubikey as a 2FA for privileged users and would prefer direct support at the FW as opposed to just opening up a SSH from a admin workstation to the FW.

there seems to be support for two factor authentication but only for Radius and Tacacs...https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/fxos201/cli-config/b_CLI_ConfigGuide_FXOS_201/user_management.html


Please let me know your thoughts- its greatly appreciated!