Coder Social home page Coder Social logo

cisco-ftdv's Introduction

Cisco Secure Firewall Threat Defense Virtual (formerly FTDv/NGFWv)

TDv Autoscaling

This Repository provides resources to bring up TDv (Threat Defence Virtual) Auto Scale solution.

Some of the key features of the TDv Auto Scale include:

  • Complete serverless implementation!
  • Completely automated TDv instance registration and de-registration with FMC.
  • NAT policy, Access Policy, IP and Routes are automatically applied to scaled-out TDv instance.
  • Support for Enabling / Disabling Auto Scaling feature.

Threat Defense Virtual Cluster

  • Clustering lets you group multiple threat defense units together as a single logical device.
  • A cluster provides all the convenience of a single device (management, integration into a network) while achieving the increased throughput and redundancy of multiple devices.

AWS GuardDuty Integration with Cisco Secure Firewall

This solution make use of the threat analysis data/results from Amazon GuardDuty (malicious IPs generating threats, attacks etc.) and feeds that information(malicious IP) to the Cisco Secure Firewall Threat Defense Virtual via the managers: Cisco Secure Firewall Management Center Virtual , Cisco Secure Firewall Device Manager to protect the underlying network and applications against future threats originating from these sources(malicious IP).

Cloud Deployment Templates

This provides set of templates for deployment of NGFWv in public clouds.

Azure Templates

Azure Resource Manager(ARM) templates to deploy Cisco's NGFWv/FTDv and FMCv in Azure public cloud using custom image.

Azure Resource Manager Templates
Azure Resource Manager templates are JSON files that contain resource descriptions and parameter definitions.

  • Template file: This is the main resources file that deploys all the components within the resource group.
  • Parameter file: This file includes the parameters required to successfully deploy the FTDv.

Openstack Templates

This conatains heat template files to deploy the Secure Firewall Threat Defense Virtual (TDv) and Secure Firewall Management Center Virtual (MCv) on OpenStack environment.

Resources

FTDv Autoscale

Threat Defense Virtual Cluster

Cloud Service Integration

Deployment Template

Archived

cisco-ftdv's People

Contributors

aknadgir avatar nanditha-s avatar sumiscisco avatar veeratcisco avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

ddiger nianton carlosdoki jeremycohoe asauerwein ekostlan cchaudha ply1-ops mohamedali81 cjnchege dfoulkes sagsagar vodacom-mz kritkuma jeroenris jhwwilson pillowsopher yvmo sumansuyash orderoftheoverflow nikoloz-abuashvili jquintero17 ministryofjay-cisco

cisco-ftdv's Issues

Failover Lambda Script for NGFWv and TGW

Hi,

I've been looking for articles specifically for Cisco NGFWv to failover between two NGFWv in two AZs when using VPC attachment to Transit Gateway but I haven't any.

Do you gents have any resources? I know there's no need to write any lambda function when using VPN attachments but not a lot of customers want to cause bottleneck for ingress and egress traffic in their AWS environment.

Would appreciate your response.

IPv6 support

I would like to protect also IPv6 traffic, but Interfaces do not support the protocol after autoscaling, I've to do that by hand that is not a great "autoscaling" behaviour.

Azure routing tables are not created if the VNet and subnets already exist

Scenario:

  • Azure
  • Firewall VNet and 4 x subnets already created in rg1
  • vFTD deployed to Firewall VNet and rg2

Issue:

  • no routing tables are created for the FTD subnets

Why preconfigure the vnet and rg1?

  • The FTD deployment will not work if there are any objects in the target resource group
  • Some people use subnet segregation rather that hub and spoke / multiple vnets.
  • Some Azure services are unable to traverse VNets, e.g. Azure Bastion.
  • VNet & subnet can be provisioned by Terraform in advance.

ftdv-ilb is failing in Azure ARM deployment

Hi.

When trying to deploy the AutoScaler FTDv för Azure via ARM I'm getting the following:
Worth mentioning is that all resources exept ftdv-ilb is working and can't se any difference between ftdv-ilb and ftdv-elb.

{
    "status": "Failed",
    "error": {
        "code": "InvalidResourceReference",
        "message": "Resource /subscriptions/08b5eae9-f8bc-418e-ab44-a4ce25959426/resourceGroups/CISCO-VIRTUALNET-RG/providers/Microsoft.Network/virtualNetworks/CISCO-VIRTUALNET referenced by resource /subscriptions/08b5eae9-f8bc-418e-ab44-a4ce25959426/resourceGroups/FirePowerDelete/providers/Microsoft.Network/loadBalancers/ftdv-ilb was not found. Please make sure that the referenced resource exists, and that both resources are in the same region.",
        "details": [
            {
                "code": "NotFound",
                "message": "Resource /subscriptions/08b5eae9-f8bc-418e-ab44-a4ce25959426/resourceGroups/CISCO-VIRTUALNET-RG/providers/Microsoft.Network/virtualNetworks/CISCO-VIRTUALNET not found."
            }
        ]
    }
}

I'm using the .json at https://github.com/CiscoDevNet/cisco-ftdv/tree/master/autoscale/azure/ARM%20Template

ftdv-7-3-0-44 Image not found in GCP

Team,

I followed the instruction from url : https://github.com/CiscoDevNet/cisco-ftdv/blob/master/cluster/gcp/Terraform/readme.md
I'm getting the below error, whilst deploying deploy_ngfw_cluster.

Error: Error creating instance template: googleapi: Error 404: The resource 'projects/awip-391214/global/images/ftdv-7-3-0-44' was not found, notFound

Note: I can confirm that there are no images created in my project from the previous steps. Can someone where/how the image is created or if there is a place where i can fetch the image?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.