You are here
SEC0177 - ASA FirePower Event Correlation and Remediation (Part 1)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video demonstrates Cisco ASA FirePower capability to correlate system events and generate appropriate remediation responses. We will go through two example scenarios; one with a basic event matching and responding, and the other continues to track the connection and apply a more complex conditions before issuing response. Specifically, we will configure NMAP scan and IP shun remediations.
Part 1 of this video goes through the first scenario to perform NMAP scan on a newly discovered host
Topic:
- Correlation Policy and Rules
- Correlation Rule Event Conditions
- Connection Tracking
- Remediation Response and Response Group
- Remediation with NMAP Scan and Firewall Shun
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
2 comments
I Love www.labminutes.com
I love www.labminutes.com now i am learning Cisco ASA.
I Love www.labminutes.com
Thanks for the feedback. Enjoy!