You are here
SEC0226 - ASA Firepower 6.0 URL and DNS Security Intelligence (Part 2)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video introduces you to the concept of URL and DNS Security Intelligence on ASA Firepower 6.0. Unlike their predecessor, Network-based SI that monitor traffic at the IP address level, URL and DNS SI allow or deny traffic based on URL and DNS requests. We will go through some lab exercise of configuring both static and dynamic feed. We will also demonstrate an ability to have Firepower intercept and redirect DNS request to a sinkhole target.
Part 2 of this video covers configuration and testing of DNS Security Intelligence
Topic:
-
URL Security Intelligence
- Static BlackList and Whitelist
- Custom Dynamic URL Feed
- Cisco Dynamic URL Feed
-
DNS Security Intelligence
- Static BlackList and Whitelist
- Custom Dynamic DNS Feed
- Cisco Dynamic URL Feed
- Access Policies
- DNS Sinkhole
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
2 comments
DNS Inspection Remove
Hello, I wonder is there other protocols that also need to be removed from ASA inspection for working properly just like DNS?
DNS Inspection Remove
As shown in video, there should not be other protocols you need to remove for this to work.