Tag: fmc

Cisco FMC / FTD eventing

Sometimes there are just too many connections in your network and your FMC cannot handle them. Especially virtual FMC is not very good syslog collector (there is limit of connection in DB). FMC is more suitable as a SIEM – all your security events should still be sent to FMC. Cisco FTD eventing design When you want to log all the connection information there will be lots of syslogs, and

Read More

Cisco FTD – permit bpdu frames

In the old days of Cisco ASA transparent firewalls, there was an option to allow BPDU frames in access list. Therefore, bpdu frames were passing through the firewall even some rule later could override it. ASA ACL looked something like this. access-list acl-bpdu ethertype permit bpduaccess-group acl-bpdu in interface inside In the FTD there is no way to allow this using Access control policies. By default, BPDUs are forwarded for

Read More