Cisco 7010 Installation Manual page 20

Firepower 7000 series; firepower 8000 series

Hide thumbs Also See for 7010:

Product user manual (151 pages)

Help manual (132 pages)

Replacement instructions manual (23 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

page of 204

/ 204
Contents
Table of Contents
Bookmarks

Table of Contents

Licensing the Firepower System

For Firepower, ASA FirePOWER, and NGIPSv devices, you must use Classic Licenses.

•

By default, your Firepower Management Center can perform domain control, host, application, and user

discovery, as well as decrypting and inspecting SSL- and TLS-encrypted traffic.

Feature-specific classic licenses allow your managed devices to perform a variety of functions including:

intrusion detection and prevention

•

Security Intelligence filtering

•

file control and AMP for Firepower

•

application, user, and URL control

•

switching and routing

•

device high availability

•

network address translation (NAT)

•

virtual private network (VPN) deployments

•

There are a few ways you may lose access to licensed features in the Firepower System. You can remove

licenses from the Firepower Management Center, which affects all of its managed devices. You can also

disable licensed capabilities on specific managed devices. Finally, some licenses may expire. Though

there are some exceptions, you cannot use the features associated with an expired or deleted license.

The following summarizes Firepower System Classic Licenses:

Protection

A Protection license allows managed devices to perform intrusion detection and prevention, file

control, and Security Intelligence filtering.

Control

A Control license allows managed devices to perform user and application control, switching and

routing (including DHCP relay), and NAT. It also allows configuring devices and stacks into

high-availability pairs. A Control license requires a Protection license.

URL Filtering

A URL Filtering license allows managed devices to use regularly updated cloud-based category and

reputation data to determine which traffic can traverse your network, based on the URLs requested

by monitored hosts. A URL Filtering license requires a Protection license.

Malware

A Malware license allows managed devices to perform network-based advanced malware protection

(AMP), that is, to detect and block malware in files transmitted over your network. It also allows

you to view trajectories, which track files transmitted over your network. A Malware license

requires a Protection license.

VPN

A VPN license allows you to build secure VPN tunnels among the virtual routers on Cisco managed

devices, or from managed devices to remote devices or other third-party VPN endpoints. A VPN

license requires Protection and Control licenses.

See the Firepower Management Center Configuration Guide for complete information about classic

license types and restrictions.

Firepower 7000 and 8000 Series Installation Guide

1-12

Chapter 1

Introduction to the Firepower System

Table of Contents

Show Quick Links

Hide quick links:

Chapters

Table of Contents

This manual is also suitable for:

7120 7115 7125 Amp7150 7020 7030 ... Show all

Cisco 7010 Installation Manual page 20

Hide quick links:

Chapters

Related Manuals for Cisco 7010

Related Products for Cisco 7010

This manual is also suitable for:

Table of Contents