Product Evolution and Lifecycle – Cisco Introduction to Cisco Secure Firewall and IPS

Product Evolution and Lifecycle

Sourcefire originally had two different software trains: Version 4.x was primarily intended for intrusion prevention system (IPS) functionality, and Version 5.x was developed with the next-generation firewall (NGFW) features. Depending on the software train, the management platforms had different names. For example, in Version 4.x, it was known as Sourcefire Defense Center, and in Version 5.x, it was known as FireSIGHT Management Center (FMC). Similarly, a sensor was known as 3D Sensor in Version 4.x and a FirePOWER Appliance in Version 5.x. Therefore, it would be correct to say that, in Version 4.x, a Sourcefire Defense Center manages the 3D Sensors, whereas, in Version 5.x, a FireSIGHT Management Center manages the FirePOWER Appliances. Here, note the two different terms—FireSIGHT and FirePOWER.

To make the nomenclature simple as well as to retain the brand reputation, Cisco rebranded them with one simple word: Firepower (note that power is written in lowercase). Starting from Version 6.x, Cisco also streamlined the name of the management platform as Firepower Management Center (FMC). Cisco did not retrospectively change the name of the legacy Sourcefire software and hardware from uppercase FirePOWER to lowercase Firepower; for example, the Cisco FirePOWER appliances and the Cisco ASA with FirePOWER services. Here, FirePOWER (in uppercase format) refers to the developments prior to the Sourcefire acquisition. Only the newly released hardware and software used Firepower (in lowercase format) to indicate that this hardware series was introduced after the acquisition.

Table 1-2 shows the branding of management platforms in different software versions.

  

Table 1-2 Evolution of Cisco Secure Firewall Management Center

Version

Solution Name

Management Platform Name

Version 4.x

3D System

Defense Center

Version 5.x

FireSIGHT System

FireSIGHT Management Center

Version 6.x

Firepower System

Firepower Management Center

Version 7.x

Cisco Secure Firewall

Cisco Secure Firewall Management Center

Figure 1-8 and Figure 1-9 show the login pages of the management platforms in different major software releases.

  

Figure 1-8 The Login Pages of the Management Platforms in Versions 7.x and 6.x

  

Figure 1-9 The Login Pages of the Management Platforms in Versions 5.x and 4.x

As with the Sourcefire acquisition, Cisco has been periodically acquiring companies that develop cutting-edge products and technologies. In 2020, Cisco unified all the security product names with the Cisco Secure brand. This rebranding simplifies the product names and reflects their use and purpose. For example, the Firepower System is rebranded as Cisco Secure Firewall; the Firepower Management Center is rebranded as Cisco Secure Firewall Management Center, and the Firepower Threat Defense (FTD) is rebranded as Cisco Secure Firewall Threat Defense. Table 1-3 shows some of the new product names according to the Cisco Secure branding architecture.

  

Table 1-3 Cisco Secure Branding Architecture

New Name

Previous Name

Cisco Secure Firewall

Firepower Next-Generation Firewall (NGFW)

Cisco Secure Firewall Threat Defense

Firepower Threat Defense

Cisco Secure Firewall Management Center

Firepower Management Center

Cisco Secure IPS

Firepower Threat Defense IPS Mode

Malware Defense

Advanced Malware Protection (AMP) for Networks

Malware Analytics Cloud

Advanced Malware Protection (AMP) Cloud

Cisco Secure Endpoint

Advanced Malware Protection (AMP) for Endpoints

Cisco Secure Client

Cisco AnyConnect Secure Mobility Client

Cisco Secure Malware Analytics

Cisco Threat Grid

Cisco releases two software versions for Secure Firewall, usually about six months apart. The Short-Term Release (STR) has a shorter lifecycle, but it includes the latest feature set. The Long-Term Release (LTR) provides a longer lifecycle. If you are looking for a release that has the latest features and longer support duration, this should be your choice. Every two years, Cisco releases an extended version of LTR, called Extra Long-Term Release (XLTR). This release not only offers the longest lifecycle but also is chosen for government certification. Figure 1-10 displays the longevity of different types of software releases from the first customer shipment (FCS) date.

  

Figure 1-10 The Software Release Lifecycle of Cisco Secure Firewall

This book is written based on Cisco Secure Firewall Version 7.0, which is an XLTR. If you are running a different software version, you may find your management center’s GUI slightly different. For instance, the banner may show Firepower Management Center or Firewall Management Center, depending on the version you are using. That’s okay for your CCNP Security lab environment because they both refer to the same type of firewall manager. Furthermore, to capture additional contexts in a screenshot, it was often necessary to zoom in/out the browser. Due to dynamic rendering of browser, both Firepower Management Center and FMC appear in the screenshots. Please don’t be confused: they are the same thing (see Figure 1-11). If your management center’s GUI looks different from the screenshots provided in this book, you can still use this book to prepare for the CCNP Security exam because the fundamental knowledge of the Cisco Secure Firewall remains the same across all the versions and platforms.

  

Figure 1-11 Variation in Banners, Referring to the Same Management Platform

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *