Category Archives: Firewall

Fixing “Error fetching groups” After Upgrade Sourcefire to 6.0

We have just upgraded Sourcefire to 6.0. Did everything go smooth? Well, almost. Some users (me included) are having issues fetching users and groups from Active Directory realm. The error is: Error fetching groups. Please check your directory configuration and … Continue reading

Posted in Cisco, FirePOWER, FireSight, Firewall, IPS, Security, Sourcefire | Tagged , , , | Leave a comment

Upgrade Cisco Sourcefire to 6.0

Just a few days after we have upgraded our Sourcefire infrastructure to 5.4, Cisco released the 6.0 version. Before we do an upgrade, first let’s briefly check out what do we get with this major release: SSL Traffic inspection DNS-based … Continue reading

Posted in Cisco, FirePOWER, FireSight, Firewall, IPS, Security, Sourcefire | Tagged , , , , , | 19 Comments

Sourcefire Security Intelligence

Let’s talk a little bit about a nice capability of Sourcefire system called “Security Intelligence” (SI). With the SI we have the option to block the traffic based on its reputation, before it reaches detection engine. We had this functionality … Continue reading

Posted in ASA, Cisco, FirePOWER, Firewall, IPS, Security, Sourcefire | Tagged , , , , , | 18 Comments

FireSIGHT backup and restore

Before we make a short summer break, let’s do one important step in our Sourcefire saga – backup and restore. This is our lab environment with lots of changes, so it would be nice if we had the option to … Continue reading

Posted in Cisco, FirePOWER, Firewall, IPS, Security, Sourcefire | Tagged , , , | 2 Comments

Sourcefire Custom IPS Signatures Using Signature Editor

Up until this point we relied on Cisco/Sourcefire to provide us with signatures that will protect our network. But, at some point in our IPS expert career the need will arise to create our own signatures. This time we will … Continue reading

Posted in Cisco, FirePOWER, Firewall, IPS, Security, Sourcefire | Tagged , , , , | 6 Comments

Sourcefire Access Control Policies – Part One

Let me stress out one more time that this blog series is all about ASA5500-X with the SFR module. Some things described here may be different for physical appliances. Now we have all installed and set up and we want … Continue reading

Posted in ASA, Cisco, FirePOWER, Firewall, Security, Sourcefire | Tagged , , , , | 7 Comments

Installing Cisco ASA FirePOWER software module

Now that we know something about the SFR module, it’s time to make it running. We will break down the installation into following steps: Preparing for installation Installation Setup Prepare Like we saw in previous blog, there are some prerequisites … Continue reading

Posted in ASA, Cisco, FirePOWER, Firewall, Security | Tagged , , , , , | 31 Comments