Tag Archives: asa

Resetting admin password on Cisco Sourcefire module

If we forgot a password for the user admin on our SFR module, we will find ourselves in a problem, sooner or later. We don’t have to know this password in a regular operations, but for troubleshooting purposes, we cannot … Continue reading

Posted in ASA, Cisco, FirePOWER, FireSight, Security, Sourcefire | Tagged , , , , | Leave a comment

DNS Sinkhole with Sourcefire

There is this nice feature with Cisco Firepower called DNS Intelligence. This feature allows us ┬áto have a huge database containing known bad domain names and utilize that database to drop connections to IPs represented by those names. We can … Continue reading

Posted in Cisco, FirePOWER, FireSight, IPS, Security, Sourcefire | Tagged , , , , , , | Leave a comment

Cisco Sourcefire 5.3.x to 5.4.x Upgrade

I was thinking whether or not publish this one. Upgrading FirePOWER from 5.3.x to 5.4.x is perhaps most trickier of all upgrades I have ever done. Now, wait a sec, somebody will say, upgrade the DefenseCenter and then upgrade SFR … Continue reading

Posted in FirePOWER, IPS, Security, Sourcefire | Tagged , , , , | 24 Comments

Connecting Sourcefire to SIEM with eStreamer

Currently we are satisfied with our Sourcefire set up. Our effort was not in vain. Let’s now connect our Sourcefire to the SIEM solution. Briefly, SIEM is an abbreviation of “Security Information and Event Management” and is a system that … Continue reading

Posted in Cisco, FirePOWER, Security, Sourcefire | Tagged , , , , , | 1 Comment

Sourcefire Access Control Policies – Part Two

From our previous blog, we have our SFR module passing all the traffic. We talked a little bit about Access Control Policies (ACP). Let’s now deep dive into details of these policies. Our topology has not changed from last time. … Continue reading

Posted in ASA, Cisco, FirePOWER, Security, Sourcefire | Tagged , , , , | 3 Comments

Sourcefire Access Control Policies – Part One

Let me stress out one more time that this blog series is all about ASA5500-X with the SFR module. Some things described here may be different for physical appliances. Now we have all installed and set up and we want … Continue reading

Posted in ASA, Cisco, FirePOWER, Firewall, Security, Sourcefire | Tagged , , , , | 7 Comments

Recovering ASA Sourcefire Module Password

By now we have completed several steps with regard to our Sourcefire deployment. We have Defense Center up and running, our modules are installed, set up and connected to Defense Center. We did lots of work in order to make … Continue reading

Posted in ASA, Cisco, Security, Sourcefire | Tagged , , , , | 2 Comments