Cisco Firepower Threat Defense (FTD)

Nazmul Rajib

Cisco Firepower Threat Defense (FTD)

By Nazmul Rajib
In stock
Product is in stock and will be despatched within 1-2 working days.
Add to cart
Nazmul Rajib
Published Date
This is the definitive guide to best practices and advanced troubleshooting techniques for the Cisco flagship Firepower Threat Defense (FTD) system running on Cisco ASA platforms, Cisco Firepower security appliances, Firepower eXtensible Operating System (FXOS), and VMware virtual appliances.

Senior Cisco engineer Nazmul Rajib draws on unsurpassed experience supporting and training Cisco Firepower engineers worldwide, and presenting detailed knowledge of Cisco Firepower deployment, tuning, and troubleshooting. Writing for cybersecurity consultants, service providers, channel partners, and enterprise or government security professionals, he shows how to deploy the Cisco Firepower next-generation security technologies to protect your network from potential cyber threats, and how to use Firepower’s robust command-line tools to investigate a wide variety of technical issues.

Each consistently organised chapter contains definitions of keywords, operational flowcharts, architectural diagrams, best practices, configuration steps (with detailed screenshots), verification tools, troubleshooting techniques, and FAQs drawn directly from issues raised by Cisco customers at the Global Technical Assistance Center (TAC). Covering key Firepower materials on the CCNA Security, CCNP Security, and CCIE Security exams, this guide also includes end-of-chapter quizzes to help candidates prepare.


Nazmul Rajib is a senior engineer and leader of the Cisco Global Technical Services organization focusing on next-generation security technologies. He leads cybersecurity training initiatives, develops internal training programs, and trains the current generation of Cisco engineers who support Cisco security solutions around the world. He also reviews design specifications, tests security software, and provides solutions to businesscritical networking issues. Nazmul has authored numerous technical publications at and in the Cisco support community.

Nazmul is a veteran engineer of Sourcefire, Inc., which developed Snort–the most popular open-source intrusion prevention system in the world. He created and managed the global knowledge base for Sourcefire and designed Sourcefire security certifications for partner enablement. Nazmul trained security engineers from many managed security service providers (MSSP) in the United States. He supported the networks of numerous Fortune 500 companies and U.S. government agencies.

Nazmul has a master of science degree in internetworking. He also holds many certifications in the areas of cybersecurity, information technology, and technical communication. He is a Sourcefire Certified Expert (SFCE) and Sourcefire Certified Security Engineer (SFCSE).

Table of contents
  • Chapter 1 Introduction to the Cisco Firepower Technology
  • Chapter 2 FTD on ASA 5500-X Series Hardware
  • Chapter 3 FTD on the Firepower eXtensible Operating System (FXOS)
  • Chapter 4 Firepower Management Center (FMC) Hardware
  • Chapter 5 Firepower System Virtual on VMware
  • Chapter 6 The Firepower Management Network
  • Chapter 7 Firepower Licensing and Registration
  • Chapter 8 Firepower Deployment in Routed Mode
  • Chapter 9 Firepower Deployment in Transparent Mode
  • Chapter 10 Capturing Traffic for Advanced Analysis
  • Chapter 11 Blocking Traffic Using Inline Interface Mode
  • Chapter 12 Inspecting Traffic Without Blocking It
  • Chapter 13 Handling Encapsulated Traffic
  • Chapter 14 Bypassing Inspection and Trusting Traffic
  • Chapter 15 Rate Limiting Traffic
  • Chapter 16 Blacklisting Suspicious Addresses by Using Security Intelligence
  • Chapter 17 Blocking a Domain Name System (DNS) Query
  • Chapter 18 Filtering URLs Based on Category, Risk, and Reputation
  • Chapter 19 Discovering Network Applications and Controlling Application Traffic
  • Chapter 20 Controlling File Transfer and Blocking the Spread of Malware
  • Chapter 21 Preventing Cyber Attacks by Blocking Intrusion Attempts
  • Chapter 22 Masquerading the Original IP Address of an Internal Network Host