Firepower API’s Allow an Integrated Security Architecture

Cisco’s integrated suite of Next Generation Firewall (NGFW) has made some great updates recently. Now, DevNet brings you new learning labs and code exchange submissions to help you get started. To kick it off, join our upcoming webinar on September 22, 8:00am PDT. Register Now!

This webinar is part of our security webinar series as described in my previous blog post.

What is Firepower?

Cisco Firepower is Cisco’s integrated suite of NGFW security platforms. It can be deployed either on purpose-built platforms or as a software solution. The same hardware platforms can be deployed either as standalone devices or be centrally managed. The standalone deployment is managed though an on-box management known as Firepower Device Manager (FDM). The centrally managed solution can deploy more network sensors than just an HA-pair. Thus, providing the same Security Policy centrally managed by Firepower Management Center (FMC). Depending on the use case, customers can choose the on-box or centrally managed option.

Rich APIs give you more possibilities

Both the FDM and FMC options have rich API’s, each covering a broad spectrum of possibilities. The nice thing about the FDM, is that it is completely built on top of API’s, which means everything you can do in the GUI, is possible via the API’s as well. The FMC API’s are also very rich, and have more event correlation possibilities, since they are stored off-box.

The Firepower API’s allow for a completely integrated security architecture, both within the Cisco security architecture (e.g., SecureX, Identity Services Engine, Advanced Malware protection), as well as with third party vendors (e.g., SIEMs, Vulnerability Scanners). Another great advantage of the Firepower APIs is automation: doing device deployments, policy updates and security incident remediation without human intervention.

In the newly released DevNet learning labs, code exchange submissions and the upcoming webinar, this will all be discussed! Let me give you a small insight in what to expect via a very cool and real-life automation use case.

Firepower automation use case: remote access VPN deployment

One use case we have chosen as an example is Firepower Remote Access (RA) VPN deployment. Today, with more and more people working from home, RA-VPN is now more important than ever.

Let’s first think about all the steps to deploy RA-VPN manually through the GUI:

Network Configuration
- Interfaces
- Routing
NAT rules
Create Network Objects
Create Ports Objects
Create Security Rules
Remote Access Tunnels
User Authentication
Split tunneling
And maybe some additional configuration

What’s the benefit of automating all these tasks? It’s all about spending a few minutes instead of hours. Furthermore, the chance of human error decreases significantly if automation is used.

For reaching this goal (RA-VPN deployment) with APIs, we just need to know which API endpoints to call, how to call them, how to build requested variables we must send in our APIs calls, and which workflow to use. It will be the same story for every service we want to configure in the solution. Only the API endpoint will change. In the upcoming webinar we will show you how to do this yourself!

Become a Cisco Certified DevNet Security Specialist

Are you getting prepared to become a Cisco Certified DevNet Security Specialist? Then you are in luck! Attending this webinar series will lay an excellent foundation for your studying efforts. Over the course of the webinar series, we will walk you through all the Security API’s that Cisco has to offer!