Understanding how Cisco ASA with FirePOWER Services works

        We recently installed a Cisco ASA 5508-x with FirePOWER Services. I am now getting around to setting FP up. I would like to understand how FP works before configuration.
In terms of exposure, how does the FPmodule handle traffic. Let's say the module is in "Inline" mode. From my understanding, all traffic enters and exits through the module before heading to its destination. So let's say, for example, the module has an internal IP (it is my understanding the module must be on the same VLAN as the inside interface). Traffic comes in and goes to the FP module. Am I exposing my internal network by having the module on an internal VLAN? Or does the traffic have to properly pass ACL rules to GET to the module. Because I'm not exactly an expert on this stuff (obviously), maybe I can try to explain it like this. Cable-wise, traffic comes in through the inside interface. With FP services, does traffic come through the inside interface, get redirected to the FP module, inspected, then redirected back to its original destination? What about traffic going out? Does it hit the inside interface, get redirected to the module, then back to the inside interface? I realize these are a lot of probably dumb questions, but I'm trying to get answers so I can explain them to my manager.

Leave Your Comment

Leave a Reply