Cisco Firepower: FMC SSL Decrypt with MS Signed CA

No video

Cisco Firepower: FMC SSL Decrypt with MS Signed CA

Рет қаралды 3,944

Күн бұрын

In this video we will setup Firepower TLS decryption capabilities to ensure we are inspecting all traffic and not missing threats embedded in TLS. We will leverage a MS CA to sign the CSR from Firepower to enable Firepower to issuing Certificates. This also helps with browser errors when using self signed - in most environments the internal ROOT CA is distributed using GPO so all assets trust certificates issued by this CA. We will finish off with some testing and validation.

Пікірлер: 6

@Smartanification Жыл бұрын

Thank you really informative and to the point, loved it

@jasonmaynard8773 Жыл бұрын

Glad it was helpful!

@dusanmirkovic6457 3 жыл бұрын

How, on earth, did you change FMC to dark theme? Pleeeeseeee share this :)

@jasonmaynard8773 3 жыл бұрын

I beleive it started in version 6.7 but check out 7.x. As always with any release review the release notes and test. Have fun!

@dusanmirkovic6457 3 жыл бұрын

One more thing... I have two tier PKI , meaning, I have root ca (srv1), Subordinate root ca (srv2) who is doing issuing certs to everybody. So where do I go for SUB CA for FMC? Do I go to root ca (srv1) and ask this server to di the issuing SUB CA for FMC or I go to (srv2) for issuing? Thank you ! Btw, great clip ;)

@jasonmaynard8773 3 жыл бұрын

Thanks for the feedback! You need to use an authority that supports granting issuing CA's for subnorates.