You are currently viewing FTD Interruption Observations

FTD Interruption Observations

This is a quick article to highlight the potential interruption on Firepower devices caused by inspection interruption when updated are deployed to Firepower Threat Defense (FTD) devices.

I will continue to update this article if/when more tests are carried out.

Note: The following results may slightly differ in your environment.

Deploying a new policy to an FTD when a new SRU has been made available

The following test was conducted when a new Snort Rule Update (SRU) was downloaded to the FMC and the changes were then deployed to an FTD appliance. The following observation was made while using a single FMCv and FTDv.

While pinging ‘google.com’ 490 packets were transmitted and 456 of those packets were received. The remaining 6.9% (34 packets) were dropped as policy changes were being deployed.

iwiizkiid

Kelvin is a Cyber Security professional with years and experience working with organisations in different verticals, both large and small. He enjoys contributing to the Network Wizkid knowledge base and he also creates technical content. Kelvin enjoys learning new things and often does this by working on achieving new technical certifications. He holds many professional certifications and academically, he has achieved a Bachelors and Master's degree in both Computer Networks and Cyber Security.

Leave a Reply