msharma24/secure-firewall

This is a place for various teamplates and automation resources for Cisco Secure Firewall

Secure-Firewall

Templates & Automation Resources

The secure-firewall repository provides a collection of Templates and Automation Resources to get you started with Cisco Secure Firewall on diverse cloud platforms like AWS, Azure, others.

Please visit our latest cloud resources website on developer.cisco.com where additional videos and learning materials are uploaded.

Repos are organized per: Product >> Cloud Platform >> Infrastructure as Code (IaC) >> Use Case

The Cisco eStreamer client for Open Cyber Security Framework (OCSF)

The Cisco Event Streamer (also known as eStreamer) allows you to stream System intrusion, discovery, and connection data from Firepower Management Center or managed device (also referred to as the eStreamer server) to external client applications.

Please visit Cisco Security on Github for more information and installation scripts and templates

Index

Each specific usecase contains a README file with installation instructions.

• ASA on AWS:

  • CloudFormation templates:
    • Multiple ASA instances in multiple AZ
    • Multiple ASA instances in a single AZ
    • Single ASA Instance in a single AZ
    • ASAv Autoscale
  • Terraform templates:
    • Multiple ASA instances in multiple AZ
    • Multiple ASA instances in a single AZ
    • Single ASA instance in a AZ

• ASA on Azure:

  • ARM Templates:
    • Multiple ASA instances
    • Single ASA instance in single location
    • ASAv Autoscale
  • Terraform templates:
    • Single ASA instance in single location
    • Multi Instances in Multiple AZ
    • Multi Instances in Multiple AZ using existing subnets

• ASA on GCP:

  • Terraform templates:
    • Single ASA instance in single location
    • Multiple ASA Instances in Single or Multiple AZ
  • Deployment Manager templates:
    • ASA Deployments

• ASA on OCI:

  • Terraform templates:
    • Single ASA Instance
    • Multiple ASA Instances
  • Oracle Resource Manager:
    • ASA Deployment

• FTD on AWS:

  • CloudFormation templates:
    • Multiple FTD instances in multiple AZ
    • Multiple FTD instances in a single AZ
    • Single Instance of FTD with FMC
    • FTDv Autoscale
  • Terraform templates:
    • Deployment of Active/Active FTDv(stateless) with NLB in Two different AZ with FMCv
    • Active/Active FTDv(stateless) with NLB and FMCv in a Single AZ
    • FTDv and FMCv in single instances in a AZ
    • FTDv single instance in an Availability Zone (AZ)
    • Gateway Loadbalancer Setup
      • Centralized Architecture
    • AWS Lab to deploy FTDv and FMC using IaC
      • Lab to programmatically deploy FTDv and FMC using Infrastructure as Code (Terraform)

• FTD on Azure:

  • ARM templates:
    • Multiple FTD instances in AZ
    • Single FTD instance
    • FTDv Autoscale
  • Terraform templates:
    • Single FTDv Instance
    • Single FTDv Instance in Existing Resouce Group
    • Multiple FTDv Instances in Multiple Availablility Zones
    • Multiple FTDv Instances in Multiple Availability Zones using Existing Subnets

• FTD on GCP:

  • Terraform templates:
    • Single FTD Instance
  • Deployment Manager Templates:
    • Single FTDv instance

• FTD on OCI:

  • Terraform templates:
    • Single FTD Instance
  • Oracle Resource Manager:
    • FTD Deployment

• FTD Ansible Modules

  • FTD Ansible Github
  • FTD Ansible Documentation

• FTD on Vmware:

  • Terraform Templates:
    • Single Instance FTD

• FMC Terraform Provider:

  • FMC Terraform Provider Github
  • FMC Terraform Registry

• FMC Ansible Collection:

  • An Ansible collection for managing FMC

• FMC on Azure:

  • Terraform templates:
    • Standalone FMC
  • ARM Templates:
    • Standalone FMC

• FMC on AWS:

  • Terraform templates:
    • Standalone FMC

• FMC on Vmware:

  • Terraform templates:
    • Standalone FMC

• FMC on GCP:

  • Terraform templates:
    • FMC Deployment in New or Existing newtwork
  • Resource Manager Templates:
    • FMC Deployment in New or Existing newtwork

• FMC on OCI:

  • Terraform templates:
    • FMC Deployment in New or Existing newtwork
  • Deployment Manager templates:
    • FMC Deployment in New or Existing newtwork

• Cisco Defense Orchestrator (CDO):

  • Secure Event Connector Terraform module

• Cloud Native:

  • SFCN GitHub Repository

• CSDAC - Cisco Secure Dynamic Attributes Connector:

  • CSDAC Ansible

• Automation Scripts:

  • Retrieve Access Rules hit counts and rule usage
  • Decomission access rules

Disclaimer

These repositories should be used only as a proof of concept. It is your duty and responsability to secure the provisioned device's by following cloud provider and product based security best practices guidelines.