News & Events

What’s new in Cisco Firepower 6.6?

  • 14 April, 2020

Article, Cisco, Security

The new features of Cisco Firepower 6.6

Cisco Firepower 6.6 was recently released. The update contained several new architectural and UI features. In this article, we will take a look at 4 key new features and how they could affect you and improve your experience using Firepower 6.6.

Virtual Appliance Changes

The most significant thing to note when planning an upgrade of a virtual Firepower Management Center appliance to 6.6 is the increased resource requirements of the virtual machine. A virtual FMC now requires a minimum of 28GB RAM, with 32GB recommended. Similarly, existing AWS or Azure deployments on smaller instances must be upgraded before you can proceed with deployment.

Care should be taken to review the relevant release notes, which you can find here, as part of any upgrade plan.

VRF-Lite Support

Whilst Firepower has supported Multi-Instance deployments as an evolution of the legacy ASA multi-context functionality for 4100 and upward appliances since version 6.3, lower-end appliances have to date had no equivalent functionality. In version 6.6 Cisco have introduced support for multiple routing tables on the same FTD device to bring an additional layer of logical separation to almost the entire product range.

VRF lite support cisco firepower 6.6

Selective Configuration Change Deployment

In prior versions, deploying configuration changes from the FMC down to firewall appliances has been an all-or-nothing deal, which can cause operational issues when urgent small or targeted changes are required. Version 6.6 gives you the ability to selectively deploy changes as well as see an estimate of how long the selected changes will take to deploy to the targeted device.

selective deployment cisco firepower 6.6

User Interface Improvements

Cisco have completed migration from the classic Sourcefire user interface to the new “Light” theme previewed in version 6.5. The Light theme is a cleaner, more modern UX more in line with that provided by other Cisco products.

Additionally significant time-saving enhancements have been made to the UI, including:

– Simultaneous editing of some functions within multiple access control rules

– Multiple parameter searches in access control rules

– The ability to see usage of an object referenced in an access control or prefilter rule

cisco firepower 6.6 light theme
An example of the new light theme in Cisco Firepower 6.6.

Final note...

As always there are many further features introduced, such as time-based access control policies and VPN multiple peer support. For the full Cisco Firepower 6.6 release notes, please click here.

For clarification on any of the points mentioned in this article or to have a broader conversation with us about firepower, please  click here or see the button below.

Talk to us about Firepower

Arrange a Cisco Firepower discussion with us. We will get back to you within one working day.

Tweet
Share
Share