Cisco Firepower 6.4 was recently released and there were interesting and helpful features that came with it. In this article, we will take a look at six key new features and how they could affect you.

The first change to note is the improvements to policy deployment performance in Firepower 6.4. The changes they’ve made to appliance communications and deploy framework means policy deployment is now up to 20% faster.

With Firepower 6.4, you can now deploy the platform as a virtual machine on the Microsoft Azure public cloud.  

You can deploy Firepower on Azure by using a solution template that’s available on the Azure Marketplace. The FMCv on Microsoft Azure must be deployed in a virtual network through the Resource Manager deployment mode. The solution template takes you through a variety of configuration parameters which provide the setup of your FMCv. It’s worth noting that the FMCv in the Azure Marketplace supports the Bring Your Own License model, also known as BYOL. 

The next useful addition to Firepower 6.4 is the new ability to access rule hit counts for access control on your FTD devices. This information is displayed in the Firepower Management Centre. This greatly improves visibility of the most heavily used and unused rules.

Another new integration that comes with Firepower 6.4 is support for Duo, one of Cisco’s newest and most exciting acquisitions.  

Duo is a security offering that is suitable for any sized business that needs to protect sensitive data at scale. Duo’s trusted access solution can verify a user’s identity when they are signing into sensitive platforms through multi-factor authentication. 

Firepower 6.4 introduces Duo support to the platform which offers a second authentication factor for remote access VPN. 

Secondary authentication, AKA double authentication, adds an important additional security layer to RA VPN connections by using two different authentication servers. When you activate double authentication AnyConnect VPN users are required to present two sets of credentials to gain access to the VPN gateway.  

The last change we’ll cover in this article is the addition of search intrusion events by CVE ID. After deploying Firepower 6.4 you’ll be given the ability to identify any intrusion events relating to a particular vulnerability using its CVE ID. This is a handy tool that will save a lot of time.

For the full Cisco Firepower 6.4 release notes, please click here.