After some impartial advice and experience really.
We had a very rushed network installation done a few years back, requirements etc weren't gathered properly and we ended up with a pair of ASAs in FMC mode supporting 50 internal staff and around 200 virtual machines. We had to build a dodgy hacked together box to run FMC on the day of installation which has since never been used!
We generally don't have a huge amount of experience internally around the ASAs but are happy to use ADSM etc. Have no knowledge of firepower at all. It's the VMware requirement that's a pain and current lack of ability to run through ASA and Firepower upgrades - which I'm led to believe is complicated etc. but i'm yet to review in full.
We've got to swap the ASAs out for RMA'd units due to the clock cycle hardware issue that was flagged. That means getting the provider in to migrate everything to new units and roll them out.
Question is should we get them to drop us into FDM mode for ease of admin and to get rid of the FMC workstation? Or should we be spending time, especially given our intent to become 27001 compliant, getting familiar with firepower? We're currently retaining firewall logs and doing basic analysis and dash boarding via graylog - it's whether that's enough to satisfy auditors or whether I'm really missing a trick not getting into firepower.
Thanks
We had a very rushed network installation done a few years back, requirements etc weren't gathered properly and we ended up with a pair of ASAs in FMC mode supporting 50 internal staff and around 200 virtual machines. We had to build a dodgy hacked together box to run FMC on the day of installation which has since never been used!
We generally don't have a huge amount of experience internally around the ASAs but are happy to use ADSM etc. Have no knowledge of firepower at all. It's the VMware requirement that's a pain and current lack of ability to run through ASA and Firepower upgrades - which I'm led to believe is complicated etc. but i'm yet to review in full.
We've got to swap the ASAs out for RMA'd units due to the clock cycle hardware issue that was flagged. That means getting the provider in to migrate everything to new units and roll them out.
Question is should we get them to drop us into FDM mode for ease of admin and to get rid of the FMC workstation? Or should we be spending time, especially given our intent to become 27001 compliant, getting familiar with firepower? We're currently retaining firewall logs and doing basic analysis and dash boarding via graylog - it's whether that's enough to satisfy auditors or whether I'm really missing a trick not getting into firepower.
Thanks