test results for cisco firepower 6.1.0 for japan · dns domainnamesystem dos denialofservice. eobc...
Post on 16-Feb-2021
1 Views
Preview:
TRANSCRIPT
-
Test Results for Cisco Firepower 6.1.0 for JapanFirst Published: August 29, 2016
Last Modified: September 09, 2016
Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAhttp://www.cisco.comTel: 408 526-4000 800 553-NETS (6387)Fax: 408 527-0883
Text Part Number:
-
© 2015 Cisco Systems, Inc. All rights reserved.
-
C O N T E N T S
C H A P T E R 1 Overview 1
Cisco Security Solution Test 1
C H A P T E R 2 Test Topology and Environment Matrix 7
Test Topology 8
Environment Matrix 9
What's Prioritized? 10
Open Caveats 11
C H A P T E R 3 Test Results Summary 13
Test Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower
Threat Defense 6.1.0 for Japan 13
Related Documentation 94
Test Results for Cisco Firepower 6.1.0 for Japan iii
-
Test Results for Cisco Firepower 6.1.0 for Japaniv
Contents
-
C H A P T E R 1Overview
• Cisco Security Solution Test, page 1
Cisco Security Solution TestCisco Security Solution Test, an integral part of the Secure Data Center and Virtualization solution, enablessecurity solutions, products, and services to work together to deliver enhanced Protection, Policy control,Context-aware Security, Intrusion detection and prevention, discovery, and advanced malware protection forcustomers. This is achieved by testing the latest versions of Cisco Security products.
Cisco Security Solution Test for Japan, in turn is an add-on testing at the solution level, where the requirementsgathered are specific to Japan usage and market. The requirements are derived based on the following:
• Features in Cisco Firepower Management Center and Cisco Firepower Threat Defense Virtual
• Inputs from Solution SEs and PM team
• High priority cases that are covered by the Cisco Security Solution Test team
• Inputs from various business units, fields, and Cisco services
The test execution is carried out on selected Security products, which are prioritized by the Cisco Japanstakeholders for the Japan theater
The current release focuses on testing the selected Security products.Note
The following product is covered in the test execution:
• Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense
• Cisco Firepower Management Center
• Cisco Firepower Threat Defense Virtual
• Cisco Advanced Malware Protection
• Cisco Firepower User Agent for Active Directory
• Identity Service Engine
Test Results for Cisco Firepower 6.1.0 for Japan 1
-
Acronyms
DescriptionAcronym
Authentication Authorization and Accounting.AAA
Access Control Entry.ACE
Access Control List.ACL
Authentication Header.AH
Address Resolution ProtocolARP
Adaptive Security Algorithm.ASA
ASA Services ModuleASASM
Autonomous System Boundary Router.ASBR
Cisco Adaptive Security Device ManagerASDM
Bit Error Rate.BER
Berkeley Internet Name Domain.BIND
Bootstrap ProtocolBOOTP
Bridge Protocol Data Unit.BPDU
Berkeley Standard Distribution.BSD
command-line interface.CLI
Context Directory AgentCDA
Connection slot in the ASASMconn
Data Encryption Standard.DES
Dynamic Host Configuration Protocol.DHCP
De Militarized ZoneDMZ
Dynamic Network Address Translation.DNAT
Domain Name SystemDNS
Denial of Service.DoS
Ethernet Out-of-Band Channel.EOBC
Encapsulating Security Payload.ESP
privileged command modeEXEC
Firewall Management Center.Firewall MC
File Transfer Protocol.FTP
Firepower Threat DefenceFTD
Gigabits per second.Gbps
Test Results for Cisco Firepower 6.1.0 for Japan2
OverviewCisco Security Solution Test
-
DescriptionAcronym
Generic Routing EncapsulationGRE
High AvailabilityHA
Hypertext Transfer ProtocolHTTP
HTTP over SSL.HTTPS
Internet Assigned Number AuthorityIANA
Internet Control Message ProtocolICMP
Internet Engineering Task Force.IETF
Internet Group Management Protocol.IGMP
Interior Gateway Routing Protocol.IGRP
Internet Key Exchange.IKE
Internet Locator Service.ILS
Internetwork Operating System.IOS
Internet Protocol.IP
IP-in-IP encapsulation protocol.IPinIP
IP Security ProtocolIPSec
Intrusion prevention systemsIPS
Internetwork Packet Exchange.IPX
Internet Relay Chat protocolIRC
Internet Security Association and Key Management Protocol.ISAKMP
IP Solution Center.ISC
Initial Sequence Number.ISN
Internet service provider.ISP
International Telecommunication Union.ITU
Lightweight Directory Access Protocol.LDAP
linefeed.LF
link-state advertisement.LSA
Media Access Control.MAC
Message Digest 5MD5
Media Gateway Control Protocol.MGCP
Management Information BaseMIB
Multiprotocol Label Switching.MPLS
Test Results for Cisco Firepower 6.1.0 for Japan 3
OverviewCisco Security Solution Test
-
DescriptionAcronym
Million packets per second.Mpps
Multilayer Switch Feature Card.MSFC
Maximum Transmission UnitMTU
Network Address Translation.NAT
Network Basic Input Output SystemNetBIOS
Network File System.NFS
Network Information Center.NIC
Network Information Service.NIS
Next Generation Intrusion prevention systemsNGIPS
Next Generation FirewallNGFW
Network Management Station.NMS
Network News Transfer ProtocolNNTP
Network Operating System.NOS
Not So Stubby Area.NSSA
Network Time ProtocolNTP
Open Shortest Path First.OSPF
Port Address Translation.PAT
Protocol Data Unit.PDU
Protocol Independent Multicast.PIM
Private Internet Exchange.PIX
Post Office Protocol.POP
Point-to-Point Protocol.PPP
Point-to-Point Protocol over Ethernet.PPPoE
Point-to-Point Tunneling Protocol.PPTP
Prime Security ManagerPRSM
Remote Authentication Dial-In User ServiceRADIUS
Registration Admission and Status protocolRAS
Real Data TransportRDT
Request For CommentRFC
Routing Information Protocol.RIP
Remote Procedure Call.RPC
Test Results for Cisco Firepower 6.1.0 for Japan4
OverviewCisco Security Solution Test
-
DescriptionAcronym
Rivest Shamir and Adelman algorithm.RSA
Remote ShellRSH
RTP Control Protocol.RTCP
Real Time Transport Protocol.RTP
Security Association.SA
Skinny Client Control ProtocolSCCP
Session Description Protocol.SDP
SourcefireSFR
Simple Mail Transfer ProtocolSMTP
Simple Network Management ProtocolSNMP
Shared Profile Component.SPC
Shortest Path First.SPF
Security Parameter IndexSPI
Secure Shell.SSH
Standard Error File Descriptor.STDERR
Switched Virtual Interface.SVI
SourceFire User AgentSFUA
Software-ModuleSW-Module
Transmission Control Protocol.TCP
Trivial File Transfer Protocol.TFTP
Triple Data Encryption Standard.Triple DES
User authentication.uauth
User Datagram Protocol.UDP
Universal Resource Locator.URL
Virtual LAN.VLAN
Virtual Private Network.VPN
Wide Area Network.WAN
Windows Internet Naming Service.WINS
World Wide Web.WWW
X Display Manager Control Protocol.XDMCP
Translation session.xlate
Test Results for Cisco Firepower 6.1.0 for Japan 5
OverviewCisco Security Solution Test
-
Test Results for Cisco Firepower 6.1.0 for Japan6
OverviewCisco Security Solution Test
-
C H A P T E R 2Test Topology and Environment Matrix
• Test Topology, page 8
• Environment Matrix, page 9
• What's Prioritized?, page 10
• Open Caveats, page 11
Test Results for Cisco Firepower 6.1.0 for Japan 7
-
Test Topology
Test Results for Cisco Firepower 6.1.0 for Japan8
Test Topology and Environment MatrixTest Topology
-
Environment MatrixSoftware VersionModelDevice NameCategory
n7000-s1-dk9.6.0.2.binNexus7000C7010(N7k-04)
CORE-1IP Infrastructure
n7000-s1-dk9.6.0.2.binNexus7000C7010(N7k-04)
CORE-2
n7000-s1-dk9.6.0.2.binNexus7000C7010(N7k-04)
AGGR-1
n7000-s1-dk9.6.0.2.binNexus7000C7010(N7k-04)
AGGR-2
c3900e-universalk9-mz.SPA.151-1.T1.binCISCO 3900WAN EDGEROUTER
ucs-6100-k9-system.4.2.1.N1.1.4m.binUCS 6140XPFABRICINTERCONNECT
Storage
ucs manager 2.0(3a)Cisco UCS5108
UCS BLADESERVERCHASSIS
ucs-2100.2.0.3a.binUCS 2104XPIO Module
S5500.1.2.1.0.030920101143UCSB200M2UCS BLADE
m9500-sf2ek9-kickstart-mz.5.2.2a.binMDS 9509MDS Switch
USP VM: 60-08-11-00/00HitachiSANSTORAGE
VMware ESXi 5.5.0UCSB200M2UCS BLADEVMware
fxos-k9- 9.2.0.1.37.spaCisco FirePower 9300 withFXOS 2.0.1
Cisco Firepower9300 SecurityAppliance cisco-ftd.6.1.0.330.SPA.csp
Cisco_Firepower_User_Agent_2.3.zipCisco Firepower User Agent forActive Directory
Cisco FirepowerUser Agent forActive Directory
Cisco_Firepower_Management_Center_Virtual_VMware-6.1.0-330.tar.gz
Cisco Firepower ManagementCenter Virtual Appliance
Cisco FirepowerManagementCenter VirtualAppliance
Test Results for Cisco Firepower 6.1.0 for Japan 9
Test Topology and Environment MatrixEnvironment Matrix
-
Software VersionModelDevice NameCategory
Cisco_FIrepower_Threat_Defense_Virtual-6.1.0.-330.tar.gzCisco Firepower Threat DefenseVirtual for VMware
Cisco FirepowerThreat DefenseVirtual forVMware
cisco-ftd.6.1.0.330.SPA.cspCisco Firepower Threat DefenseCisco FirepowerThreat Defense
FireAMP v5.3.2015121523Cisco Advance MalwareProtection
Cisco AdvanceMalwareProtection
1.3Identity Service EngineIdentity ServiceEngine
Microsoft Windows Server 2008 R2MicrosoftWindows
MicrosoftWindows
Microsoft Windows 7 JP 32 and 64 bitMicrosoftWindows
Microsoft
Ubuntu 13.10UbuntuLinuxLinux
Mac OS 10.10.6Apple MacBook Pro (JPLocale)
MacBookApple
iOS 8.4.1iOSiPhone 6
8.0.2 (12A405)iPadiPad
Android 5.0.1Samsung S4SamsungAndroid Clients
Chrome: 51.0.2743.116Windows 7Web BrowsersBrowsers
Firefox : 48.0 .2
IE: 11.0.9600.18426CO
What's Prioritized?The following features are tested on priority in this release:
• FMC Features
• User-requested Geolocation lookup for IPs
• User-requested whois lookup
• AMP Private Cloud
• ISE Remediation
• ISE Error Improvement
Test Results for Cisco Firepower 6.1.0 for Japan10
Test Topology and Environment MatrixWhat's Prioritized?
-
• Integrated Risk reports
• User Authentication
• Kerberos User Authentication
• FIREPOWER Features
• SSL Client Hello
• Safe Search Enforcement
• YouTube EDU Enforcement
• True-IP Policy
• Active authentication Enhancements
• FTD Features
• Inline Security Group Tags(SGT)
• Interface objects
• Shared NAT
• Rate Limiting
• Prefilter Policies
• Site-to-site VPN Support
• Routing Enhancements
Open CaveatsTitleDefect ID
Reference drop down not working in the Rule content Intrusion PolicyCSCva83245
Korean and Japanese characters are Junked in SSL policyCSCva89394
Filtering tab is missing on IPv4(BGP) - Japanese/KoreanCSCva89451
Next Hop information is missing on IPv4(BGP) - Japanese/KoreanCSCva89472
DDNS method creation accepts space alone as nameCSCva89514
Customer product mapping list accepts same values multiple timesCSCva89548
Incident summary in double byte characters are junked after saveCSCva97326
Custom Workflow name and description in Double byte characters are junkedCSCva97337
Custom Table name in Double byte characters are junked in the pageCSCva97346
Job name in Double byte characters are junked in task scheduling pageCSCva97356
NAT Policy Description in Double byte characters are junkedCSCva97366
Japanese/Korean name of Health policy appears as Junk in Import/ExportCSCva99641
Test Results for Cisco Firepower 6.1.0 for Japan 11
Test Topology and Environment MatrixOpen Caveats
-
Incorrect tab names under the Match Clauses-Japanese/KoreanCSCvb11305
Incorrect tab names under the set Clauses of Route Map-Japanese/KoreanCSCvb11345
Not able to add Existing or new Port Objects in ICMP ServiceCSCvb11240
Rule name in double byte characters are junked in NAT policy firepowerCSCvb11233
Test Results for Cisco Firepower 6.1.0 for Japan12
Test Topology and Environment MatrixOpen Caveats
-
C H A P T E R 3Test Results Summary
• Test Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower ThreatDefense 6.1.0 for Japan, page 13
• Related Documentation, page 94
Test Results Summary for Cisco Firepower FP9300 SecurityAppliance with Cisco Firepower Threat Defense 6.1.0 for Japan
DefectStatusDescriptionTitleFeaturesCovered
Logical ID
PassedSW-Module IPSInstallation &Configurationfunctionalityverification
Verifyfunctionality forSW-Module IPSInstallation &Configuration
Firepower&DCConfiguration&Validation
FP-6.1-JP-01
PassedCheck thefunctionality fortrafficredirectionservice policy
Verifyfunctionality fortrafficredirectionservice policyenabled globally
Firepower&DCConfiguration&Validation
FP-6.1-JP-02
PassedCheck thefunctionality fortrafficredirectionservice policyenabled forinput interface
Verifyfunctionality fortrafficredirectionservice policyenabled forinput interface
Firepower&DCConfiguration&Validation
FP-6.1-JP-03
Test Results for Cisco Firepower 6.1.0 for Japan 13
-
PassedFunctionality fortrafficredirection forClass Default
Verify thefunctionality fortrafficredirection forClass Default
Firepower&DCConfiguration&Validation
FP-6.1-JP-04
PassedFunctionality forBasic IPSnetwork setup
Verify thefunctionality forBasic IPSnetwork setup
Firepower&DCConfiguration&Validation
FP-6.1-JP-05
PassedConfiguration&replication ofshow managersshpuld beverified
Verify theConfiguration&replication ofshow managers
Firepower&DCConfiguration&Validation
FP-6.1-JP-06
PassedCheckFunctionality offail-open mode
Verify thefunctionality ofFail-open mode
Firepower&DCConfiguration&Validation
FP-6.1-JP-07
PassedCheckfunctionality offail-close mode
Verify thefunctionality ofFail-Closemode
Firepower&DCConfiguration&Validation
FP-6.1-JP-08
PassedVerifyMigrating fromOn Box to OffBox Manager
Migrating fromOn Box to OffBox Manager
Firepower&DCConfiguration&Validation
FP-6.1-JP-09
PassedTraffic handlingin Layer 2 layershould beverified
Verifying theTraffic handlingin Layer 2 layer
Firepower&DCConfiguration&Validation
FP-6.1-JP-10
PassedCheck Traffichandling inLayer 3 layer
Verifying theTraffic handlingin Layer 3 layer
Firepower&DCConfiguration&Validation
FP-6.1-JP-11
PassedCheck Traffichandling inLayer 4 layer
Verifying theTraffic handlingin Layer 4 layer
Firepower&DCConfiguration&Validation
FP-6.1-JP-12
PassedTraffic handlingfor HTTPTraffic shouldbe verified
Verifying theTraffic handlingfor HTTPTraffic
Firepower&DCConfiguration&Validation
FP-6.1-JP-13
PassedHTTPS Traffichandling shouldbe verified
Verifying theTraffic handlingfor HTTPSTraffic
Firepower&DCConfiguration&Validation
FP-6.1-JP-14
Test Results for Cisco Firepower 6.1.0 for Japan14
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedInstall theLicense on theFiresight fordifferentfeatures
Verifying theLicenseInstallation onthe Firesight
Firepower&DCConfiguration&Validation
FP-6.1-JP-15
PassedVerifying theRegistration ofASA IPS inDefense Centerand DefenseCenter offline
Registration ofASA IPS inDefense Centerand DefenseCenter Offline
Firepower&DCConfiguration&Validation
FP-6.1-JP-16
PassedCheck startupwizard includesSFR setupoption onASDM
Verify that thestartup wizardincludes SFRsetup option onASDM
Firepower&DCConfiguration&Validation
FP-6.1-JP-17
PassedConfigureTrafficRedirectionsettings for SFRfrom ASDMAdd ServicePolicy Option
Verify thatTrafficRedirectionsettings can beconfigured forSFR fromASDM AddService PolicyOption
Firepower&DCConfiguration&Validation
FP-6.1-JP-18
PassedCheck DCaccess policieswith ASAinterface used insecurityzones(SingleRouted Mode)
Verify DCaccess policieswith ASAinterface used insecurityzones(SingleRouted Mode)
Firepower&DCConfiguration&Validation
FP-6.1-JP-19
Test Results for Cisco Firepower 6.1.0 for Japan 15
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedRegister theSensor to theFireSIGHTManagementCenter andapply the featurelicenses on theDC. Licensescan be added toDC before anydevices areadded to DC oreven after thedevice(s) areadded. Onceregistered to theDC with featurelicenses, thesensors shouldfunction evenafter they areun-registeredfrom the DC.
Verify sfr-dcregister &unregister
Firepower&DCConfiguration&Validation
FP-6.1-JP-20
PassedTo verify thedashboard panelfor SFRinstalled onASA fromASDM
Verifydashboard panelfor SFR fromASDM
Firepower&DCConfiguration&Validation
FP-6.1-JP-21
PassedTo verify thatTrafficRedirectionsettings can beconfigured forSFR fromASDM
ConfigureTrafficRedirectionsettings fromASDM for SFR
Firepower&DCConfiguration&Validation
FP-6.1-JP-22
PassedFunctionality ofNetworkDiscovery andConfiguringPolicies shouldbe verified
Verifying theNetworkDiscovery andConfiguringPolicies
Firepower&DCConfiguration&Validation
FP-6.1-JP-23
PassedVerifyingDeploying theNGIPS onVMWare on theEsxi
Deploying theNGIPS onVMWare on theEsxi
Firepower&DCConfiguration&Validation
FP-6.1-JP-24
Test Results for Cisco Firepower 6.1.0 for Japan16
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCheckfunctionalityof TrafficProfiles on theFiresight
Verifying theTraffic Profileson the Firesight
Firepower&DCConfiguration&Validation
FP-6.1-JP-25
PassedCheck trafficblocked whenthe IPSConfigured asInline Mode
Verifying theTraffic has beenblocked whenthe IPSConfigured asInline Mode
Basic networkcontrol
FP-6.1-JP-26
PassedVerify Sensoraction blockwith regularIP/protocolpolicy (SSHblock, FTPblock)
Sensor actionblock withregularIP/protocolpolicy (SSHblock, FTPblock)
Basic networkcontrol
FP-6.1-JP-27
PassedVerify Sensoraction blockwith URL(blockfacebook.com&Other Websites
Sensor actionblock with URLblockfacebook.com&Other Websites
URL FilteringFP-6.1-JP-28
PassedVerify Sensoraction blockwith URL /webcat policy (blockfacebook.com,block categorygambling)
Sensor actionblock with webcat policy (blockfacebook.com,block categorygambling)
URL FilteringFP-6.1-JP-29
PassedVerifying theFiresightManagementCenterConfiguration&Device adding
Verifying theFiresightManagementCenterConfiguration&Device adding&URLFilteringbased on theCloud Serives
URL FilteringFP-6.1-JP-30
PassedCheckFileFiltering Policy& Detection inLive Traffic
Verifying theURL FilteringPolicy &Detection inLive Traffic
URL FilteringFP-6.1-JP-31
Test Results for Cisco Firepower 6.1.0 for Japan 17
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedConfigure ACLpolicy and usegeolocationobject
Verifying theAccess ControlPolicy usingGeolocation
Access PoliciesFP-6.1-JP-32
PassedConfigure GeoLocationObjects andcheck
Verifying theCreation of GeoLocationObjects
Access PoliciesFP-6.1-JP-33
PassedCheckfunctionality ofAccess ControlPolicy usingMixedNetworksand Geolocation
Verifying theAccess ControlPolicy usingMixedNetworksand Geolocation
Access PoliciesFP-6.1-JP-34
PassedSensors havingfile policyinspection on anaccess policy,and a defaultaction which isan IPS policy,causing theinlinenormalizationton the sensor totake effectpotentiallycausingconnectiondrops
Sensors havingfile policyinspection on anaccess policy
Access PoliciesFP-6.1-JP-35
PassedApplicationBlocking andMonitoringShould beverified
Verifying theApplicationBlocking andMonitoringShare
Application,Visibility &Control
FP-6.1-JP-36
PassedQdownApplicationallowing &Monitoring
VerifyingQdownApplication
Application,Visibility &Control
FP-6.1-JP-37
PassedVerifying theApplicationallowing andMonitoring
VerifyingTotodiskApplication
Application,Visibility &Control
FP-6.1-JP-38
Test Results for Cisco Firepower 6.1.0 for Japan18
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedQdownApplicationBlocking andMonitoring
Verifying theQdownApplicationBlocking andMonitoring
Application,Visibility &Control
FP-6.1-JP-39
PassedTotodiskApplicationBlocking andMonitoring
Verifying theTotodiskApplicationBlocking andMonitoring
Application,Visibility &Control
FP-6.1-JP-40
PassedRSupportRemotecall/viewApplicationBlocking andMonitoring
Verifying theRSupportRemotecall/view & WeChatApplicationBlocking andMonitoring
Application,Visibility &Control
FP-6.1-JP-41
PassedNdriveApplicationBlocking andMonitoring
Verifying theNdriveApplicationBlocking andMonitoring
Application,Visibility &Control
FP-6.1-JP-42
PassedCheckMicrosoftLDAP users areAllowed andBlocked usingAccess Policies
Verifying theMicrosoftLDAP users areAllowed andBlocked usingAccess Policies
Application,Visibility &Control
FP-6.1-JP-43
PassedTo Verify thePolicies -Access Control(with SecurityIntelligence)
ConfiguringPolicies -Access Control(with SecurityIntelligence)
SecurityIntelligencefiltering
FP-6.1-JP-44
PassedCheckfunctionality ofSecurityIntelligence byObjectManagement(Blacklist)
Verifying theSecurityIntelligence byObjectManagement(Blacklist)
SecurityIntelligencefiltering
FP-6.1-JP-45
PassedCheckfunctionality ofSecurityIntelligence byObjectManagement(Whitelist)
Verifying theSecurityIntelligence byObjectManagement(Whitelist)
SecurityIntelligencefiltering
FP-6.1-JP-46
Test Results for Cisco Firepower 6.1.0 for Japan 19
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedConfigure andverify SI EventViews
Verifying the SIEvent Views
SecurityIntelligencefiltering
FP-6.1-JP-47
PassedConfigure andcheck the SIEventManagement
Verifying the SIEventManagement
SecurityIntelligencefiltering
FP-6.1-JP-48
PassedFile FilteringPolicy &Detection inLive Traffic
Verifying theFile FilteringPolicy &Detection inLive Traffic
File TypeFiltering
FP-6.1-JP-49
PassedVerify Fileblock - Block allpossibleHTTP/FTP filetypes withaction blockreset
File block -Block allpossibleHTTP/FTP filetypes withaction blockreset
File TypeFiltering
FP-6.1-JP-50
PassedConfigure andcheck File TypeDetection &Capture
Verifying theFile TypeDetection &Capture
File TypeFiltering
FP-6.1-JP-51
PassedCheck File TypeBlocking &Capture
Verifying theFile TypeBlocking &Capture
File TypeFiltering
FP-6.1-JP-52
PassedAdding theNGIPSv Deviceinto theFiresightManagementCenter should beverified
Adding theNGIPSv Deviceinto theFiresightManagementCenter
IPSFP-6.1-JP-53
PassedVerify the FireSight NGIPSdash board forAnalysis &Reportingwidgets,Miscellaneouswidgets,Operationswidgets.
Verifying theNGIPS DashBoard
IPSFP-6.1-JP-54
Test Results for Cisco Firepower 6.1.0 for Japan20
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedConfigure andverify Creationof DefaultIntrusion Policy
Verifying theCreation ofDefaultIntrusion Policy
IPSFP-6.1-JP-55
PassedCheckDeployment ofIntrusion Policy
Deploying theIntrusion Policy
IPSFP-6.1-JP-56
PassedCheckInvestigating onthe IntrusionEvents
Investigating theIntrusion Events
IPSFP-6.1-JP-57
PassedConfigureUser-CreatedPort Variable inan IntrusionRule
Verifying theUser-CreatedPort Variable inan IntrusionRule
IPSFP-6.1-JP-58
PassedVerify SuppressIntrusion Rulesusing a Variable
SuppressIntrusion Rulesusing a Variable
IPSFP-6.1-JP-59
PassedVerifySensorIPS policies,with somepermit/denyaccess policieson the sensor inASA
Sensors havingConnectivityover securityIPS policy withsomepermit/denyaccesspolicies
IPSFP-6.1-JP-60
PassedCheck thefunctionality ofSensors havingBalancedconnectivity andsecurity IPSpolicy withsome permit/deny accesspolicies
Sensors havingBalancedconnectivity andsecurity IPSpolicy withsome permit/deny accesspolicies
IPSFP-6.1-JP-61
PassedNmapremediationmodule creationand create nmapinstance inFiresight.
Verify Nmapscan remediationmodule creation
IPSFP-6.1-JP-62
Test Results for Cisco Firepower 6.1.0 for Japan 21
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedRegionalSpecific Inputsin Nmapremediationmodule creationand create nmapinstance inFireSIGHTName,Descriptionfields
Verify RegionalSpecific inputsin Nmap scanremediationmodule creation
IPSFP-6.1-JP-63
PassedConfigurepolicies andcheck the Scanresults in viewpage.
Verify viewscan results inNmap scanremediationmodule
IPSFP-6.1-JP-64
PassedDownloadingScan results inXML formatand view in thelocal machine.
VerifyDownloadingscan results inNmap scanremediationmodule
IPSFP-6.1-JP-65
PassedDownloadingScan results inXML formatand view in thelocal machine inBrowser.
VerifyDownloadingscan results inNmap scanremediationmodule inBrowser
IPSFP-6.1-JP-66
PassedVerify byadding virtualNGIPS intoDefense centerand try to editthe interfaces topassive mode.
Verify addingNGIPS interfacein passive mode
IPSFP-6.1-JP-67
PassedVerify byadding virtualNGIPS intoDefense centerand try to editthe interfaces toinline mode.
Verify addingNGIPS interfaceinline mode
IPSFP-6.1-JP-68
Test Results for Cisco Firepower 6.1.0 for Japan22
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedVerify byadding virtualNGIPS intoDefense centerand try to createinline set andadd availableinterfaces tocreated set.
Verify addingNGIPS interfaceinline set
IPSFP-6.1-JP-69
PassedVerify byadding virtualNGIPS intoDefense centerand try to createinline set andselect failsafebypass mode.
Verify addingNGIPS interfaceinline setFailsafe bypassmode.
IPSFP-6.1-JP-70
PassedVerify byadding virtualNGIPS intoDefense centerand try to createinline set andselect failsafeNon-bypassmode.
Verify addingNGIPS interfaceinline setFailsafeNon-bypassmode.
IPSFP-6.1-JP-71
PassedVerify creationof intrusionpolicy over basepolicy or createcustom policyand mangeRules associatedwith that policy.
Verify creationof Intrusionpolicy andManage BasePolicy, rules.
IPSFP-6.1-JP-72
PassedVerify creationof custom rule,rule importing,Editing theexisting rule.
Verify each andevery option inRule Editor inIntrusion.
IPSFP-6.1-JP-73
PassedConfigurecustom rule inrule editor.
Verify creationof new rule inrule editor.
IPSFP-6.1-JP-74
PassedCheck theassociation ofnew rule withthe intrusionpolicy.
Verifyassociation ofnew rule withthe intrusionpolicy
IPSFP-6.1-JP-75
Test Results for Cisco Firepower 6.1.0 for Japan 23
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedCheck theassociation ofFireSIGHTrecommendationsrules with theintrusion policy.
Verifyassociation ofFireSIGHTrecommendationsrules with theintrusion policy.
IPSFP-6.1-JP-76
PassedConfigureHealth andSystem Policy
Verifying theHealth andSystem Policy
Health andSystem Policy
FP-6.1-JP-77
Passedconfigurepre-processorthat applyglobally to allintrusionpolicies on adevice
Create anAccess ControlPolicy withAdvancedSettings.
SimplifiedNormalizationConfiguration
FP-6.1-JP-78
Passedconfigurepreprocessors tobe used inspecific trafficscenarios, notacrossallintrusionevents.
Apply a Policywith CustomNetworkAnalysis Rules
SimplifiedNormalizationConfiguration
FP-6.1-JP-79
PassedIntrusion Policyto a device
Apply anUpdatedIntrusion Policyto a Device.
SimplifiedNormalizationConfiguration
FP-6.1-JP-80
PassedCreate a localrule thatmatches asupported filetype for FilePolicies, e.g.,PDF files.
Match a SingleFile Type.
File Type ID forIPS Rules
FP-6.1-JP-81
PassedCreate a localrule to block asupported filetype for FilePolicies, e.g.,PDF files.
Block a SingleFile Type
File Type ID forIPS Rules
FP-6.1-JP-82
PassedCreate a localrule thatmatches PDFfiles of version1.4, 1.5 or 1.6.
Match SpecificVersions of PDFFiles.
File Type ID forIPS Rules
FP-6.1-JP-83
Test Results for Cisco Firepower 6.1.0 for Japan24
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedSelect multiplefile types. Forexample, createa local rule thatmatches severalfile types, forexample, PDFversion 1.6, ZIP,and SWF.
Match MultipleFile Types.
File Type ID forIPS Rules
FP-6.1-JP-84
PassedCreate a localrule thatmatches a FileGroup.
Match a FileGroup
File Type ID forIPS Rules
FP-6.1-JP-85
PassedFile Events aregenerated on thefiles identifiedin an archivefile.
Detect Files inArchive Files.
Network AMPArchive FileSupport
FP-6.1-JP-86
PassedAn archive fileis blocked whena file containedin it matches aBlock Files FilePolicy Rule.Here, in order toperform archiveinspection, donot add archivesupported filetypes in file rule.
Block Files inArchive Files
Network AMPArchive FileSupport
FP-6.1-JP-87
PassedArchives whichcontainmalwaregenerate twoMalware events:the malware fileidentified in thearchive and thearchive itself.
IdentifyArchivesContainingmalware.
Network AMPArchive FileSupport
FP-6.1-JP-88
PassedArchives whichcontainmalwareare blockedwhen the “BlockMalware” actionis configured.
Block ArchiveFiles containingMalware
Network AMPArchive FileSupport
FP-6.1-JP-89
Test Results for Cisco Firepower 6.1.0 for Japan 25
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedArchives whichcontainmalwareare blockedwhen the “BlockMalware” actionis configured.
Block ArchiveFiles ContainingMalware
Network AMPArchive FileSupport
FP-6.1-JP-90
PassedAn “evasivearchive” is anarchive speciallycreated to hideits contents,includingarchive filenesting (i.e., anarchive filecontainingarchive files)and built-inencryptionfeatures.
Block EvasiveArchive Files
Network AMPArchive FileSupport
FP-6.1-JP-91
PassedCreating Sourceand DestinationCountry inConnectionEvents andConnectionTracker
Source andDestinationCountry inConnectionEvents andConnectionTracker
GeolocationAnd SecurityIntelligenceCategory InCorrelationRules
FP-6.1-JP-92
PassedCreating aSecurityIntelligenceCategory inConnectionEvents
SecurityIntelligenceCategory inConnectionEvents
GeolocationAnd SecurityIntelligenceCategory InCorrelationRules
FP-6.1-JP-93
PassedCreatingDestinationCountry inIntrusion Events
DestinationCountry inIntrusion Events
GeolocationAnd SecurityIntelligenceCategory InCorrelationRules
FP-6.1-JP-94
PassedCreating aDestinationCountry inMalwareEvents.
DestinationCountry inMalwareEvents.
GeolocationAnd SecurityIntelligenceCategory InCorrelationRules
FP-6.1-JP-95
Test Results for Cisco Firepower 6.1.0 for Japan26
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCreating aSource Countryin TrafficProfiles
Source Countryin TrafficProfiles.
GeolocationAnd SecurityIntelligenceCategory InCorrelationRules
FP-6.1-JP-96
PassedCreatingSecurityIntelligenceCategory intraffic Profiles
SecurityIntelligenceCategory inTraffic Profiles.
GeolocationAnd SecurityIntelligenceCategory InCorrelationRules
FP-6.1-JP-97
PassedVerifyingSetting a HostIOC for aspecificFireAMP IOCtype
Setting a HostIOC for aspecificFireAMP IOCtype
Additional IOCsfor HostCorrelation(FireAMP only)
FP-6.1-JP-98
PassedCheck DisableSetting a HostIOC for aspecificFireAMP IOCtype
Disable Settinga Host IOC for aspecificFireAMP IOCtype
Additional IOCsfor HostCorrelation(FireAMP only)
FP-6.1-JP-99
PassedVerifying theCaptures of theSame EmailAttachmentmultiple Times
Capturing thesame emailattachmentmultiple times
Protocol-AwareStreamReassembly forSMTP, POP3 &IMAP
FP-6.1-JP-100
PassedVerifying theCapture avariety of filesizes and types
Capture avariety of filesizes and types
NSS Support forFlash/PDF
FP-6.1-JP-101
PassedCheck thefunctionality ofNetworkPayloadDetection
Verifying theNetworkPayloadDetection
NSS Support forFlash/PDF
FP-6.1-JP-102
PassedExtendedX-Forward forHTTP GetRequest
Verifying theExtendedX-Forward forHTTP GetRequest
NSS Support forFlash/PDF
FP-6.1-JP-103
Test Results for Cisco Firepower 6.1.0 for Japan 27
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedNetworkpayloaddetection basedon SWF andPDF
Verifying thenetwork payloaddetection basedon SWF andPDF
NSS Support forFlash/PDF
FP-6.1-JP-104
PassedConfigure Tableview of FileEvents
Verifying theTable view ofFile Events
UnicodeFilenameSupport
FP-6.1-JP-105
PassedCheck thefunctionality ofExternalization
Verifying theExternalization
UnicodeFilenameSupport
FP-6.1-JP-106
PassedCheck thefunctionality ofeStreamer
Verifying theeStreamer
UnicodeFilenameSupport
FP-6.1-JP-107
PassedCheck Upgradefrom PreviousRelease
Verifying theUpgrade fromPreviousRelease
MultipleManagementInterfaces
FP-6.1-JP-108
PassedConfiguration ofmore than oneManagementInterface
Verifying theConfiguration ofmore than oneManagementInterface
MultipleManagementInterfaces
FP-6.1-JP-109
PassedConfiguration ofStatic routes
Verifying theConfiguration ofStatic routes
MultipleManagementInterfaces
FP-6.1-JP-110
PassedCheck thefunctionality ofSplitManagementand EventTraffic
Verifying theSplitManagementand EventTraffic
MultipleManagementInterfaces
FP-6.1-JP-111
PassedInstallation of5.4 SourceFireDefense Center
Verifying theInstallation of5.4 SourceFireDefense center
Installation/UpgradeFP-6.1-JP-112
PassedVerifying theUpdate ofDefense Centerfrom Version5.3 to 5.4
To Verify theUpdating ofManagedDevices
Installation/UpgradeFP-6.1-JP-113
PassedVerifying theSRU, VDB, andGeoDBUpgrades
To Verify theUpdating ofManagedDevices
Installation/UpgradeFP-6.1-JP-114
Test Results for Cisco Firepower 6.1.0 for Japan28
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedConfigue andapply License tothe DefenseCenter
Verifying theLicense apply tothe DefenseCenter
LicenseingFP-6.1-JP-115
PassedEach sensingappliance (i.e.,ASA, virtualsensor, physicalsensor) musthave a licenseassociated withit on the DC
ApplyingLicenses toSensingDevices
LicenseingFP-6.1-JP-116
PassedVerifying theHost name fromDNS
Host Name fromDNS
APP IDEnchancements
FP-6.1-JP-117
PassedVerifying theApplicationProtocolIdentificationfrom TCP,UDP& Other IPProtocols
ApplicationProtocolIdentificationfrom TCP port,UDP port, andother IPprotocols
APP IDEnchancements
FP-6.1-JP-118
PassedVerifying theUser ID fromApplications
User ID fromApplications
APP IDEnchancements
FP-6.1-JP-119
PassedVerifying theAPP IDconfiguration
Verifying theAPP ID fromadditionalHTTPMetadata
APP IDEnchancements
FP-6.1-JP-120
PassedVerifying theNewConnectionlog fields
NewConnectionlog fields
APP IDEnchancements
FP-6.1-JP-121
PassedConfigure andcheck eventviewer inDefense centershows theVLAN Taginformation
Verifying thatthe event viewerin Defensecenter shows theVLAN Taginformation
VLAN TagInformation
FP-6.1-JP-122
Test Results for Cisco Firepower 6.1.0 for Japan 29
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedChecking theevent viewer inDefense centershows theVLAN Taginformationaccording to thetraffic flow.
Verifying thatthe event viewerin Defensecenter shows theVLAN Taginformationaccording to thetraffic flow.
VLAN TagInformation
FP-6.1-JP-123
PassedCheck eventviewer inDefense centershows theVLAN Taginformationaccording to thetraffic flowaction.
Verifying thatthe event viewerin Defensecenter shows theVLAN Taginformationaccording to thetraffic flowaction.
VLAN TagInformation
FP-6.1-JP-124
PassedConfigureReporting &ReportGeneration onthe Firesight
Verifying theReporting &ReportGeneration onthe Firesight
AutomationAnalysis
FP-6.1-JP-125
PassedCheck if withactions=copy, auser can create aNAT policy inthe currentdomain bycopying a NATpolicy in itsparent/currentdomain.
Copying NATpolicy in thecurrent domainfrom itsParent/currentdomains
DeviceManagement
FP-6.1-JP-126
PassedUser should beable to view aNAT policyreport from itsparent/currentdomain withoutany errors orexceptions
NAT policyreportgeneration fromparent/currentdomain.
DeviceManagement
FP-6.1-JP-127
Test Results for Cisco Firepower 6.1.0 for Japan30
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCheck if withactions-apply, auser can applyNAT policy intheparent/currentdomain toappropriatedevice.
Applying NATpolicy in thedomain todevice
DeviceManagement
FP-6.1-JP-128
PassedNAT policylisting pageshould show thedevices targetedby NAT policiesafter targetingthe NAT policyto device
Test to check ifdevice can betargeted by onlyone NAT policy
DeviceManagement
FP-6.1-JP-129
PassedVerify OSPFrouting withRBAC
OSPF routingwith RBAC
DeviceManagement
FP-6.1-JP-130
PassedTest DCupgrade fromChivas releaseto Dramquilarelease
Upgrade fromChivas Release
DeviceManagement
FP-6.1-JP-131
PassedAccess Policyrules configuredwith action asBlock withReset
Capture Traceoutput withAccess Policyrules configuredwith actionInteractiveBlock
PACKETTRACER
FP-6.1-JP-132
PassedAccess Policyrules configuredwith action asInteractiveBlock
Capture Traceoutput withAccess Policyrules configuredwith actionInteractiveBlock withReset
PACKETTRACER
FP-6.1-JP-133
PassedAccess Policyrules configuredwith URLBlocking
Capture Traceoutput forAccess Policyrules configuredwith URLBlocking
PACKETTRACER
FP-6.1-JP-134
Test Results for Cisco Firepower 6.1.0 for Japan 31
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedAccess Policyrules configuredwith URLMonitor
Capture Traceoutput forAccess Policyrules configuredwith URLMonitor
PACKETTRACER
FP-6.1-JP-135
PassedAccess Policyrules configuredwith AppBlocking
Capture Traceoutput forAccess Policyrules configuredwith AppBlocking
PACKETTRACER
FP-6.1-JP-136
PassedAccess Policyrules configuredwith AppMonitor
Capture Traceoutput forAccess Policyrules configuredwith AppMonitor
PACKETTRACER
FP-6.1-JP-137
PassedFile packagingon FirepowerNGFW
Verify cgroupconfig filepackaging onFirepowerNGFW
C/GroupsMemory Map
FP-6.1-JP-138
PassedFile packagingon SF Sensor
Verify cgroupconfig filepackaging on SFSensor
C/GroupsMemory Map
FP-6.1-JP-139
PassedFile packagingon ManagementCenter
Verify cgroupconfig filepackaging onManagementCenter
C/GroupsMemory Map
FP-6.1-JP-140
PassedCreation of aCaptive PortalIdentity Rule
Verify theCreation of aCaptive PortalIdentity Rule
Captive PortalFP-6.1-JP-141
Test Results for Cisco Firepower 6.1.0 for Japan32
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedVerify the UIwhen creating aCaptive PortalIdentity Rule,with Active authfallback.1.Create at least 1AD domain(configure ADserversthemselves)2.Configure realmand directory inSFR whichmatch theservers createdabove
Creating aCaptive PortalIdentity Rule,with Active authfallback
Captive PortalFP-6.1-JP-142
Test Results for Cisco Firepower 6.1.0 for Japan 33
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedIdentity Rulesshould bereordered1.Apply platformand featurelicenses.2. Ifnecessary, createat least 1 ADdomain(configure ADserver itself)3.Configure realmand directory inSFR whichmatch the servercreated above.4.Create anidentity policyand createseveral identityrules, includingPassive Auth,Active Auth(Captive Portal)and NoAuthentication.Also create asecond identitypolicy with afew rules.5.Create an ACRule and attachthe first Identitypolicy to it.Choose anaction that’s theopposite of theDefault Rule.
Verify IdentityRules can bereordered
Captive PortalFP-6.1-JP-143
Test Results for Cisco Firepower 6.1.0 for Japan34
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCaptive Portalidentity rules,identity policyshould becopied1. Applyplatform andfeaturelicenses2. Ifnecessary, createat least 1 ADdomain(configure ADserver itself)3.Configure realmand directory inSFR whichmatch the servercreated above.4.Create anidentity policycontainingseveral captiveportal identityrules.5. Createan AC Rule andattach theIdentity policyto it. Choose anaction that’s theopposite of theDefault Rule.
Verify CaptivePortal identityrules, when anidentity policy iscopied
Captive PortalFP-6.1-JP-144
PassedCaptive portalrules in identitypolicy reportsshould begenerated.1. Ifnecessary, createat least 1 ADdomain(configure ADserver itself)2.Configure realmand directory inSFR whichmatch the servercreated above.
VerifyGeneratingReports oncaptive portalrules in identitypolicy
Captive PortalFP-6.1-JP-145
Test Results for Cisco Firepower 6.1.0 for Japan 35
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedEnd to Endfunctionalityshould beanalyzed forHTTP BasicAuthentication
Verify End toEndfunctionality forHTTP BasicAuthentication
Captive PortalFP-6.1-JP-146
PassedEnd to Endfunctionalityshould be testedfor NTLMauthentication
Verify End toEndfunctionality forNTLMauthentication
Captive PortalFP-6.1-JP-147
PassedEnd to Endfunctionality forKerberosauthentication
Verify End toEndfunctionality forKerberosauthentication
Captive PortalFP-6.1-JP-148
PassedZones,Networks, andPorts should beused in CaptivePortalauthenticationPolicy
Verify thatZones,Networks, andPorts can beused in CaptivePortalauthenticationPolicy
Captive PortalFP-6.1-JP-149
PassedVlans can beadded in a ruleand used inCaptive Portalauthenticationpolicy
Verify thatVlans can beadded in a ruleand used inCaptive Portalauthenticationpolicy
Captive PortalFP-6.1-JP-150
PassedMinimumTimeout lengthof user sessions(both passiveand CaptivePortal) shouldbe tested.
VerifyminimumTimeout lengthof user sessions(both passiveand CaptivePortal
Captive PortalFP-6.1-JP-151
PassedFailedAuthenticationTimeout settingshould be tested
Verify FailedAuthenticationTimeout setting
Captive PortalFP-6.1-JP-152
Test Results for Cisco Firepower 6.1.0 for Japan36
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedMaximumAuthenticationAttempts shouldbe set in thesetting
VerifyMaximumAuthenticationAttempts setting
Captive PortalFP-6.1-JP-153
PassedCreate policy indomainA.Create Secondpolicy thatinherits from thefirst one.PolicyInheritance andobject aredeployedcorrectly -within singledomain on samesystem.
PolicyInheritance andobject - withinsingle domainon same system
IMPORT-EXPORTFP-6.1-JP-154
PassedCreate policy indomainA.Create Secondpolicy thatinherits from thefirst one.PolicyInheritance andobject aredeployedcorrectly -within singledomain on adifferent system.
PolicyInheritance andobject - withinsingle domainon a differentsystem
IMPORT-EXPORTFP-6.1-JP-155
PassedCreate policy indomainA.Create Secondpolicy in the subdomain A thatinherits from thefirst one andexport thepolicy.PolicyInheritance andobject aredeployedcorrectly - fromdifferentdomains on thesame system.
PolicyInheritance andobject - fromdifferentdomains on thesame system
IMPORT-EXPORTFP-6.1-JP-156
Test Results for Cisco Firepower 6.1.0 for Japan 37
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedCreate object indomain A andcreate ACPolicy that usesthe object.CreateSecond policy insub domain Athat inheritsfrom the firstone.Parentpolicy can beexported if childpolicy usesparent policyobjects
Parent policycan be exportedif child policyuses parentpolicy objects
IMPORT-EXPORTFP-6.1-JP-157
PassedCreate Healthpolicy in domainA.Export thepolicy andverify it.
Health Policy onthe same systemin a singledomain
IMPORT-EXPORTFP-6.1-JP-158
PassedCreate Healthpolicy in domainA and Exportit.Import thepolicy in theSecond DC andverify it.
Health Policy ona differentsystem in asingle domain
IMPORT-EXPORTFP-6.1-JP-159
PassedCreate Healthpolicy in domainA and Exportit.Import it inDomain B, Editand reimport it.
Health Policyfrom differentdomains on thesame system
IMPORT-EXPORTFP-6.1-JP-160
PassedCreate intrusionpolicy inDomainA.Export it andmake changes tothe intrusionpolicy. Import itand Verify.
Intrusion Policyon the samesystem in asingle domain
IMPORT-EXPORTFP-6.1-JP-161
Test Results for Cisco Firepower 6.1.0 for Japan38
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCreate intrusionpolicy inDomainA.Export it andmake changes tothe intrusionpolicy. Import itin your SecondDC and thenreimport andVerify.
Intrusion Policyon a differentsystem in asingle domain
IMPORT-EXPORTFP-6.1-JP-162
PassedCreate intrusionpolicy inDomainA.Export thepolicy.Import itin Domain Band verify it.
Intrusion Policyfrom differentdomains on thesame system
IMPORT-EXPORTFP-6.1-JP-163
PassedCreate customtable in DomainA.Export thecustom tableEditand thenreimport andverify it.
Custom Tableon the samesystem in asingle domain
IMPORT-EXPORTFP-6.1-JP-164
PassedCreate customtable in DomainA.Export thecustomtable.Import it inSecond DC,reimport andVerify it.
Custom Tableon a differentsystem in asingle domain
IMPORT-EXPORTFP-6.1-JP-165
PassedCreate customworkflow inDomainA.Export thecustomworkflow.Importand Verify it.
CustomWorkflow onthe same systemin a singledomain
IMPORT-EXPORTFP-6.1-JP-166
PassedCreate customtable in DomainA.Export thecustomtable.Import it inDomain B andedit, reimportand Verify it.
Custom Tablefrom differentdomains on thesame system
IMPORT-EXPORTFP-6.1-JP-167
Test Results for Cisco Firepower 6.1.0 for Japan 39
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedCreate customworkflow inDomainA.Export thecustomworkflow.Importit in Second DCand edit,reimport andVerify it.
CustomWorkflow on adifferent systemin a singledomain
IMPORT-EXPORTFP-6.1-JP-168
PassedCreate customworkflow inDomainA.Export thecustomworkflow.Importit in Domain Band edit,reimport andVerify it.
CustomWorkflow fromdifferentdomains on thesame system
IMPORT-EXPORTFP-6.1-JP-169
PassedCreate widget inDomainA.Export thewidget.Importand Verify it
DashboardWidget on thesame system ina single domain
IMPORT-EXPORTFP-6.1-JP-170
PassedCreate widget inDomainA.Export thewidget.Import itin Second DCand edit,reimport andVerify it.
DashboardWidget on adifferent systemin a singledomain
IMPORT-EXPORTFP-6.1-JP-171
PassedCreate widget inDomainA.Export thewidget.Import itin Domain Band edit,reimport andVerify it.
DashboardWidget fromdifferentdomains on thesame system
IMPORT-EXPORTFP-6.1-JP-172
PassedCreate user rolein DomainA.Export theuser role.Importand Verify it.
User Role on thesame system ina single domain
IMPORT-EXPORTFP-6.1-JP-173
Test Results for Cisco Firepower 6.1.0 for Japan40
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCreate user rolein DomainA.Export theuser role.Importit in Second DCand edit,reimport andverify it.
User Role on adifferent systemin a singledomain
IMPORT-EXPORTFP-6.1-JP-174
PassedCreate user rolein DomainA.Export theuser role.Importit in Domain Band edit,reimport andverify it.
User Role fromdifferentdomains on thesame system
IMPORT-EXPORTFP-6.1-JP-175
PassedThis test willverify that thefireamp eventtype ThreatDetectedappears whenthe fireamp isconfigured aspart of theGlobal Domainonly and hostsin the networkmap are updatedaccordingly
Verify Global -Event TypeThreat Detected
Fire AMPNetwork Maps
FP-6.1-JP-176
PassedThis test willverify that thefireamp eventtype ThreatDetectedappears whenthe fireampcloud isconfigured aspart of theDomain onlyand hosts in thenetworkmap areupdatedaccordingly.
Verify FireAMPDomain - EventType ThreatDetected
Fire AMPNetwork Maps
FP-6.1-JP-177
Test Results for Cisco Firepower 6.1.0 for Japan 41
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedThis test willverify that thefireamp eventtype ThreatDetectedappears whenthe fireampcloud isconfigured aspart of the SubDomain onlyand hosts in thenetworkmap areupdatedaccordingly.
Verify FireAMP- Sub Domain -Event TypeThreat Detected
Fire AMPNetwork Maps
FP-6.1-JP-178
PassedThis test willverify that thefireamp eventtype ThreatDetectedappears whenthe fireampcloud isconfigured aspart of the SubDomain onlyand hosts in thenetworkmap areupdatedaccordingly.
Verify FireAMP- Sub Domain -Event TypeThreat Detectedand update inNetwork map
Fire AMPNetwork Maps
FP-6.1-JP-179
PassedThis test willverify that thefireamp eventtype ThreatDetectedappears whenthe fireampcloud isconfigured aspart of the SubDomain onlyand hosts in thenetworkmap areupdatedaccordingly.
Verify FireAMP- Sub Domain -Event TypeThreat Detectedandvulnerabilitydetails withupdate innetwork maps
Fire AMPNetwork Maps
FP-6.1-JP-180
Test Results for Cisco Firepower 6.1.0 for Japan42
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedConfigure theFireAMP cloudon multiple subdomains andhosts in thenetworkmap areupdatedaccordingly
Verify theConfiguration ofsame Cloud onmultipleDomains
Fire AMPNetwork Maps
FP-6.1-JP-181
PassedThis will verifythat you canconfigure theFireAMP cloudon multiple subdomains andhosts in thenetworkmap areupdatedaccordingly
Verify theConfiguration ofsame Cloud onmultipleDomains
Fire AMPNetwork Maps
FP-6.1-JP-182
PassedDownloadingthe AC PolicyPDF Report
Creating an ACPolicy anddownload thePDF for thepolicy.
Policy PDFReport Drop
FP-6.1-JP-183
PassedDownloadingthe AC Policycreated withname inJapanesePDFReport
Creating an ACPolicy withJapanese Nameand downloadthe PDF for thepolicy.
Policy PDFReport Drop
FP-6.1-JP-184
PassedDownloadingthe IntrusionPolicy PDFReport
Creating anIntrusion Policywith JapaneseName anddownload thePDF for thepolicy
Policy PDFReport Drop
FP-6.1-JP-185
PassedLogging inbrings you to theASA CLI
Console andSSH loginshould be atASA CLI
CLI ACCESSFP-6.1-JP-186
PassedSnort commandshould beverified bydifferent traffic
show snort (withtraffic)
CLI ACCESSFP-6.1-JP-187
Test Results for Cisco Firepower 6.1.0 for Japan 43
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedIPV4 networkaddress shouldbe configuredmanually
CLI Access - SFCLI - Configure- network ipv4manual
CLI ACCESSFP-6.1-JP-188
PassedFirewall enginedebug commandshould be testedby differenttraffic
CLI Access - SFCLI - systemsupportfirewall-engine-debug
CLI ACCESSFP-6.1-JP-189
PassedCreate twoidentical ruleswith networksdefined. Ensurethe second rulehas awarning.Edit thefirst rule andadd a sourceport. Ensure thesecond rule doesnot have awarning.
Source Port inAC - RuleEditor -Warning Msg -For preemptedrule
NGFWLICENSING
FP-6.1-JP-190
PassedApply a policywhich haswarningsindicatinginvalid portcombinations.Theseinvalidcombinationsshould beomitted from theNGFW rulesfile.This testscenario isapplicable onlyfor Firepowerdevices.
Rule Editor -WarningMessage - whenonly Protectlicense isapplied tabsunder rule editorshould showwarning icons.
NGFWLICENSING
FP-6.1-JP-191
PassedThis test caseneeds to beexecuted in bothFirepower andNGFW device.
Source Port inAC - RuleEditor -Warningmessage forinvalid src portwhen policyapplied fromaccess controlpolicy list page
NGFWLICENSING
FP-6.1-JP-192
Test Results for Cisco Firepower 6.1.0 for Japan44
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedAdd a device tothe DC Createtwo identicalPolicies and addrules.SelectLocal Object tothe parent Policyand deploy todevice. Ensurethe Policyoverride forhttp, intrusionand file policy.
Policy Overridefor http,Intrusion andFile policy
ZONESUPPORT
FP-6.1-JP-193
PassedAdd a device tothe DC Createtwo identicalPolicies and addrules.Select theoption Filter byDevice. Verifythe filterfunctionality.
Filter By Deviceon Access Rulestable
ZONESUPPORT
FP-6.1-JP-194
PassedDeployment ofaggregated ruleshould workfine. Trafficshould besuccessfullypassed.
Deployment ofAggregatedrules
ZONESUPPORT
FP-6.1-JP-195
PassedCreate a NewapplicationDetector
OpenAVC-TestingGeneral Layoutand Create newapplicationDetector
OPEN AVCFP-6.1-JP-196
PassedCreate NewapplicationDetector with noname
OpenAVC -Testing GeneralLayout andCreateapplicationDetector with noname
OPEN AVCFP-6.1-JP-197
PassedCreate a NewapplicationDetector with noDescription
OpenAVC -Testing GeneralLayout andCreate a NewapplicationDetector with noDescription
OPEN AVCFP-6.1-JP-198
Test Results for Cisco Firepower 6.1.0 for Japan 45
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedCreate a NewapplicationDetector with noApplicationProtocol isselected
OpenAVC –Testing GeneralLayout andCreate a NewapplicationDetector with noApplicationProtocol isselected
OPEN AVCFP-6.1-JP-199
PassedCreate a Newapplicationdetector.DetectorDetects theDuplicate Nameand withapplicationprotocol: 9P.
OpenAVC -Testing GeneralLayout andCreate a NewapplicationDetector theDuplicate Name:
OPEN AVCFP-6.1-JP-200
PassedTesting Generaland Create NewapplicationDetector: Editexist Name"OpenAVC100"to"OpenAVC777"
OpenAVC -Testing GeneralLayout andCreate NewapplicationDetector: Editexist Name
OPEN AVCFP-6.1-JP-201
PassedCreate a NewapplicationDetector: Editexist descriptionfrom"OpenAVC isgood" to "OpenAVC issimilar toOpenAppID"
OpenAVC -Testing GeneralLayout andCreate NewapplicationDetector: Editexist description
OPEN AVCFP-6.1-JP-202
PassedCreate a NewapplicationDetector andchange existapplicationprotocol todifferent
Create a NewapplicationDetector: changeexist applicationprotocol todifferent
OPEN AVCFP-6.1-JP-203
Test Results for Cisco Firepower 6.1.0 for Japan46
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedSimple importdetector: CreateView for"ApplicationEditor " Nameand Descriptionfield
OpenAVC -Testing userimport detector:Create View for"ApplicationEditor” Nameand Descriptionfield on SimpleDetector.
OPEN AVCFP-6.1-JP-204
PassedCustom importdetector: CreateView for"ApplicationEditor " Nameand Descriptionfield
OpenAVC -Testing userimport detector:Create View for"ApplicationEditor " Nameand Descriptionfield on CustomDetector
OPEN AVCFP-6.1-JP-205
PassedSimple importdetector: CreateView for"ApplicationEditor " forBusinessRelevance: asVery Low, Low,Medium andHigh Very
OpenAVC-Testing userimport detector:Create View for"ApplicationEditor " OnSimple Detectorfor BusinessRelevance
OPEN AVCFP-6.1-JP-206
PassedCustom importdetector: CreateView for"ApplicationEditor " forBusinessRelevance: asVery Low, Low,Medium andHigh Very
OpenAVC-Testing UI anduser importdetector: CreateView for"ApplicationEditor " OnCustomDetector forBusinessRelevance
OPEN AVCFP-6.1-JP-207
PassedSimple importdetector: CreateView for"ApplicationEditor "Categories
OpenAVC-Testing userimport detector:Create View for"ApplicationEditor "Categories onSimple Detector
OPEN AVCFP-6.1-JP-208
Test Results for Cisco Firepower 6.1.0 for Japan 47
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedCustom importdetector: CreateView for"ApplicationEditor "Categories
OpenAVC-Testing userimport detector:Create View for"ApplicationEditor "Categories onCustomDetector:
OPEN AVCFP-6.1-JP-209
PassedSimple importdetector: CreateView for"ApplicationEditor " Tags
OpenAVC-Testing userimport detector:Create View for"ApplicationEditor " Tags onSimple Detector
OPEN AVCFP-6.1-JP-210
PassedCustom importdetector: CreateView for"ApplicationEditor " Tags
OpenAVC-Testing userimport detector:Create View for"ApplicationEditor " Tags onCustomDetector
OPEN AVCFP-6.1-JP-211
PassedAdding thedevices in thedevicemanagement
Add the HADevice in theFTD.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-212
PassedTo add HighAvailability Pairverifying thereis havingenough devicesin the devicemanagement.
Check enoughdevices to addHighAvailability Pair
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-213
PassedIf there is nothaving enoughdevices, add onemore device inthe DeviceManagement
Check if thereare no enoughdevices, how toadd highAvailability.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-214
Test Results for Cisco Firepower 6.1.0 for Japan48
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCheck if theHighAvailability canbe addedsuccessfully onDeviceManagement forFirepowerThreat Defense.
Create HighAvailability forFirepowerThreat Defense
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-215
PassedTo add HighAvailabilityPair, verifyingdevices arecompatible inthe devicemanagement.
Verifying thedevices arecompatible toadd HighAvailability Pair
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-216
PassedEnsure twodevices areavailable.If twodevices are notcompatiblemake thechanges wherewe needed andclicks continueto add HighAvailability.
Verify thatdevices are notcompatible, howto add Highavailability pair.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-217
PassedCheck if theHighAvailability Paircan beconfiguredsuccessfully byLAN FailoverLink andStateful FailoverLink.
HighAvailability Pairconfigurationfor FirepowerThreat Defense
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-218
PassedCheck if theLAN Failoverand StatefulLink Interfacescannot beedited.
LAN Failoverlink/Stateful linkinterface cannotbe edited.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-219
PassedCheck if theFailover LinkInterfacescannot bemonitored.
Failoverinterface cannotbe monitored.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-220
Test Results for Cisco Firepower 6.1.0 for Japan 49
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedCheck if HighAvailability Pair- Bootstrapconfigurationdeploys Primaryand Secondarynodessuccessfully.
HighAvailability –Bootstrapconfiguration
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-221
PassedCheck ifInterfaceMonitoring canbeEnabled/Disabledfor HighAvailability.
Enable/DisableInterfaceMonitoring forHighAvailability
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-222
PassedVerifying theFailoversstatistics in theFTD HA
Verifying theFailoversstatistics in theFTD HA
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-223
PassedCheck ifFailover TriggerCriteria can beedited for HighAvailability.
HighAvailability –Failover TriggerCriteria
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-224
PassedCheck if theInterface MACAddresses canbe Added forActive andStandby HighAvailability.
ConfigureInterface MACAddress forActive andStandby HighAvailability.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-225
PassedCheck if theFailoverStatistics list outthe statistics onHighAvailability.
FailoverStatistics onHighAvailability
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-226
PassedCheck ifFailover Historycan besuccessfullyviewed onSummary
Failover Historyon Summary
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-227
Test Results for Cisco Firepower 6.1.0 for Japan50
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCheck if Devicecan SwitchbetweenActive/Standbyon HighAvailabilityPair.
SwitchActive/Standbyon Devices
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-228
PassedCheck if HighAvailability canBreaksuccessfully onDevices
Break FirepowerThreat DefenseHighAvailabilityPair.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-229
PassedCheck if Deleteoperation can beperformedsuccessfully onHighAvailabilityPair.
DeleteFirepowerThreat DefenseHighAvailabilityPair.
Configuration /Set up of HA ofFirepowerThreat Defense
FP-6.1-JP-230
PassedCheck the snortflow byrebooting theActive device
Snort flowduring Activedevice down
Snort flowDuring Failover
FP-6.1-JP-231
PassedCheck the snortflow byrebooting theStandby device.
Snort flowduring Standbydevice down
Snort flowDuring Failover
FP-6.1-JP-232
PassedCheck the trafficflow duringActive UnitPhysicalinterface isdown.
Snort flowduring Activedevice physicalinterface down
Snort flowDuring Failover
FP-6.1-JP-233
PassedCheck the trafficflow duringStandby UnitPhysicalinterface isdown.
Snort flowduring Standbydevice physicalinterface down.
Snort flowDuring Failover
FP-6.1-JP-234
PassedCheck if theEvents tabshows trafficflow whenActive unit isdown
Verify Eventswhen Activeunit is down
Snort flowDuring Failover
FP-6.1-JP-235
Test Results for Cisco Firepower 6.1.0 for Japan 51
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedCheck if theEvents tabshows trafficflow whenActive unitphysicalinterface isdown.
Verify theEvents duringActive devicephysicalinterface down
Snort flowDuring Failover
FP-6.1-JP-236
PassedCheck if theEvents tabshows trafficflow whenStandby unitphysicalinterface isdown.
Verify theEvents duringStandby devicephysicalinterface down.
Snort flowDuring Failover
FP-6.1-JP-237
PassedCheck if theEvents tabshows trafficflow whenActive unit isdown.
Verify Eventswhen Standbyunit is down.
Snort flowDuring Failover
FP-6.1-JP-238
PassedCreate a rule inac policy, applyand kill the snortprocess 50%Snort processes
Snort flowDuring Failover
FP-6.1-JP-240
PassedCreate a rule inac policy, applyand kill the snortprocess. Andrestart the snortprocess.
Failover andFailback afterkilling Snort andrestarting onActive member
Snort flowDuring Failover
FP-6.1-JP-241
PassedHA pairrediscoveryfailure whenSnort is downon Secondarymember
HA pairrediscoveryfailure whenSnort is downon Secondarymember
Snort flowDuring Failover
FP-6.1-JP-242
Test Results for Cisco Firepower 6.1.0 for Japan52
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCreating HAPair and passingthe traffic flow.
HA creationwith datainterfaces asredundantinterfaces.
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-243
PassedCreating HAPair withport-channelinterface andpassing thetraffic flow.
HA creationwith datainterfaces asPort-channelinterfaces.
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-244
PassedCheck themessage forerror conditionduring breakoperation
Message forerror conditionduring breakoperation
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-245
PassedBreak the HAPair with somepolicies existingon it
Break with dirtypolicies
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-246
PassedSwitch over theHA Pair withsome policiesexisting on it
Switch withdirty policies
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-247
PassedBreak the HAPair and swapthe devices withnewly createdHA Pair
Break and HAcreation withswapping ofdevices forprimary/secondary
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-248
PassedBreak the HAPair and createHA Pair andforce break HApair.
Break and Forcebreak even ifHA pair is intact
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-249
PassedHAconfigurationsshould beremoved fromSnort after breakoperation.
HAconfigurationare removedfrom Snort afterbreak
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-250
PassedCreate a HAPair withdifferentinterfaces anddifferent modesin the FTD
HA creationwith differentinterfaces andmodes
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-251
Test Results for Cisco Firepower 6.1.0 for Japan 53
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedInitiate Memoryexhaustion inthe device andcheck the trafficflow.
Memoryexhaustion ofHA device
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-252
PassedCreate HA Pairwithtransparent/routedmode and checkthe traffic flow.
HA failoverduring hightraffic rate
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-253
PassedCreate HA Pairwithtransparent/routedmode and checkthe devices inmaintenancemode.
HA failoverduring hightraffic rate
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-254
PassedCreate HA Pairwithtransparent/routedmode and checkthe failovertrigger.
Check thenon-monitoredinterface cannottrigger failover
Operations forHA ofFirepowerThreat Defense
FP-6.1-JP-255
PassedCheck thecommand “showhigh availabilityconfig”
Check “Showhigh availabilityconfig” showsthe failoverstatistics.
CLI Operationsof HA ofFirepowerThreat Defense
FP-6.1-JP-256
PassedCheck thecommand“configurehigh-availabilitydisable” andverify its output
Check“configurehigh-availabilitydisable” willremove failoverconfiguration.
CLI Operationsof HA ofFirepowerThreat Defense
FP-6.1-JP-257
PassedCheck ifconfigurehigh-availabilitydisable[clear-interfaces]CLI commentworkssuccessfully.
Configurehigh-availabilitydisable[clear-interfaces]– CLI comment
CLI Operationsof HA ofFirepowerThreat Defense
FP-6.1-JP-258
Test Results for Cisco Firepower 6.1.0 for Japan54
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCheck ifconfigurehigh-availabilitydisable CLIcomment workssuccessfully.
Configurehigh-availabilitysuspend – CLIcomment
CLI Operationsof HA ofFirepowerThreat Defense
FP-6.1-JP-259
PassedVerifying“configurehigh-availabilitysuspend[clear-interfaces]”are temporarilydisable failoverconfiguration.
Verifying“configurehigh-availabilitysuspend[clear-interfaces]”are temporarilydisable failoverconfiguration.
CLI Operationsof HA ofFirepowerThreat Defense
FP-6.1-JP-260
PassedVerifying“configurehigh-availabilityresume” enableback failoverconfiguration ondevice whichwas suspendedby temporarily.
Verifying“configurehigh-availabilityresume” enableback failoverconfiguration ondevice whichwas suspendedby temporarily.
CLI Operationsof HA ofFirepowerThreat Defense
FP-6.1-JP-261
PassedVerify theupgradationProcess
Verify theUpgradation ofthe FTD HAPair.
Upgrading FTDin HA
FP-6.1-JP-262
PassedCheck theInstallation ofFTD HA PairUpdates.
InstallingUpdates forFTD HA Pair
Upgrading FTDin HA
FP-6.1-JP-263
PassedVerifyUploading theFTD HA PairUpdates.
UploadingUpdates forFTD HA Pair
Upgrading FTDin HA
FP-6.1-JP-264
PassedUploading theFTD HA PairUpdates statusverification.
Statusverification afterUploading theUpdates forFTD HA Pair
Upgrading FTDin HA
FP-6.1-JP-265
PassedVerifydiagnostic clisub options fortroubleshooting
Diagnostic clisub options fortroubleshooting
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-266
Test Results for Cisco Firepower 6.1.0 for Japan 55
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedConfigureFailover andverify its output
Failover statecommandshould beanalyzed
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-267
PassedConfigureFailover andverify itsHistory.
Failover historyshould beanalyzed
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-268
PassedConfigureFailover andverify itspossible statechange reasons.
State ChangeReasons
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-269
PassedConfigureFailover andverify itsOutput.
show failoverstatisticscommandshould beanalyzed
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-270
PassedConfigureFailover andverify its Outputin the interfaces.
Show failoverinterfacescommandshould beanalyzed
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-271
PassedConfigureFailover andverify its Outputin the interfaces.
Show failoverinterfacescommandshould beanalyzed
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-272
PassedConfigureFailover andverify the clicommand.
Show failovercommandshould beanalyzed
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-273
PassedConfigureFailover, verifythe clicommand, andverify theInterface statesfor the Failover.
Failoverinterface Statesshould beanalyzed
TroubleshootingHA ofFirepowerThreat Defense
FP-6.1-JP-274
PassedVerify theupgradationProcess
Enable FTD-HAsmart license fora registered HApair from SmartLicensing pageafter creatingFTD-HA pair.
Licensing HAFP-6.1-JP-275
Test Results for Cisco Firepower 6.1.0 for Japan56
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedFTD-HA pairwith Primaryand Secondaryhaving differentStandaloneSmart Licenses.
Create FTD-HApair withPrimary andSecondaryhaving differentStandaloneSmart Licenses.
Licensing HAFP-6.1-JP-276
PassedSmart Licenseinformation ispersistent overFailover.
FTD-HA SmartLicenseinformation ispersistent overFailover.
Licensing HAFP-6.1-JP-277
PassedVerify theProcess ofFTD-HA SmartLicenseinformation ispersistent overFailover andFallback
FTD-HA SmartLicenseinformation ispersistent overFailover andFallback
Licensing HAFP-6.1-JP-278
PassedVerify theprocess ofFTD-HA SmartLicenseinformation ispersistent afterreboot.
FTD-HA SmartLicenseinformation ispersistent afterreboot.
Licensing HAFP-6.1-JP-279
PassedFTD-HAlicenses arereturned tosmart Cloud.
Delete FTD-HApair and verifythat FTD-HAlicenses arereturned tosmart Cloud.
Licensing HAFP-6.1-JP-280
PassedDelete FTD-HApair
Delete FTD-HApair and verifythat FTDstandalonedevice getsoriginalLicenses back
Licensing HAFP-6.1-JP-281
Test Results for Cisco Firepower 6.1.0 for Japan 57
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedFTD-HAlicenses arereturned tosmart Cloud.
Delete FTD-HApair afterswitchover andverify thatFTD-HAlicenses arereturned tosmart Cloud.
Licensing HAFP-6.1-JP-282
PassedStand-alonelicense to aFTD-HA pair.
Applystand-alonelicense to aFTD-HA pair.
Licensing HAFP-6.1-JP-283
PassedFTD-HA licenseto a stand-aloneFTD device
Apply FTD-HAlicense to astand-alone FTDdevice.
Licensing HAFP-6.1-JP-284
PassedThis test willverify the list ofIPv4/ IPv6addressesmanually
Verify the Geolookup- enterlist of IPv4/IPv6 addressesmanually
User-requestedGeolocationlookup for IPs
FP-6.1-JP-285
PassedThis test willverify the list ofvalid and invalidIPv4/ IPv6addressesmanually
Verify the Geolookup- enterthe list of validand invalidIPv4/ IPv6addressesmanually
User-requestedGeolocationlookup for IPs
FP-6.1-JP-286
PassedThis test willverify theNumeric,Characters &Alphanumericas Input
Verify the Geolookup-Numeric,Characters &Alphanumeric
User-requestedGeolocationlookup for IPs
FP-6.1-JP-287
PassedThis test willverify theWrong format ofIPv4/IPv6 asInput
Verify the Geolookup- Wrongformat ofIPv4/IPv6
User-requestedGeolocationlookup for IPs
FP-6.1-JP-288
PassedThis test willverify the BothIPv4 & IPv6 asgive inputalternatively.
Verify the Geolookup- BothIPv4 & IPv6 asgive inputalternatively
User-requestedGeolocationlookup for IPs
FP-6.1-JP-289
Test Results for Cisco Firepower 6.1.0 for Japan58
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedThis test willverify theIPv4/IPv6multicastaddress as input
Verify the Geolookup-IPv4/IPv6multicastaddress
User-requestedGeolocationlookup for IPs
FP-6.1-JP-290
PassedThis test willverify theIPv4/IPv6 linklocal address asinput
Verify the Geolookup-IPv4/IPv6 linklocal address
User-requestedGeolocationlookup for IPs
FP-6.1-JP-291
PassedThis test willverify theIPv4/IPv6Loopbackaddress as input
Verify the Geolookup-IPv4/IPv6Loopbackaddress
User-requestedGeolocationlookup for IPs
FP-6.1-JP-292
PassedThis test willverify the IPv6Unique localaddress as input
Verify the Geolookup- IPv6Unique localaddress
User-requestedGeolocationlookup for IPs
FP-6.1-JP-293
PassedThis test willverify the IPv6documentationPrefix address asinput
Verify the Geolookup- IPv6documentationPrefix address
User-requestedGeolocationlookup for IPs
FP-6.1-JP-294
PassedThis test willverify the IPv6site localaddress as input
Verify the Geolookup- IPv6site localaddress
User-requestedGeolocationlookup for IPs
FP-6.1-JP-295
PassedThis test willverify more thanmax supported250 address asinput
Verify the Geolookup- Morethan maxsupported 250address
User-requestedGeolocationlookup for IPs
FP-6.1-JP-296
PassedThis test willverify able tocopy and Pastethe list of IPv4list manually.
Verify the Geolookup- Copyand Paste the listof IPv4 addressmanually.
User-requestedGeolocationlookup for IPs
FP-6.1-JP-297
PassedThis test willverify it throwserror for the badstrings enteredin text box.
Verify the Geolookup- ThrowsError for BadStrings.
User-requestedGeolocationlookup for IPs
FP-6.1-JP-298
Test Results for Cisco Firepower 6.1.0 for Japan 59
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedThis test willverify the sortbased oncountry name,code andcontinent.
Verify the Geolookup- Sortbased oncountry name,code andcontinent
User-requestedGeolocationlookup for IPs
FP-6.1-JP-299
PassedCheck if theentering stringson input fieldshows propererror message
Strings onwhoislookup field
User-requestedWhois Lookup
FP-6.1-JP-300
PassedCheck if theIPv4 addresssearch on whoisshowsappropriateresult.
Search IPv4address onwhois field
User-requestedWhois Lookup
FP-6.1-JP-301
PassedCheck if theIPv6 addresssearch on whoisshowsappropriateresult.
Search IPv6Address onwhois field
User-requestedWhois Lookup
FP-6.1-JP-302
PassedCheck if theinvalid IPv4address searchon whois showsappropriateerror.
Search invalidIPv4Address onwhois field
User-requestedWhois Lookup
FP-6.1-JP-303
PassedCheck if theinvalid IPv6address searchon whois showsappropriateerror.
Search invalidIPv6Address onwhois field
User-requestedWhois Lookup
FP-6.1-JP-304
PassedCheck if theoutput of whoisfield search canbe copy andpasted on Localmachine.
Copy/Pasteoutput of whoisfield search tolocal machine
User-requestedWhois Lookup
FP-6.1-JP-305
Test Results for Cisco Firepower 6.1.0 for Japan60
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedCheck if theIPv4 or IPv6address fromlocal machinecan be copy andpaste to whoisfield
Copy/Paste IPv4or IPv6 addressfrom localmachine towhois field
User-requestedWhois Lookup
FP-6.1-JP-306
PassedCheck if theIPv4 or IPv6address searchresult byswitching HighAvailabilitymode on FMC
IPv4 or IPv6address searchby switchingHighAvailabilitymode
User-requestedWhois Lookup
FP-6.1-JP-307
PassedVerify the threereports arepresent withonly “Generate”option
AdvancedMalware,Attacks &Networks RiskReport
Integrated RiskReports
FP-6.1-JP-308
PassedVerify the EachRisk Report areable to generateand all InputParameters areavailable
AdvancedMalware,Attacks &Networks areable to generate
Integrated RiskReports
FP-6.1-JP-309
PassedVerify the Eachrisk report areable to view,download anddeletesuccessfully.
Each RiskReport-View,download andDelete
Integrated RiskReports
FP-6.1-JP-310
PassedVerify theAdvancedMalware RiskReport are ableto Generate inReportTemplates Tab
Able toGenerateAdvancedMalware RiskReport
Integrated RiskReports
FP-6.1-JP-311
PassedVerify the Title,Date & CoverPage haveaccurateinformation ofAdvancedMalware RiskReport.
Title, Date &Cover Page ofAdvancedMalware RiskReport
Integrated RiskReports
FP-6.1-JP-312
Test Results for Cisco Firepower 6.1.0 for Japan 61
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedVerify the eachsection andwidget areavailable inAdvancedMalware RiskReport.
AdvancedMalware RiskReports-Sections& Widgets
Integrated RiskReports
FP-6.1-JP-313
PassedVerify theExecutiveSummarySection have thesix widgetscorrectly.
AdvancedMalware RiskReport-ExecutiveSummarySection.
Integrated RiskReports
FP-6.1-JP-314
PassedVerifying theMalware ProfileFlow Diagramcounts aredisplayedcorrectly.
AdvancedMalware RiskReport-FlowDiagram
Integrated RiskReports
FP-6.1-JP-315
PassedVerifying theRecommendationsSections aredisplayedCorrectly.
AdvancedMalware RiskReport-Recommendations.
Integrated RiskReports
FP-6.1-JP-316
PassedVerifying theAbout cisco andContact us aredisplayedcorrectly
AdvancedMalware RiskReport-AboutCisco andContact Us
Integrated RiskReports
FP-6.1-JP-317
PassedVerify theAttacks RiskReport are ableto Generate inReportTemplates Tab
Able toGenerateAttacks RiskReport
Integrated RiskReports
FP-6.1-JP-318
PassedThis test willVerify the Title,Date & CoverPage haveaccurateinformation ofAttacks RiskReport.
Title, Date &Cover Page ofAttacks RiskReport
Integrated RiskReports
FP-6.1-JP-319
Test Results for Cisco Firepower 6.1.0 for Japan62
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 forJapan
-
PassedThis test willverify the eachsection andwidget areavailable inAttacks RiskReport.
Attacks RiskReports-Sections& Widgets
Integrated RiskReports
FP-6.1-JP-320
PassedThis test willverify theExecutiveSummarySection have thesix widgetscorrectly.
Attacks RiskReport-ExecutiveSummarySection.
Integrated RiskReports
FP-6.1-JP-321
PassedThis test willverify theRecommendationsSections aredisplayedCorrectly.
Attacks RiskReport-Recommendations.
Integrated RiskReports
FP-6.1-JP-322
PassedThis test willverify the Aboutcisco andContact us aredisplayedcorrectly
Attacks RiskReport-AboutCisco andContact Us
Integrated RiskReports
FP-6.1-JP-323
PassedThis test willverify theNetworks RiskReport are ableto Generate inReportTemplates Tab
Able toGenerateNetworks RiskReport
Integrated RiskReports
FP-6.1-JP-324
PassedThis test willverify the Title,Date & CoverPage haveaccurateinformation ofNetworks RiskReport.
Title, Date &Cover Page ofNetworks RiskReport
Integrated RiskReports
FP-6.1-JP-325
Test Results for Cisco Firepower 6.1.0 for Japan 63
Test Results SummaryTest Results Summary for Cisco Firepower FP9300 Security Appliance with Cisco Firepower Threat Defense 6.1.0 for
Japan
-
PassedThis test willverify the eachsection andwidget areavailable inNetworks RiskReport.
Networks RiskReports-Sections& Widgets
Integrated RiskReports
FP-6.1-JP-326
PassedThis test willverify theExecutiveSummarySection have thesix widgetscorrectly.
Networks RiskReport-ExecutiveSummarySection.
Integrated RiskReports
FP-6.1-JP-327
PassedThis test willverify theRecommendationsSections aredisplayedCorrectly.
Networks RiskReport-Recomme
top related