A network engineer implements a new Cisco Firepower device on the network to take advantage of its intrusion detection functionality.
There is a requirement to analyze the traffic going across the device, alert on any malicious traffic, and appear as a bump in the wire.
How should this be implemented?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
To analyze traffic going across the Cisco Firepower device and alert on any malicious traffic while appearing as a bump in the wire, the device must be deployed in transparent mode.
Transparent mode allows the Cisco Firepower device to appear as a bump in the wire and operate transparently, without requiring any changes to the network topology or IP addressing.
To configure transparent mode, a bridge group must be created, and the physical interfaces on the device must be added to the bridge group. The bridge group operates at Layer 2 of the OSI model and allows the device to forward traffic without changing the MAC addresses of the packets.
Therefore, the correct answer is D. Configure a bridge group in transparent mode.
Option A is incorrect because specifying the BVI IP address as the default gateway for connected devices would require changes to the network topology and IP addressing, which is not required in transparent mode.
Option B is incorrect because enabling routing on the Cisco Firepower device would allow it to function as a router, which is not necessary for transparent mode.
Option C is incorrect because adding an IP address to the physical Cisco Firepower interfaces would require the device to be deployed in routed mode, which is not required for transparent mode.