To filter traffic between multiple subnets, the engineer must implement the firewall in routed mode. In routed mode, the firewall operates as a Layer 3 device, capable of routing traffic between different IP subnets. This mode is appropriate for filtering traffic between LAN, DMZ, and WAN subnets.
Steps to configure routed mode:
* Access the firewall's management interface.
* Configure interfaces for each subnet (LAN, DMZ, WAN) with appropriate IP addresses and network masks.
* Define security zones and apply access control policies to filter traffic as required.
This ensures that the firewall can inspect and route traffic between the different subnets, providing the necessary security and control.
References: Cisco Secure Firewall Threat Defense Configuration Guide, Chapter on Routed Mode Configuration.

Reference:
https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623/cisco_threat_intelligence_directortid_.html

When creating a new intrusion rule in a Cisco Secure Firewall Threat Defense (FTD) device, the keyword type "metadata" must be used to add a line that identifies the author of the rule and the date it was created.
The metadata keyword is used to store additional information about the rule, such as authorship and creation date.
Steps:
* In FMC, navigate toPolicies > Intrusion > Rules.
* Create a new rule or edit an existing one.
* Use the "metadata" keyword to add information about the author and date.
Example:
metadata: created_at 2023-06-15, author "John Doe";
By using the metadata keyword, you ensure that the rule contains relevant information for tracking its creation and authorship, which is essential for maintaining rule documentation and accountability.
References:Cisco Secure Firewall Management Center Intrusion Policy Guide, Chapter on Custom Rule Creation and Metadata Usage.

To configure Active Directory authentication for VPN authentication on a Cisco Secure Firewall Threat Defense (FTD) instance registered with Cisco Secure Firewall Management Center (FMC), the administrator needs to configure Realms in the System settings of the FMC. Realms in FMC are used to define the directory servers (e.g., Active Directory) and how they are used for user authentication.
Steps to configure this in FMC:
Navigate to System > Integration > Realms and Directory.
Add a new realm and configure the necessary details such as the directory server type (e.g., Active Directory), server address, and bind credentials.
Test the connection to ensure it works correctly.
This setup allows the FMC to authenticate VPN users against the Active Directory, thereby enabling secure access control for VPN connections.