When deploying a Cisco ASA Firepower module, an organization wants to evaluate the contents of the traffic without affecting the network.
It is currently configured to have more than one instance of the same device on the physical appliance.
Which deployment mode meets the needs of the organization?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
When deploying a Cisco ASA Firepower module, an organization wants to evaluate the contents of the traffic without affecting the network. The organization's requirement indicates that they need to monitor the network traffic without disrupting the normal network operation.
To meet this requirement, the Cisco ASA Firepower module can be deployed in either Inline mode or Passive mode. However, since the organization wants to evaluate the contents of the traffic without affecting the network, the Inline mode is not suitable for this scenario. The Inline mode can impact network performance, and it is generally used when there is a need to actively block or allow traffic.
The remaining options are Passive tap monitor-only mode and Inline tap monitor-only mode. In Passive tap monitor-only mode, the Firepower module is connected to a span port on a switch. This allows the Firepower module to see all the traffic on the span port without impacting the traffic flow. The Firepower module can analyze the traffic and generate alerts, but it cannot block or allow traffic.
In Inline tap monitor-only mode, the Firepower module is inserted between the switch and the firewall. In this mode, the Firepower module sees all the traffic passing through it, but it does not actively block or allow traffic. This mode is suitable when the organization needs to see all the traffic but cannot risk disrupting the network.
Therefore, the deployment mode that meets the needs of the organization is Passive tap monitor-only mode, as it allows the Firepower module to monitor the traffic without affecting the network.