Requirements and Prerequisites for Inline Sets
User Roles
-
Admin
-
Access Admin
-
Network Admin
Hardware Bypass Support
The threat defense supports Hardware Bypass for interface pairs on specific network modules on the following models:
-
Firepower 2130 and 2140
-
Secure Firewall 3100
-
Firepower 4100
-
Secure Firewall 4200
-
Firepower 9300
Note | The ISA 3000 has a separate implementation for Hardware Bypass, which you can enable using FlexConfig only (see FlexConfig Policies). Do not use this chapter to configure ISA 3000 Hardware Bypass. |
Note | You can use Hardware Bypass interfaces as regular interfaces without the Hardware Bypass feature enabled. |
The supported Hardware Bypass network modules for these models include:
-
Firepower 2130 and 2140:
-
Firepower 6-port 1G SX FTW Network Module single-wide (FPR2K-NM-6X1SX-F)
-
Firepower 6-port 10G SR FTW Network Module single-wide (FPR2K-NM-6X10SR-F)
-
Firepower 6-port 10G LR FTW Network Module single-wide (FPR2K-NM-6X10LR-F)
-
-
Secure Firewall 3100:
-
6-port 1G SFP Fail-to-Wire Network Module, SX (multimode) (FPR3K-XNM-6X1SXF)
-
6-port 10G SFP Fail-to-Wire Network Module, SR (multimode) (FPR3K-XNM-6X10SRF)
-
6-port 10G SFP Fail-to-Wire Network Module, LR (single mode) (FPR3K-XNM-6X10LRF)
-
6-port 25G SFP Fail-to-Wire Network Module, SR (multimode) (FPR3K-XNM-X25SRF)
-
6-port 25G Fail-to-Wire Network Module, LR (single mode) (FPR3K-XNM-6X25LRF)
-
8-port 1G Copper Fail-to-Wire Network Module, RJ45 (copper) (FPR3K-XNM-8X1GF)
-
-
Secure Firewall 4200:
-
6-port 1G SFP Fail-to-Wire Network Module, SX (multimode) (FPR4K-XNM-6X1SXF)
-
6-port 10G SFP Fail-to-Wire Network Module, SR (multimode) (FPR4K-XNM-6X10SRF)
-
6-port 10G SFP Fail-to-Wire Network Module, LR (single mode) (FPR4K-XNM-6X10LRF)
-
6-port 25G SFP Fail-to-Wire Network Module, SR (multimode) (FPR4K-XNM-X25SRF)
-
6-port 25G Fail-to-Wire Network Module, LR (single mode) (FPR4K-XNM-6X25LRF)
-
8-port 1G Copper Fail-to-Wire Network Module, RJ45 (copper) (FPR4K-XNM-8X1GF)
-
-
Firepower 4100:
-
Firepower 6-port 1G SX FTW Network Module single-wide (FPR4K-NM-6X1SX-F)
-
Firepower 6-port 10G SR FTW Network Module single-wide (FPR4K-NM-6X10SR-F)
-
Firepower 6-port 10G LR FTW Network Module single-wide (FPR4K-NM-6X10LR-F)
-
Firepower 2-port 40G SR FTW Network Module single-wide (FPR4K-NM-2X40G-F)
-
Firepower 8-port 1G Copper FTW Network Module single-wide (FPR-NM-8X1G-F)
-
-
Firepower 9300:
-
Firepower 6-port 10G SR FTW Network Module single-wide (FPR9K-NM-6X10SR-F)
-
Firepower 6-port 10G LR FTW Network Module single-wide (FPR9K-NM-6X10LR-F)
-
Firepower 2-port 40G SR FTW Network Module single-wide (FPR9K-NM-2X40G-F)
-
Hardware Bypass can only use the following port pairs:
-
1 & 2
-
3 & 4
-
5 & 6
-
7 & 8