Install Cisco NGIPSv 6.2 on EVE-NG.
Download Cisco_Firepower_NGIPSv_VMware-6.2.0-362.tar.gz from Cisco Site.
Winscp to EVE-NG /root folder “Cisco_Firepower_NGIPSv_VMware-6.2.0-362.tar.gz”
Below steps.,
771.) tar -xvf Cisco_Firepower_NGIPSv_VMware-6.2.0-362.tar.gz
2.) /opt/qemu/bin/qemu-img convert -c -p -O qcow2 Cisco_Firepower_NGIPSv_VMware-6.2.0-362-disk1.vmdk scsia.qcow2
3.) mkdir /opt/unetlab/addons/qemu/firepower6-ngips-620/
4.) cp scsia.qcow2 /opt/unetlab/addons/qemu/firepower6-ngips-620/
5.) /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
Adding NGIPSv to EVE-Ng LAB
connecting Eth0 to MGMT
Start the node
Once install successfully after 30min ( depend on your CPU and RAM)
Once EULA Accepted you need to setup network configuration as per your setup.
My setup iam using 192.168.1.71 is my NGIPSv IP.
I have setup NGIPSv as inline mode
Understanding Detection Modes
The detection mode you choose for a virtual device determines how the system initially configures the device’s interfaces, and whether those interfaces belong to an inline set or security zone. The detection mode is not a setting you can change later; it is simply an option you choose during setup that helps the system tailor the device’s initial configurations. In general, you should choose a detection mode based on how your device is deployed.
Passive
Choose this mode if your device is deployed passively, as an intrusion detection system (IDS). In a passive deployment, virtual devices can perform network-based file and malware detection, and Security Intelligence monitoring, as well as network discovery.
Inline
Choose this mode if your device is deployed inline, as an intrusion prevention system (IPS).
Note
: Although general practice in IPS deployments is to fail open and allow non-matching traffic, inline sets on virtual devices lack bypass capability.
configure manager configuration, so from FMC you can manage NGIPS
Now the installation of NGIPSv is done,
I will show to another blog how to added NGIPSv to FMC
Happy Labbing !