It’s official! FTD 6.5/ASA 9.13.1 have been released. 6.5/9.13.1 is a critical achievement, delivering key features and functionality in four of our five core focus areas:

Unified Policy and Threat Visibility

Deploy Everywhere

Ease of Use and Deployment

World-Class Security Controls

The release enables exciting use cases for customers of all sizes, improves hardware migration capabilities, and builds a foundation for future architectural plays. Destination SGT support – one of the most commonly anticipated features – not only improves access policy abstraction and unlocks a path to SDA integration, but also adds Security Group TAG eXchange Protocol (SXP) support for those customers who want to use ISE and FTD exclusively with Trustsec.

A continued investment in FMC reveals a much-improved initial setup experience, a whole new UI look and feel along with access policy filtering, object lookup, and NAT listing capabilities that simplify day-to-day management tasks significantly. Migrating between different FMC models, including a scaled-up FMCv for up to 250 managed devices, is now much easier. FMC also increases the number of management domains from 50 to 1024 for service providers and other customers who employ multi-tenancy. Customers looking for more flexible managed device automation with custom orchestration solutions can now use FDM and full device API capabilities with native FTD application on Firepower 4100 and 9300 platforms, paving the way for future CDO support.

The Firepower 1000 device family adds a higher-capacity model and delivers full ASA and FTD application support across the board. The new software also enables the built-in hardware switch with PoE capabilities on Firepower 1010, thus allowing smaller customers and remote branches to replace multiple network devices with a single security appliance. The new appliance mode for all 1100 and 2100 devices automates provisioning and simplifies operation of ASA deployments, making it easier for legacy mid-range ASA customers to migrate.

Security customers who leverage Azure public cloud will find FTDv support with larger instances as well as a pay-as-you-go billing model. FDM support is now also available.

Last but not least, FTD 6.5 switches to a Talos-backed URL Filtering solution with up to 109 web categories. While this change is purposely designed to be as transparent to existing customers as possible, the overall FMC configuration workflow has been significantly optimized for the expanded and modified capabilities, including submission of URLs for dispute directly from the UI. The feature remains compatible with pre-6.5 devices that use the legacy URL Filtering engine.

Release breakdown:

For more information, refer to the Firepower 6.5 release notes.

- Joel Ferman