Hello, we are looking into using the FTDv on the edge of our Azure network. Is the IPS feature-set managed by Cisco? Will the definitions be automatically updated? If not, would it be better to use an ASAv and then purchase a separate virtual appliance outsourced to another company?
Just to clarify a little more, our on-prem consists of a physical ASA and an outsourced IPS device (iSensor by Dell Secureworks) that sits in front of the ASA. My question is, are the IPS, AMP, and other security features of the FTDv managed by Cisco? For example will they automatically update definition files, actively quarantine/drop packets? In essence we don't have the man power to commit someone fully to managing rules and security, we'd like something with minimal management. Should we be looking at possibly using an ASAv with a separate outsourced IPS appliance in the cloud?
Thanks for any help with this question!