Cisco Firepower NGIPS is available on multiple platforms. One of deployment option you have is virtual appliance running on top of ESXi hypervisor. This product is called NGIPSv in Cisco documentation.
Using a single physical machine with ESXi hypervisor in an isolated network is one of the best ways to perform Proof of Concept (PoC) labs for IPS solution. You cannot evaluate the product without testing it in a sandbox where you can try to hack it, infect it or do any other nasty things. This way, you can in single ESXi run NGIPSv, Firepower Management Center (FMCv) and one or more VMs in the back.
Here is a quick step-by-step guide how to deploy NGIPSv in transparent mode on single ESXi host. What we want to accomplish is having NGIPSv in front of other virtual machines. In this scenario, there is no firewall, just NGIPSv sensor. It is of course not the safest, the best practice and the most flexible way to deploy sensor. You should not use it just like that in your production network. I use this setup only for quick demo purposes when I want to show how Cisco Firepower NGIPS solution is working, get network discovery working, some IPS policy and get the end host infected by malware.
Read More →