Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1941
Views
0
Helpful
1
Replies

Advanced Malware Protection rule about Malware Cloud Lookup

yangui319
Level 1
Level 1

ā€Ž12-03-2016 05:31 AM - edited ā€Ž02-20-2020 09:02 PM

I have some questions about AMP Rules about Malware Cloud Lookup with Firepower Management Center(FMC).

Some documents says that with these rules, the FMC will sends the SHA256 hash of a file to the cloud for analysis. How the SHA256 hash is calculated, i mean with which part of file, i guess it should use the whole file to calculated SHA256, but in my lab, even with the same file, it calculated different values. So, i was confused.

The other question is that, how the FMC connect to the AMP public cloud. Do i need a classic license for FMC? I only have evaluation license now, only for self-studying.

Thanks!

Labels:
Preview file
146 KB
Preview file
99 KB
Preview file
161 KB
Preview file
119 KB
0 Helpful
1 Reply 1

Farhan Mohamed
Cisco Employee
Cisco Employee

ā€Ž01-31-2017 02:50 AM

No you do not need i suppose. Please read how to avoid malware in the link below, If you still do not find answer. Please revert.

http://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401/AMP-Config.pdf

0 Helpful
Customers Also Viewed These Support Documents