Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7217
Views
0
Helpful
3
Replies

Connect Cisco AMP for Endpoints console with Cisco FMC / ASA with Firepower console

Go to solution
Jorge Neyton Avila Pacheco
Level 4
Level 4

‎09-06-2016 07:41 AM - edited ‎02-20-2020 09:01 PM

Hi Team,

We have an ASA5506 with Firepower managed by a FMC v6 running a PoC with a customer. We are adding in this project Cisco AMP for Endpoints due customer is interested to test the solution and see how is the integration of these two solutions.

Question:

How can we add in the FMC console the Cisco AMP for Endpoints console or information? 

In a webex session, I have seen that is possible to have this two solutions working together in order to have strong visibility about security events.

If you have documentation about how to do this, I really appreciate.

Thanks in advance,

Neyton Avila

Cisco Solutions Consultant Engineer

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
majacob2
Cisco Employee
Cisco Employee

‎09-06-2016 03:34 PM

Hey Jorge,

     This can be done as long as the customer has an AMP for Endpoints deployment. In the FMC you can configure the AMP Cloud connection and connect the endpoints to the FMC. Please see the link below for the configuration guide. I have directly linked this below:

Firepower Management Center Configuration Guide, Version 6.0 - File Policies and AMP for Firepower [Cisco FirePOWER 8000 Series Appliances] - Cisco : http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reference_a_wrapper_Chapter_topic_here.html#ID-2193-000004ba

This will walk you through configuring the AMP cloud to the FMC and once you authorize the appliance in the AMP portal (occurs during config) you will allow the data from the AMP cloud to be sent to the FMC regarding the endpoints in their network.

Regards,

Matt J

FireAMP Engineer @Cisco

View solution in original post

0 Helpful
3 Replies 3

Go to solution
majacob2
Cisco Employee
Cisco Employee

‎09-06-2016 03:34 PM

Hey Jorge,

     This can be done as long as the customer has an AMP for Endpoints deployment. In the FMC you can configure the AMP Cloud connection and connect the endpoints to the FMC. Please see the link below for the configuration guide. I have directly linked this below:

Firepower Management Center Configuration Guide, Version 6.0 - File Policies and AMP for Firepower [Cisco FirePOWER 8000 Series Appliances] - Cisco : http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reference_a_wrapper_Chapter_topic_here.html#ID-2193-000004ba

This will walk you through configuring the AMP cloud to the FMC and once you authorize the appliance in the AMP portal (occurs during config) you will allow the data from the AMP cloud to be sent to the FMC regarding the endpoints in their network.

Regards,

Matt J

FireAMP Engineer @Cisco

0 Helpful

Go to solution
Victor Emmanuel Garcia Ruiz
Level 1
Level 1
In response to majacob2

‎12-11-2016 07:14 PM

Hi Matt,

What about mobile users, how the AMP connector works in that scenario? Is FMC added to the agents as the primary "connector" and the Cloud as backup?

I hope you can clarify this to me, thanks in advance.

Regards!

0 Helpful

Go to solution
antienho
Level 1
Level 1

‎10-17-2017 05:28 AM

Hi,

 

Thanks for the post, I am in same situation. The link between FMC and private cloud is not trouble but there are following question.

1, when link them up, how the policy sync up? is it from FMC to private cloud or from private cloud to FMC or they "merge"? no document explain this part, as far as my study upon.

2, the endpoint seem point to AMP sensor, not the FMC (may be I am wrong). if so how to directly integrate the AMP module from ASA? they all under FMC management.

 

Thanks

 

Antien Ho

0 Helpful
Customers Also Viewed These Support Documents