09-06-2016 07:41 AM - edited 02-20-2020 09:01 PM
Hi Team,
We have an ASA5506 with Firepower managed by a FMC v6 running a PoC with a customer. We are adding in this project Cisco AMP for Endpoints due customer is interested to test the solution and see how is the integration of these two solutions.
Question:
How can we add in the FMC console the Cisco AMP for Endpoints console or information?
In a webex session, I have seen that is possible to have this two solutions working together in order to have strong visibility about security events.
If you have documentation about how to do this, I really appreciate.
Thanks in advance,
Neyton Avila
Cisco Solutions Consultant Engineer
Solved! Go to Solution.
09-06-2016 03:34 PM
Hey Jorge,
This can be done as long as the customer has an AMP for Endpoints deployment. In the FMC you can configure the AMP Cloud connection and connect the endpoints to the FMC. Please see the link below for the configuration guide. I have directly linked this below:
Firepower Management Center Configuration Guide, Version 6.0 - File Policies and AMP for Firepower [Cisco FirePOWER 8000 Series Appliances] - Cisco : http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reference_a_wrapper_Chapter_topic_here.html#ID-2193-000004ba
This will walk you through configuring the AMP cloud to the FMC and once you authorize the appliance in the AMP portal (occurs during config) you will allow the data from the AMP cloud to be sent to the FMC regarding the endpoints in their network.
Regards,
Matt J
FireAMP Engineer @Cisco
09-06-2016 03:34 PM
Hey Jorge,
This can be done as long as the customer has an AMP for Endpoints deployment. In the FMC you can configure the AMP Cloud connection and connect the endpoints to the FMC. Please see the link below for the configuration guide. I have directly linked this below:
Firepower Management Center Configuration Guide, Version 6.0 - File Policies and AMP for Firepower [Cisco FirePOWER 8000 Series Appliances] - Cisco : http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reference_a_wrapper_Chapter_topic_here.html#ID-2193-000004ba
This will walk you through configuring the AMP cloud to the FMC and once you authorize the appliance in the AMP portal (occurs during config) you will allow the data from the AMP cloud to be sent to the FMC regarding the endpoints in their network.
Regards,
Matt J
FireAMP Engineer @Cisco
12-11-2016 07:14 PM
Hi Matt,
What about mobile users, how the AMP connector works in that scenario? Is FMC added to the agents as the primary "connector" and the Cloud as backup?
I hope you can clarify this to me, thanks in advance.
Regards!
10-17-2017 05:28 AM
Hi,
Thanks for the post, I am in same situation. The link between FMC and private cloud is not trouble but there are following question.
1, when link them up, how the policy sync up? is it from FMC to private cloud or from private cloud to FMC or they "merge"? no document explain this part, as far as my study upon.
2, the endpoint seem point to AMP sensor, not the FMC (may be I am wrong). if so how to directly integrate the AMP module from ASA? they all under FMC management.
Thanks
Antien Ho
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide