03-04-2020 04:49 PM
Does Cisco Endpoint fully integrate directly to FMC (Firepower)?
Or does FMC only get intelligence from endpoint sent to Threat Grid and then down to FMC(Firepower)?
Want to know how much intelligence the endpoint can feed into the FMC.
03-04-2020 06:16 PM
Hi,
When we said integration of FMC with AMP4E, we are actually integration AMP for Network component in FMC to AMP4E. It give us following benefits and controls:
- Centralize Blacklist/Whitelist. Your AMP4E configured Whitelist/Black list policies in AMP4E will be pushed to FMC also
- Co related events. With the help of this integration, in FMC malware events, you will be getting lot of contextual information from AMP4E about the malware events, IOCs, Scans, cloud recalls.
With this integration, it is uni-directional transfer of polices and events from AMP4E to FMC
Reference:
04-14-2020 03:13 PM
Thanks, I had a read of that link.
It does not state whether AMP4E has a direct channel to FMC.
I'm wondering if information is fed via Cloud channels instead?
04-14-2020 03:43 PM
The FMC/AMP events integration utilizes the AMP API. Additional information here:
https://api-docs.amp.cisco.com/
Thanks,
Matt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide