cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1921
Views
0
Helpful
3
Replies

Firepower Integration

evan.chadwick1
Level 1
Level 1

Does Cisco Endpoint fully integrate directly to FMC (Firepower)?
Or does FMC only get intelligence from endpoint sent to Threat Grid and then down to FMC(Firepower)?

Want to know how much intelligence the endpoint can feed into the FMC.

3 Replies 3

Muhammad Awais Khan
Cisco Employee
Cisco Employee

Hi,

 

When we said integration of FMC with AMP4E, we are actually integration AMP for Network component in FMC to AMP4E. It give us following benefits and controls:

 

- Centralize Blacklist/Whitelist. Your AMP4E configured Whitelist/Black list policies in AMP4E will be pushed to FMC also

- Co related events. With the help of this integration, in FMC malware events, you will be getting lot of contextual information from AMP4E about the malware events, IOCs, Scans, cloud recalls.

 

With this integration, it is uni-directional transfer of polices and events from AMP4E to FMC

 

Reference:

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/file_policies_and_advanced_malware_protection.html#id_96014

Thanks, I had a read of that link. 
It does not state whether AMP4E has a direct channel to FMC. 
I'm wondering if information is fed via Cloud channels instead?

 

The FMC/AMP events integration utilizes the AMP API.  Additional information here:
https://api-docs.amp.cisco.com/

 

Thanks,

Matt