Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
2883
Views
0
Helpful
1
Replies

Network Communications Matrix AMP deployment

Simon Rittner
Level 1
Level 1

ā€Ž10-06-2017 03:15 AM - edited ā€Ž02-20-2020 09:05 PM

Hi folks,

we want to set up an AMP for network deployment with Private Cloud appliance, Threat Grid Appliance and FMC in a critical customerĀ“s environment. Of course - security comes first - so there are many security zones and firewalls already in place.

The Firepower appliances and other components will be spread all over the network and security zones..

Which ports and communications are beeing used in between the Firepower Appliances, FMC, Threat Grid Appliance and Privat Cloud Appliance?

Will the file hash lookup be executed by the FMC or directly by each Firpower Appliance?

Is there any communications matrix within documentation that we missed?

We would appreciate any hint on this matter..


Cheers!

0 Helpful
1 Reply 1

yogdhanu
Cisco Employee
Cisco Employee

ā€Ž12-20-2017 10:34 AM

Hello,

I assume its already been done, But I will try to answer.

To start with, here are 2 guide for AMP VPC and TG.

Cisco Threat Grid - Install and Upgrade Guides - Cisco

https://www.cisco.com/c/en/us/support/docs/security/sourcefire-fireamp-private-cloud-virtual-appliance/118336-configure-fireampprivatecloud-00.html

To answer your question, FMC and AMP VPC would communicate to threatgrid clean interface for sand-boxing.

Firepower sensor would directly talk to  TG box for dynamic analysis clean interface.

Hash lookup is done from FMC to AMP VPC. FMC does also communicate to TG clear interface for dynamic analysis.

Thanks

Yogesh

0 Helpful
Customers Also Viewed These Support Documents