Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3296
Views
0
Helpful
6
Replies

Submitting files for Dyn Analysis: from SFR module or could it be done by FMC?

Go to solution
cpaquet
Level 1
Level 1

‎08-31-2016 02:23 PM - edited ‎02-20-2020 09:01 PM

By reading the FirePOWER documentation and by looking at Cisco Live slides (see uploaded slide), it seems that files are submitted for dynamic analysis by the ASA-SFR directly for dynamic analysis.  

Could the files be submitted for dynamic analysis by FMC 6.0 instead of SFR?

Thanks,

Cath.

Labels:
Preview file
128 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
majacob2
Cisco Employee
Cisco Employee

‎09-07-2016 12:42 PM

Hey Cath,

     Dynamic analysis capable files are sent by the sensor to the cloud for analysis. The sensor in your deployment is the SFR module on the ASA. The way that dynamic analysis is designed, the file is only sent from the SFR module. There is no configuration that allows you to send file from the FMC for dynamic analysis. The file is intercepted at the sensor (SFR Module), not the FMC, so we have to send the file from the sensor to be analyzed. I hope this addresses your question adequately. Have a nice day!

Regards,

Matt J

FireAMP Engineer @Cisco

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Jetsy Mathew
Cisco Employee
Cisco Employee

‎09-02-2016 12:22 AM

Hello Team,

For dynamic analysis, files are never sent from FMC and thus its not possible to use it instead of SFR.

Rate and mark correct if the post helps you.

Regards

Jetsy 

0 Helpful

Go to solution
Jetsy Mathew
Cisco Employee
Cisco Employee
In response to Jetsy Mathew

‎09-06-2016 10:49 PM

Hello Team,

Is your queries clear ?

If so , please rate and mark correct if the post helps you.

Regards

Jetsy 

0 Helpful

Go to solution
majacob2
Cisco Employee
Cisco Employee

‎09-07-2016 12:40 PM

Hey Cath,

     Dynamic analysis capable files are sent by the sensor to the cloud for analysis. The sensor in your deployment is the SFR module on the ASA. The way that dynamic analysis is designed, the file is only sent from the SFR module. There is no configuration that allows you to send file from the FMC for dynamic analysis. The file is intercepted at the sensor (SFR Module), not the FMC, so we have to send the file from the sensor to be analyzed. I hope this addresses your question adequately. Have a nice day!

Regards,

Matt J

FireAMP Engineer @Cisco

0 Helpful

Go to solution
majacob2
Cisco Employee
Cisco Employee

‎09-07-2016 12:42 PM

Hey Cath,

     Dynamic analysis capable files are sent by the sensor to the cloud for analysis. The sensor in your deployment is the SFR module on the ASA. The way that dynamic analysis is designed, the file is only sent from the SFR module. There is no configuration that allows you to send file from the FMC for dynamic analysis. The file is intercepted at the sensor (SFR Module), not the FMC, so we have to send the file from the sensor to be analyzed. I hope this addresses your question adequately. Have a nice day!

Regards,

Matt J

FireAMP Engineer @Cisco

0 Helpful

Go to solution
TS-Networker
Level 1
Level 1
In response to majacob2

‎03-25-2019 08:00 AM

what if you are dealing with sensitive documents? would dynamic analysis upload those sensitive documents to the cloud for analysis?

0 Helpful

Go to solution
Jetsy Mathew
Cisco Employee
Cisco Employee

‎09-13-2016 06:52 AM

Hello Team,

Is your queries are clear now ?

Regards

Jetsy 

0 Helpful
Customers Also Viewed These Support Documents