11-28-2019 10:34 AM - edited 02-21-2020 09:44 AM
Hello!
Network file trajectory:
"Cisco maps how hosts transfer files, including malware files, across your network. It can see if a file transfer was blocked or the file was quarantined. This provides a means to scope, provide outbreak controls, and identify patient zero." - https://www.cisco.com/c/m/en_us/products/security/firewalls/competitive-comparison.html#~competitive=0
What products do customers need to offer to implement the "Network file trajectory" features?
If we don't put Firepower into the east-west path of the traffic than we can not see file trajectory across customer network without additional products such as, for example, AMP for Endpoint ?!
So, in design (case 1 in attach) without AMP for Endpoint do I not see file trajectory between host B and C ?
Or do I need additional Firepower between host B and C (case 2 in attach) or AMP for Endpoint on both hosts ?
Could you correct me if I am wrong?
Solved! Go to Solution.
11-28-2019 01:27 PM
11-28-2019 12:09 PM
Hi,
It probably wouldn't be feasible or scalable to put a Firepower appliance in between host B and C in order to filter intra VLAN traffic. You should implement AMP for Endpoints.
HTH
11-28-2019 12:49 PM
Definitely :)
So, does AMP for Endpoint is mandatory element in file trajectory functionality?
11-28-2019 01:00 PM
11-28-2019 01:18 PM
does Firepower can to quarantine the device if infected without ISE ?
11-28-2019 01:27 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide