Cisco Cisco Firepower Management Center 4000
4-22
FireSIGHT System User Guide
Chapter 4 Using the Context Explorer
Understanding the Context Explorer
Hover your pointer over any part of the graph to view more detailed information. Click any part of the
graph to filter or drill down on that information.
graph to filter or drill down on that information.
Note that you must have a Malware license and enable malware detection for this graph to include
network-based malware data. Note also that neither the DC500 Defense Center nor Series 2 devices
support advanced malware detection, so the DC500 Defense Center cannot display this data and Series 2
devices do not detect it. See
network-based malware data. Note also that neither the DC500 Defense Center nor Series 2 devices
support advanced malware detection, so the DC500 Defense Center cannot display this data and Series 2
devices do not detect it. See
This graph draws data primarily from the File Events table.
Viewing the Files by Disposition Graph
License:
Protection or Malware
Supported Devices:
feature dependent
Supported Defense Centers:
feature dependent
The Top File Types graph, in pie form, displays a proportional view of the malware dispositions for files
detected in network traffic. Note that only files for which the Defense Center performed a Collective
Security Intelligence Cloud lookup (which requires a Malware license) have dispositions. Files that did
not trigger a cloud lookup have a disposition of
detected in network traffic. Note that only files for which the Defense Center performed a Collective
Security Intelligence Cloud lookup (which requires a Malware license) have dispositions. Files that did
not trigger a cloud lookup have a disposition of
N/A
. The disposition
Unavailable
indicates that the
Defense Center could not perform a malware cloud lookup. See
for descriptions of the other dispositions.