Cisco Cisco Firepower Management Center 4000
Glossary
GL-23
FireSIGHT System User Guide
FireAMP
Cisco’s enterprise-class,
-based, advanced malware analysis and protection solution that
discovers, understands, and blocks malware outbreaks, persistent threats, and targeted attacks. If your
organization has a
organization has a
, individual users install lightweight
endpoints (computers, mobile devices), which then communicate with the
. This allows you to quickly identify and quarantine malware, as well as identify
outbreaks when they occur, track their trajectory, understand their effects, and learn how to successfully
recover. You can also use the
recover. You can also use the
to create custom protections, block execution of certain
applications, and create custom whitelists. Compare with network-based
FireAMP Connector
A lightweight agent that users in a subscription-based
deployment install on
s, such
as computers and mobile devices. Connectors communicate with the
, exchanging information that allow you to quickly identify and quarantine malware throughout
your organization. They can also identify
on endpoint hosts.
FireAMP portal
deployment.
FireAMP subscription
A separately purchased subscription that allows your organization to use
as an
, which you enable on managed
s to perform network-based AMP.
FireSIGHT license
The default license on the
, which allows you to perform
, and user
discovery. The FireSIGHT license also determines how many individual
s and users you can monitor
with the
and its managed
s, as well as the number of
s you
can use in
s to perform
FireSIGHT Recommendations layer
in an
that exists when you allow the system to modify
recommended by the
feature.
FireSIGHT recommended rules
A feature that recommends which rules should be enabled or disabled in your
, based on
information from your
. You can choose to allow the system to modify
s based on
recommendations, in which case the system adds a read-only
GeoDB
See
.
geolocation
A feature that provides data on the geographical source of routable IP addresses detected in traffic on
your monitored network, including connection type, internet service provider, and so on. You can see
geolocation information, which is stored in the
your monitored network, including connection type, internet service provider, and so on. You can see
geolocation information, which is stored in the
s,