Cisco Cisco Firepower Management Center 4000
1-16
FireSIGHT System User Guide
Chapter 1 Introduction
Documentation Conventions
Malware
A Malware license allows managed devices to perform network-based advanced malware protection
(AMP), that is, to detect, capture, and block malware in files transmitted over your network and to
submit those files for dynamic analysis. It also allows you to view trajectories, which track files
transmitted over your network. A Malware license requires a Protection license.
(AMP), that is, to detect, capture, and block malware in files transmitted over your network and to
submit those files for dynamic analysis. It also allows you to view trajectories, which track files
transmitted over your network. A Malware license requires a Protection license.
VPN
A VPN license allows you to build secure VPN tunnels between the virtual routers of Cisco managed
devices. A VPN license requires Protection and Control licenses.
devices. A VPN license requires Protection and Control licenses.
Because licensed capabilities are often additive, this documentation only provides the highest required
license for each feature. For example, if a feature requires FireSIGHT, Protection, and Control licenses,
only Control is listed.
license for each feature. For example, if a feature requires FireSIGHT, Protection, and Control licenses,
only Control is listed.
An “or” statement in a License statement indicates that a particular license is required to use the feature
described in the section, but an additional license can add functionality. For example, within a file policy,
some file rule actions require a Protection license while others require a Malware license. So, the License
statement for the documentation on file rules lists “Protection or Malware.”
described in the section, but an additional license can add functionality. For example, within a file policy,
some file rule actions require a Protection license while others require a Malware license. So, the License
statement for the documentation on file rules lists “Protection or Malware.”
Note that because of architecture and resource limitations, not all licenses can be applied to all managed
devices. In general, you cannot license a capability that a device does not support; see
devices. In general, you cannot license a capability that a device does not support; see
. For more information on how your licenses affect the
features you can use, including information on using legacy RNA Host and RUA User licenses, see
Supported Device and Defense Center Conventions
The Supported Devices statement at the beginning of a section indicates that a feature is supported only
on the specified device series, family, or model. For example, stacking is only supported on Series 3
devices. If a section does not have a Supported Devices statement, the feature is supported on all devices,
or the section does not apply to managed devices.
on the specified device series, family, or model. For example, stacking is only supported on Series 3
devices. If a section does not have a Supported Devices statement, the feature is supported on all devices,
or the section does not apply to managed devices.
For more information on platforms supported by this release, see
.
Access Conventions
The Access statement at the beginning of each procedure in this documentation indicates the predefined
user role required to perform the procedure. A forward slash separating roles indicates that any of the
listed roles can perform the procedure. The following table defines common terms that appear in the
Access statement.
user role required to perform the procedure. A forward slash separating roles indicates that any of the
listed roles can perform the procedure. The following table defines common terms that appear in the
Access statement.
Table 1-4
Access Conventions
Access Term
Indicates
Access Admin
User must have the Access Control Admin role
Admin
User must have the Administrator role
Any
User can have any role
Any/Admin
User can have any role, but only the Administrator role has unrestricted
access (such as the ability to view other users’ data saved as private)
access (such as the ability to view other users’ data saved as private)