Cisco Cisco Firepower Management Center 2000 Notas de publicación
3
FireSIGHT System Release Notes
New Features and Functionality
advanced malware protection, application control, user and group control, file control, and URL filtering and then apply
those configurations to multiple ASA devices all at once. In addition, Defense Centers provide critical dashboards, event
views, alerting capabilities, and reporting from all of your ASA FirePOWER devices in a single view.
those configurations to multiple ASA devices all at once. In addition, Defense Centers provide critical dashboards, event
views, alerting capabilities, and reporting from all of your ASA FirePOWER devices in a single view.
Direct Management of Cisco ASA with FirePOWER Services
Cisco’s Adaptive Security Device Manager (ASDM) can be used to perform the same ASA FirePOWER management
functions listed above, but only on one ASA device at a time (the ASA5506H-X, ASA5506W-X, ASA5508-X, and
ASA5516-X devices). In addition, you can manage system policies, licensing, and back up and restore directly.
functions listed above, but only on one ASA device at a time (the ASA5506H-X, ASA5506W-X, ASA5508-X, and
ASA5516-X devices). In addition, you can manage system policies, licensing, and back up and restore directly.
Management Limitations of Cisco ASA with FirePOWER Services
At the current time, the Cisco ASA FirePOWER product consists of two different products tightly integrated with each
other: the ASA Firewall and the FirePOWER Next-Generation Intrusion Prevention System (NGIPS). Whereas critical data
sharing between the two has been accomplished, a unified management platform is still in development.
other: the ASA Firewall and the FirePOWER Next-Generation Intrusion Prevention System (NGIPS). Whereas critical data
sharing between the two has been accomplished, a unified management platform is still in development.
For this reason, the Cisco ASA functionality is currently managed through the Cisco Security Manager (CSM) or the
Adaptive Security Device Manager (ASDM), and the FirePOWER Services functionality is managed through the Cisco
Defense Center. As a result, the Defense Center does not support any of the following capabilities:
Adaptive Security Device Manager (ASDM), and the FirePOWER Services functionality is managed through the Cisco
Defense Center. As a result, the Defense Center does not support any of the following capabilities:
Cisco ASA hardware-based features, including clustering, stacking, switching, routing, virtual private networks
(VPN), and network address translation (NAT).
(VPN), and network address translation (NAT).
Configuring ASA interfaces. In addition, when FirePOWER Services are deployed in SPAN port mode, any ASA
interfaces that have been configured will not be displayed.
interfaces that have been configured will not be displayed.
Shutting down, restarting or otherwise managing ASA processes.
Creating or restoring backups from ASA devices.
Writing access control rules to match traffic using VLAN tag conditions.
Note:
The ASA platform provides these features, configured using the ASA command line interface (CLI) and ASDM. For
more information, see the ASA FirePOWER module documentation.
Terminology
If you reference documentation for Version 5.3.1.x or Version 5.3.0.x, you may notice the terminology differs from the
documentation for Version 5.4.0.2 and Version 5.4.1.1.
documentation for Version 5.4.0.2 and Version 5.4.1.1.
Table 1
Changes to Terminology
Version 5.4.0.2 and Version 5.4.1.1
Terminology
Terminology
Description
Cisco
Formerly Sourcefire
FireSIGHT System
Formerly Sourcefire 3D System
Defense Center
FireSIGHT Defense Center
Cisco FireSIGHT Management Center
Formerly Sourcefire Defense Center
device
managed device
Formerly Sourcefire managed device
Cisco NGIPS for Blue Coat X-Series
Formerly Sourcefire Software for X-Series
FireSIGHT managed devices
Refers to all devices managed by a FireSIGHT Defense Center (managed devices
and ASA devices)
and ASA devices)