Cisco Cisco FirePOWER Appliance 8390
C H A P T E R
1-1
FireSIGHT System User Guide
1
Introduction
The Cisco FireSIGHT® System combines the security of an industry-leading network intrusion
protection system with the power to control access to your network based on detected applications, users,
and URLs. You can also use FirePOWER appliances to serve in a switched, routed, or hybrid (switched
and routed) environment; to perform network address translation (NAT); and to build secure virtual
private network (VPN) tunnels between the virtual routers of FirePOWER managed devices.
protection system with the power to control access to your network based on detected applications, users,
and URLs. You can also use FirePOWER appliances to serve in a switched, routed, or hybrid (switched
and routed) environment; to perform network address translation (NAT); and to build secure virtual
private network (VPN) tunnels between the virtual routers of FirePOWER managed devices.
The FireSIGHT Defense Center® provides a centralized management console and database repository
for the FireSIGHT System. Managed devices installed on network segments monitor traffic for analysis.
for the FireSIGHT System. Managed devices installed on network segments monitor traffic for analysis.
Devices in a passive deployment monitor traffic flowing across a network, for example, using a switch
SPAN, virtual switch, or mirror port. Passive sensing interfaces receive all traffic unconditionally and no
traffic received on these interfaces is retransmitted.
SPAN, virtual switch, or mirror port. Passive sensing interfaces receive all traffic unconditionally and no
traffic received on these interfaces is retransmitted.
Devices in an inline deployment allow you to protect your network from attacks that might affect the
availability, integrity, or confidentiality of hosts on the network. Inline interfaces receive all traffic
unconditionally, and traffic received on these interfaces is retransmitted unless explicitly dropped by
some configuration in your deployment. Inline devices can be deployed as a simple intrusion prevention
system. You can also configure inline devices to perform access control as well as manage network
traffic in other ways.
availability, integrity, or confidentiality of hosts on the network. Inline interfaces receive all traffic
unconditionally, and traffic received on these interfaces is retransmitted unless explicitly dropped by
some configuration in your deployment. Inline devices can be deployed as a simple intrusion prevention
system. You can also configure inline devices to perform access control as well as manage network
traffic in other ways.
Both Defense Centers and their managed devices can be deployed as purpose-built network appliances
provided by Cisco; you can also deploy software-based appliances.
provided by Cisco; you can also deploy software-based appliances.
This guide provides information about the features and functionality of the FireSIGHT System. The
explanatory text, graphics, and procedures in each chapter provide detailed information to help you
navigate the user interface, maximize the performance of your system, and troubleshoot complications.
explanatory text, graphics, and procedures in each chapter provide detailed information to help you
navigate the user interface, maximize the performance of your system, and troubleshoot complications.
The topics that follow introduce you to the FireSIGHT System, describe its key components, and help
you understand how to use this guide:
you understand how to use this guide:
•
•
•
•
•