Cisco Cisco FirePOWER Appliance 8130
17-2
FireSIGHT System User Guide
Chapter 17 Introduction to Intrusion Prevention
Understanding How Traffic Is Analyzed
To learn more about how a FireSIGHT System deployment can help protect your network, see the
following sections:
following sections:
•
•
•
•
•
Understanding How Traffic Is Analyzed
License:
Protection
The system uses award-winning Snort® technology to analyze network traffic and generate intrusion
events, which are records of the traffic that violates the intrusion policy applied to the device that is
monitoring a specific network segment. Event analysts can review the events and determine whether they
are important in the context of your network.
events, which are records of the traffic that violates the intrusion policy applied to the device that is
monitoring a specific network segment. Event analysts can review the events and determine whether they
are important in the context of your network.
Intrusion events can be generated by:
•
a link layer decoder, such as the Ethernet II decoder