Cisco Cisco FirePOWER Appliance 7115
Version 5.3
Sourcefire 3D System User Guide
153
Using the Context Explorer
Understanding the Context Explorer
Chapter 3
Note that you must have a Malware license and enable malware detection for this
graph to include network-based malware data. Note also that neither the DC500
Defense Center nor Series 2 devices support advanced malware detection, so
the DC500 Defense Center cannot display this data and Series 2 devices do not
detect it. See
This graph draws data primarily from the File Events table.
Viewing the Top File Names Graph
L
ICENSE
: Protection or Malware
S
UPPORTED
D
EVICES
: feature dependent
S
UPPORTED
D
EFENSE
C
ENTERS
: feature dependent
The Top File Names graph, in bar form, displays counts of the top unique file
names detected in network traffic.
Hover your pointer over any part of the graph to view more detailed information.
Click any part of the graph to filter or drill down on that information.
Note that you must have a Malware license and enable malware detection for this
Note that you must have a Malware license and enable malware detection for this
graph to include network-based malware data. Note also that neither the DC500
Defense Center nor Series 2 devices support advanced malware detection, so
the DC500 Defense Center cannot display this data and Series 2 devices do not
detect it. See
This graph draws data primarily from the File Events table.
Viewing the Files by Disposition Graph
L
ICENSE
: Protection or Malware
S
UPPORTED
D
EVICES
: feature dependent
S
UPPORTED
D
EFENSE
C
ENTERS
: feature dependent
The Top File Types graph, in pie form, displays a proportional view of the malware
dispositions for files detected in network traffic. Note that only files for which the
Defense Center performed a malware cloud lookup (which requires a Malware
license) have dispositions. Files that did not trigger a cloud lookup have a
disposition of
N/A
. The disposition
Unavailable
indicates that the Defense
Center could not perform a malware cloud lookup. See