ManualsPro Cisco CISCO Secure Firewall Threat Defense User Guide

CISCO Secure Firewall Threat Defense User Guide

June 14, 2024
Cisco

CISCO Secure Firewall Threat Defense

CISCO Secure Firewall Threat Defense-product

Specifications

  • Supported Integration Methods: Sending Events Directly, Sending Events Using Syslog Through a Proxy Server
  • Supported Event Types: Threat defense (NGFW) devices, Intrusion events, Security Intelligence connection events

Supported Regions

Important Information About Integrating Secure Firewall Threat Defense and Cisco SecureX Threat Response

  • About Cisco SecureX Threat Response and This Integration, on page 1
  • Cisco SecureX Threat Response Regional Clouds, on page 2
  • Supported Event Types, on page 2
  • Comparison of Methods for Sending Events to the Cloud, on page 3
  • Best Practices, on page 4

About Cisco SecureX Threat Response and This Integration

  • Cisco SecureX threat response (formerly Cisco Threat Response or CTR) is the platform in the Cisco cloud that helps you detect, investigate, analyze, and respond to threats using data aggregated from multiple products and sources.
  • This integration sends supported events from devices to Cisco SecureX threat response for analysis alongside data from your other products and other sources.
  • For more information about Cisco SecureX threat response, see Cisco SecureX Threat Response product page. For videos about the use and benefits of the application on YouTube, see http://cs.co/CTRvideos.
  • If you do not already have a Cisco SecureX threat response account, you can create one using Cisco Defense Orchestrator (CDO). To create a Cisco SecureX threat response account from CDO, follow the instructions here.
  • For more information about this integration, see the  at http://cs.co/ctr_firepower_faq and the online help in Cisco SecureX threat response, including the release notes.

Cisco SecureX Threat Response Regional Clouds

Region Link to Cloud Supported Integration Methods
North America
https://visibility.amp.cisco.com
  • Direct integration: Release 6.4 and later
  • Integration via syslog: Release 6.3 and later

Europe| https://visibility.eu.amp.cisco.com|

  • Direct integration: Release 6.5 and later
  • Integration via syslog: Release 6.3 and later

Asia (APJC)| https://visibility.apjc.amp.cisco.com|

  • Direct integration: Release 6.5 and later
  • Integration via syslog: Release 6.3 and later

Guidelines and Limitations for Choosing a Regional Cloud

Before choosing a regional cloud, consider these important points:

  • Selecting regional cloud depends on your version and integration method (syslog or direct).
    See Cisco SecureX Threat Response Regional Clouds, on page 2 for specifics.

  • When possible, use the regional cloud nearest to your deployment.

  • You cannot merge or aggregate data in different regional clouds.

  • If you need to aggregate data from multiple regions, devices in all regions must send data to the same regional cloud.

  • You can create an account on each regional cloud and the data on each cloud remains separate.

  • The region you select in your product is also used for the Cisco Support Diagnostics and Cisco Support Network features, if applicable and enabled. For more information about these features, see the online help for your product.

Supported Event Types

The threat defense and Cisco SecureX threat response integration supports the following event types:

Table 1: Version Support for Sending Events to the Cisco Cloud

Feature| Devices Managed by Secure Firewall Management Center Version

(Direct integrations)

| Devices Managed by Secure Firewall Device Manager Version

(Direct integrations)

| Syslog
---|---|---|---
Intrusion (IPS) events| 6.3  and later (via syslog)

6.4  and later (via direct connection)

| 6.3  and later (via syslog)

6.4  and later (via direct connection)

| Supported
Security

Intelligence connection events

| 6.5 and later| 6.5 and later| Not supported
File and malware events| 6.5 and later| 6.5 and later| Not supported

Comparison of Methods for Sending Events to the Cloud

Devices make events available to Cisco SecureX threat response through the Security Services Exchange portal, either using syslog or directly.

Sending Events Directly| Sending Events Using Syslog Through a Proxy Server
---|---
Supports only threat defense (NGFW) devices running supported versions of software.| Supports all devices running supported versions of software.
Supports version 6.4 and later.| Supports version 6.3 and later.
Supports all event types listed in Supported Event Types, on page 2.| Supports only intrusion events.
Supports SecureX tiles that show system status information such as whether your appliances and devices are running the optimal software versions.| System status features are not supported with syslog-based integrations.
Threat defense devices must be connected to the internet.| Devices do not need to be connected to the internet.
Your deployment cannot be using a Smart Software Manager on-premises server (formerly known as a Smart Software Satellite Server).| Your deployment can be using a Smart Software Manager on-premises server.
Sending Events Directly| Sending Events Using Syslog Through a Proxy Server
---|---
No need to set up and maintain an on-premises proxy server.|

  • Requires an on-premises virtual Cisco Security Services Proxy (CSSP) server.
  • More information about this proxy server is available from the online help in Security Services Exchange (SSE).
  • To access SSE, see Access Security Services Exchange.

Best Practices

Follow guidelines and setup instructions in the following topics precisely, including Requirements topics and Before You Begin sections in referenced procedure topics:

  • For all integrations
    See Guidelines and Limitations for Choosing a Regional Cloud, on page 2.

  • For direct integration
    See How to Send Events Directly to the Cisco Cloud.

  • For integration using syslog
    See How to Send Events to the Cisco Cloud Using Syslog.

Read User Manual Online (PDF format)

Loading......

Download This Manual (PDF format)

Download this manual  >>

Cisco User Manuals

cisco Configuring Console Access Instructions
Cisco
cisco HyperFlex HX-Series Data Platform for HCI Instructions
Cisco
CISCO Meraki Cloud Monitoring for Catalyst User Guide
Cisco
CISCO Cloud-Delivered Catalyst SD-WAN Platform User Guide
Cisco
CISCO 60079011 Wi Fi 6 E Access Point User Manual
Cisco
CISCO IP Phone o Through the Normal Startup Process User Guide
Cisco
CISCO Install Enterprise NFVIS Using USB User Guide
Cisco
CISCO NCS 1014 Network Convergence System 1014 Instruction Manual
Cisco
CISCO Set Up Webex User Guide
Cisco
CISCO Webex App User Guide
Cisco
CISCO DNA Center Configure Telemetry User Guide
Cisco
802.11 Parameters for Cisco Access Points User Guide
Cisco
CISCO Nexus 3000 Series NX-OS Verified Scalability Guide Release 9.3 Instruction Manual Product Information
Cisco
CISCO P-LTE-450 Cellular Pluggable Interface Module Configuration User Guide
Cisco
CISCO Nexus 3600 Series NX-OS Verified Scalability Guide Release 9.3 User Guide
Cisco
CISCO Nexus 3000 SeriesNX-OS Verified Scalability Guide Release 9.3 User Guide
Cisco
CISCO Nexus 3000 Series NX-OS Verified Scalability Guide User Guide
Cisco
CISCO Nexus 9804 NX-OS Mode Switch Hardware Installation Guide
Cisco
CISCO Nexus 3548 Series NX-OS Verified Scalability Instructions
Cisco
CISCO 9.0SU Emergency Responder User Guide
Cisco

Related Manuals

NatureNook Pop up Gazebo Tents 12×12 Foot Canopy Party Tent Instructions
NatureNook
JINGMEI MINI01R RF Mini LED Controller Instructions
JINGMEI
Midea WD-300W 295L Chest Freezer User Manual
Midea
TOPDON TC001 Thermal Camera User Manual
TOPDON
Capresso Machine Warranty Information
Capresso
FISHER and PAYKEL OB24SD11PLX1 24 Inch Self Cleaning Oven User Guide
FISHER and PAYKEL
POTTER DDA Analog Addressable Duct Detector Owner’s Manual
POTTER
SOMOGYI ELEKTRONIC SBC 2 Battery Charger Instruction Manual
SOMOGYI ELEKTRONIC
Bertazzoni 3100415 Professional Series Built In Electric Oven 60CM User Manual
Bertazzoni
VEX GO Lab 3 Motorized Super Car Teacher Portal Instruction Manual
VEX GO
PATTERSON V-Series HVLS Fan Instruction Manual
PATTERSON
wet sounds WS-MC-20 Marine Digital Media Receiver Owner’s Manual
wet sounds
OVERMAX X-Quest Set of 2 Racing Cars User Manual
OVERMAX
JAMARA 081459 Programming Card Instructions
JAMARA
tc electronic P0CQC Choka Tremolo True Bypass User Guide
tc electronic
Catler TB 820 Table Blender Instructions
Catler
allen roth CHL5CH Lucia 1 Light Steel Glam LED Damp Rated Chandelier Installation Guide
Allen+Roth
Whitehall Manufacturing 8193 Recessed Stainless Steel Dialysis Box Instruction Manual
Whitehall Manufacturing
Uniden iGO CAM 35 Accident CAM Vehicle Recorder Owner’s Manual
Uniden
HILTI SF 6-A22 Cordless Drill Driver Instruction Manual
HILTI
MusiBaby M1 Portable Party Speaker User Guide
MusiBaby
metabo BE 850-2 General Power Tool Instruction Manual
metabo
HUAWEI LUNA2000 Lithium Battery User Manual
Huawei
evowera Planck 01 Adaptive Sonic Electric Toothbrush User Guide
evowera
pTron Playbuds 2 TWS Earbuds User Guide
pTron
WolfX WJ2020 Tail Lights User Manual
WolfX
Hotpoint MN 512 IX HA Built In Solo Microwave User Manual
Hotpoint
GE Appliances GDF550PGR Front Control Dishwasher Installation Guide
GE Appliances
HOOKE ROAD BXG.2033-S Tubular Half Doors Offroad Trail Doors User Guide
HOOKE ROAD
Mio C320 Mini Car Security Dash Camera User Guide
Mio
Contact Us   Privacy Policy   8.820ms