Physical devices are fault-tolerant, purpose-built network appliances available with a range of throughputs and capabilities. Security, Internet Access, and Communication PortsĪ FireSIGHT System appliance is either a traffic-sensing managed device or a managing Defense Center :.The topics that follow introduce you to the FireSIGHT System and describe its key components: For detailed information, see the FireSIGHT System Virtual Installation Guide. However, virtual appliances do not support any of the system’s hardware-based features: redundancy, switching, routing, and so on. Tip You can host virtual Defense Centers and devices, which can manage and be managed by physical appliances. It also contains hardware specifications and safety and regulatory information for FireSIGHT System appliances. This installation guide provides information about deploying, installing, and setting up FireSIGHT System appliances (devices and Defense Centers). You can also configure inline devices to perform access control as well as manage network traffic in other ways. Inline devices can be deployed as a simple intrusion prevention system. Inline interfaces receive all traffic unconditionally, and traffic received on these interfaces is retransmitted unless explicitly dropped by some configuration in your deployment. Passive sensing interfaces receive all traffic unconditionally and no traffic received on these interfaces is retransmitted.ĭevices in an inline deployment allow you to protect your network from attacks that might affect the availability, integrity, or confidentiality of hosts on the network. Managed devices installed on network segments monitor traffic for analysis.ĭevices in a passive deployment monitor traffic flowing across a network, for example, using a switch SPAN, virtual switch, or mirror port. The Cisco Defense Center® provides a centralized management console and database repository for the FireSIGHT System. You can also use FireSIGHT System appliances to serve in a switched, routed, or hybrid (switched and routed) environment to perform network address translation (NAT) and to build secure virtual private network (VPN) tunnels between the virtual routers of FirePOWER managed devices. The Cisco FireSIGHT® System combines the security of an industry-leading network intrusion protection system with the power to control access to your network based on detected applications, users, and URLs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |