Cisco
Firepower and Stealthwatch
Combining the EndaceProbe Analytics Platform™ with Cisco Firepower® (formerly Sourcefire) and/or Cisco Stealthwatch® (formerly Lancope) delivers powerful security threat detection, network and application performance monitoring with one-click access to rich forensic evidence.
Both Firepower and Stealthwatch can be integrated with the Network History recorded by EndaceProbes, enabling SecOps and NetOps analysts to click on alerts to go directly to the related packet-level Network History in EndaceVision™, streamlining and accelerating issue investigation and resolution.
EndaceVision lets SecOps and NetOps teams analyze traffic using a range of data visualization tools and view decoded packet data in EndacePackets, the built-in packet decode tool or download for analysis in Wireshark®.
Deploy Firepower and Stealthwatch Sensors on EndaceProbe
In addition, both Cisco Firepower Threat Defense Virtual Appliance and the Stealthwatch Flow Sensor VE can be hosted in the EndaceProbe's Application Dock hosting environment, enabling monitoring coverage to be extended anywhere you have EndaceProbes deployed without the need to deploy additional hardware.
See Cisco Firepower Integration in Action
Watch this short video demo (03:28) to see how integrating Cisco Firepower with the 100% accurate Network History recorded by our EndaceProbes enables accurate detection and rapid response to security threats.
Integrating Cisco Firepower and EndaceProbes
The Pivot-to-Vision and Pivot-to-Packets integration with Cisco Firepower allows analysts to pivot from an alert in the Firepower console directly to the relevant packets.
It is implemented using the Fusion Connector for Cisco Firepower, which can be downloaded from the Endace Support Portal. If you don't have a Support Portal account, you can request a Support Portal account here.
See Cisco Stealthwatch Integration in Action
Watch this short video demo (04:10) to see how integrating Cisco Stealthwatch with the 100% accurate Network History recorded by our EndaceProbes enables accurate detection and rapid response to security threats.
Integrating Cisco Stealthwatch and EndaceProbes
Integrating Stealthwatch with EndaceProbes lets analysts jump directly from Stealthwatch alerts to examine the underlying packet-level evidence recorded by the EndaceProbes on your network.
For instructions on enabling this integration, login to the Endace Support Portal. If you don't have a Support Portal account, you can request a Support Portal account here.
Redefining Cybersecurity with Cisco Firepower, Stealthwatch and EndaceProbes
Douglas Hurd, Alliances and Integrations Manager at Cisco, talks about why packet capture is extremely complementary to Cisco products and how the integration with EndaceProbes enables fast, accurate threat response.
Watch Endace on Cisco ThreatWise TV
Endace's Michael Morris talks to ThreatWise TV Host Jason Wright and demonstrates the value of combining EndaceProbes with Firepower and Stealthwatch.
How about a Demo?
Find out how to integrate Network History with Cisco Firepower and/or Stealthwatch for fast, accurate, investigation of security and network alerts.