Combining the EndaceProbe Analytics Platform™ with Cisco Firepower® (formerly Sourcefire) delivers powerful security threat detection, network and application performance monitoring with one-click access to rich forensic evidence.
Both Firepower can be integrated with the Network History recorded by EndaceProbes, enabling SecOps and NetOps analysts to click on alerts to go directly to the related packet-level Network History in EndaceVisionTM, streamlining and accelerating issue investigation and resolution.
EndaceVision lets SecOps and NetOps teams analyze traffic using a range of data visualization tools and view decoded packet data in EndacePackets, the built-in packet decode tool or download for analysis in Wireshark®
Integrating Cisco Firepower and EndaceProbes
The Pivot-to-Vision and Pivot-to-Packets integration with Cisco Firepower allows analysts to pivot from an alert in the Firepower console directly to the relevant packets.
It is implemented using the Fusion Connector for Cisco Firepower, which can be downloaded from the Endace Support Portal. If you don't have a Support Portal account, you can request a Support Portal account here.
How about a Demo?
Find out how to integrate Network History with Cisco Firepower and/or Stealthwatch for fast, accurate, investigation of security and network alerts.