Combining the EndaceProbe Analytics Platform™ with Cisco® Secure Firewall Threat Defense (formerly known as Firepower) delivers powerful security threat detection, network and application performance monitoring with one-click access to rich forensic evidence.
Firewall Threat Defense (FTD) can be integrated with the Network History recorded by EndaceProbes, enabling SecOps and NetOps analysts to click on alerts to go directly to the related packet-level Network History in EndaceVision™, streamlining and accelerating issue investigation and resolution.
EndaceVision lets SecOps and NetOps teams analyze traffic using a range of data visualization tools and view decoded packet data in Wireshark® hosted on the EndaceProbe.
Integrating Cisco Firewall Threat Defense and EndaceProbes
The Pivot-to-Vision and Pivot-to-Packets integration with Cisco FTD allows analysts to pivot from an alert in the Firewall Management Console (FMC) directly to the relevant packets.
It is implemented using the Fusion Connector for Cisco Security, which can be downloaded from the Endace Support Portal. If you don't have a Support Portal account, you can request a Support Portal account here.
How about a Demo?
Find out how to integrate Network History with Cisco FTD and/or Stealthwatch for fast, accurate, investigation of security and network alerts.