What is sourcefire used for?

Sourcefire Advanced Malware Protection (AMP) offers malware analysis and protection for networks and endpoints using big data analytics to discover, understand and block advanced malware outbreaks, advanced persistent threats (APTs) and targeted attacks.

What is ASA Lina?

The Cisco ASA uses a single monolithic binary (ELF) running directly on the main CPU, and the ASA firmware is a Linux operating system running a single ELF called LINA. The older PIX devices ran on a custom OS called PIX OS and had a similar binary running on them.

What is the difference between ASA and FTD?

FTD combines both asa and firepower code into a single image. At the moment FTD has not reached feature parity with ASA features (no remote-access vpn, no multiple-context mode, no clustering, etc.) but it will be the way forward.

What is prefilter policy?

Pre-Filtering is the optional first step of access control. A pre-filter policy contains rules that match simple values, like IP’s and ports. There is no deep packet inspection in a pre-filter policy. One of the reasons to use this is to quickly allow or deny traffic, without deeper inspection.

Is Sourcefire FirePOWER?

Sourcefire helps you fight the latest threats to your network with FirePOWER.

Is Sourcefire IDS or IPS?

Sourcefire is the only IPS provider offering dynamic defenses against the threats aimed at your constantly changing network. Sourcefire’s key capabilities include: Superior attack protection: Snort IPS detection engine.

What is Lina in firepower?

Lina is the ASA code that FTD runs on, and the snort process is the network analysis of the packets that goes from security intelligence (SI) through the ACP inspection of the traffic by the Snort IPS rules.

What is FTD in Cisco ASA?

Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. This unified software is capable of offering the function of ASA and FirePOWER in one platform, both in terms of hardware and software features.

What is snort in FTD?

FTD uses Snort, an open-source IDS/IPS, to perform deep packet inspection. Snort can detect intrusion attempts and prevent cyber attacks in real time.