Secure Firewall
Secure Firewall (formerly Firepower) provides complete and unified management over firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection.
The integration of Secure Firewall Threat Defense (formerly Firepower Threat Defense) provides the capability to investigate, identify, and enrich Cisco Secure Firewall intrusion events with context from integrations across the integrated products. It offers an automated triage and prioritization of intrusion events through incidents. Returned information includes any alert with that IP address, including the other IP address, the source and destination ports, the direction of the traffic that triggered the event, the title and message of the intrusion event, additional details of the event, and the date and time of the alert.
Combining intel from Secure Firewall Threat Defense with other observations connects the dots of the blended attack. The North/South observations from Secure Firewall Threat Defense combined with indicators from East/West scanning elements and endpoint protection will uncover attacks that one product alone could miss.
Stay ahead of the threat landscape with automated workflows and a suite of ready-to-integrate tools that maximize the productivity and efficiency of your security teams and investments.
To configure this integration, see the Cisco Secure Firewall Threat Defense and Cisco XDR Integration Guide.
These actions can be used in Cisco XDR automation to build workflows for this product. Workflows can help you automate how you investigate, respond to incidents, and more.