Cisco FireSIGHT Terminology

Honestly, at first I got confused about Cisco FireSIGHT terminology between old (before acquisition) versus new terminology (after Cisco acquisition). The confusion raised because I handle several customers and there are different version of the software installed in the appliances.

It leads me to read different version of user guide as well as many documentation from version 5.2 to version 5.4 (the newest version installed in one of my client’s data center). This article intended to clear some confusion between old and new term. 

From several documentations and many helpful advice from my seniors, I managed to conclude several confusion to a readable article in this blog. hope it helps for any engineer who got same confusion.

First, what is the difference between the old version and new version terms of FireSIGHT and FirePOWER?
Ok, it’s really a bit confusing because FireSIGHT is a new term introduced in version 5 and referred to RNA (Realtime Network Awareness) and RUA (Realtime User Awareness) in Sourcefire version lower than 5. In version 5, RNA and RUA combined together into a new term, FireSIGHT.

If we use the term FireSIGHT, it’s mean we referred to entire system either physical or virtual to serve as a NGIPS/NGFW. FirePOWER is the power behind the system, and now FirePOWER is typically used as a term to describe a NGIPS system that runs its services on ASA.

Many of the old name are being updated as the Cisco and Sourcefire integration is progressing. That’s why we need to know the old and new terms for various components. Here is my table to describe several confusion between old and new terminology.

OldNew
SourcefireCisco
Sourcefire Defense CenterFireSIGHT Management Center (FMC or FSMC)
SensorDevice or Managed Device
Defense Center (DC)FireSIGHT Management Center
Sourcefire 3D SystemFireSIGHT System
Sourcefire Managed DeviceManaged Device

If you want to take SSFIPS Exam (500-285), please remember that the term FireSIGHT is refers to only the RNA and RUA, not the entire system.

Sources:

  1. SSFIPS Securing Cisco Networks with Sourcefire Intrusion Prevention System – Todd Lammle, John Gay, Alex Tatistcheff (this is a great book you should have)
  2. FireSIGHT System User Guide Version 5.4.1 – Cisco System
Cisco Prime Security Manager & ASA CX
RCSP-W Exam Specifications (2016)

Leave a Reply

Your email address will not be published / Required fields are marked *