Connecting to an AMP Private Cloud

Before you begin

  • Configure your Cisco AMP private cloud or clouds according to the directions in the documentation for that product. During configuration, note the private cloud host name. You will need this host name in order to configure the connection on the management center.

  • Make sure the management center can communicate with the AMP private cloud, and confirm that the private cloud has internet access so it can communicate with the public AMP cloud. See the topics under Security, Internet Access, and Communication Ports.

  • Unless your deployment is integrated with AMP for Endpoints, each management center can have only one AMP cloud connection. This connection is labeled AMP for Networks or AMP for Firepower.

    If you integrate with AMP for Endpoints, you can configure multiple AMP for Endpoints cloud connections.

Procedure

Step 1

Choose Integration > AMP > AMP Management.

Step 2

Click Add AMP Cloud Connection.

Step 3

From the Cloud Name drop-down list, choose Private Cloud.

Step 4

Enter a Name.

This information appears in malware events that are generated or transmitted by AMP private cloud.

Step 5

In the Host field, enter the private cloud host name that you configured when you set up the private cloud.

Step 6

Click Browse next to the Certificate Upload Path field to browse to the location of a valid TLS or SSL encryption certificate for the private cloud. For more information, see the AMP private cloud documentation.

Step 7

If you want to use this private cloud for both malware defense and AMP for Endpoints, check the Use for AMP for Firepower check box.

If you configured a different private cloud to handle malware defense communications, you can clear this check box; if this is your only AMP private cloud connection, you cannot.

In a multidomain deployment, this check box appears only in the Global domain. Each management center can have only one malware defense connection.

Step 8

Click Register, confirm that you want to disable existing direct connections to the AMP cloud, and finally confirm that you want to continue to the AMP private cloud management console to complete registration.

Step 9

Log into the management console and complete the registration process. For further instructions, see the AMP private cloud documentation.

What to do next

In high availability configurations, you must configure AMP cloud connections independently on the Active and Standby instances of the Firepower Management Center; these configurations are not synchronized.