When you migrate a Sourcefire appliance from Version 4.10 to Version 5.2, some of the configurations, policies, and features are migrated. After you or upgrade your appliance from 5.2 to any latest version, the terminologies change, as the Version 220.127.116.11 introduces the ability to manage Cisco ASA with FirePOWER Services using a FireSIGHT Management Center. This article provides you a guideline about the new features and terminologies.
Migration from 4.10.x to 5.2
Note: In order to migrate a Sourcefire appliance to Version 5.2, it must be running software version 18.104.22.168 or higher.
Key 5.2.x Features
Software Version 5.2 introduces the following new features:
Features Supported in 5.2.x *
Series 2 Appliances
Improved User Interface / Dashboards
Expanded Application Classification
Enhanced IPS Events/Policy (See notes)
FireSIGHT (RNA/RUA Bundled)
Threat Prevention / IPS
Full IPv6 Support (GUI/Policy/FireSIGHT)
Application Control / URL Filtering
IP Reputation Blocking
File Type / Malware Cloud Lookup & Blocking
Routing, Switching, NAT
Additional licenses may be required to enable the new features in 5.2.x.
Migration of Various Features, Configurations and Policies
Real-time Network Awareness (RNA)
FireSIGHT license is required to enable this feature. Legacy RNA & RUA licenses may be supported. However, Sourcefire does not recommend exceeding the User limits that are matched to the hardware capabilities of Defense Centers.
Real-time User Awareness (RUA)
Intrusion Prevention System (IPS)
PROTECT license is required for series 3 managed devices.
Access rules are created for applied intrusion policies. All intrusion policies are migrated.
Local Intrusion Rules
All local rules are migrated. Can be enabled using the Access Control rules.
RNA Detection Policies
Network Discovery and Access Control rules will be created for applied RNA detection policies.
RNA Settings in the System Policies
RNA related system policy settings will be migrated to Network Discovery. No other system policy will be migrated.
Netflow Devices in System Settings
Netflow devices will be migrated to Network Discovery. No other system setting information will be migrated.
Compliance policies, rules and traffic profiles will be migrated.
White lists will not be migrated.
Access Control rules will be created for applied PEP policies.
Interface Sets and Detection Engine
Security Zones will be created for interface sets which are used by a detection engine with an applied policy of any type.
* PEP was a feature in Version 4.10.3 that allowed you to create rules to block or send traffic directly through some 3D Sensors with no further inspection.
Migration from 5.2 to 22.214.171.124 or Higher
Changes to Terminology
Version 5.3.1 Terminology
Sourcefire 3D System
Sourcefire Defense Center
FireSIGHT Management Center / Defense Center
Sensor / Managed Device
FireSIGHT Managed Device
New Terminologies on 5.3.1 or Higher
ASA FirePOWER Module
Refers to the hardware and software modules installed on compatible Cisco ASA hardware
Cisco ASA with FirePOWER Services
Refers to ASA device with the ASA FirePOWER module installed