About File Policies and Advanced Malware Protection
File policies can optionally be configured to detect and block malware.
Advanced Malware Protection (AMP) for Firepower can detect, capture, track, analyze, log, and optionally block the transmission of malware in network traffic. In the Firepower Management Center web interface, this feature is called AMP for Networks, formerly called AMP for Firepower. AMP identifies malware using threat data from the Cisco cloud and managed devices deployed inline.
You implement Advanced Malware Protection using file policies, which you associate with access control rules that handle network traffic as part of your overall access control configuration.
When the system detects malware on your network, it generates file and malware events. To analyze file and malware event data, see File/Malware Events and Network File Trajectory.