Supported Objects in Cisco FMC

BC.

Cisco Firepower Management Center (FMC) provides a centralized management platform for Cisco Firepower NGIPS (Next-Generation Intrusion Prevention System) and NGFW (Next-Generation Firewall) devices. FMC allows network administrators to create and manage various types of reusable objects that can be used in policies and rules for network security.

The two types of reusable objects supported by Cisco FMC are:

B. Reputation-based objects: These objects represent Security Intelligence feeds and lists, application filters based on category and reputation, and file lists. These objects are used to help detect and block threats based on known malicious activity or indicators of compromise. Security Intelligence feeds and lists provide information on known bad actors, malicious domains, IP addresses, and other indicators of compromise. Application filters based on category and reputation can be used to block or allow access to specific types of web content based on their reputation score. File lists can be used to block specific file types or to identify files that are known to be malicious.

C. Network-based objects: These objects represent IP addresses and networks, port/protocol pairs, VLAN tags, security zones, and origin/destination country. These objects are used to define the network topology and to identify traffic flows based on specific criteria. IP addresses and networks can be used to define the source and destination of network traffic. Port/protocol pairs can be used to identify the specific application or service being used. VLAN tags can be used to define virtual network segments. Security zones can be used to group network segments based on their security requirements. Origin/destination country can be used to identify traffic originating from specific geographic locations.

A. Dynamic key mapping objects: These objects are not reusable objects supported by Cisco FMC. They are used in SSL decryption policies to link HTTP and HTTPS GET requests to Layer 7 application protocols.

D. Network-based objects that represent FQDN mappings and networks, port/protocol pairs, VXLAN tags, security zones and origin/destination country are not completely accurate. FQDN (Fully Qualified Domain Name) mappings are not network-based objects but they can be created and managed as a part of network-based objects such as IP addresses and networks. VXLAN tags are not network-based objects but they can be used to define virtual network segments as part of network-based objects such as VLAN tags.

E. Reputation-based objects, such as URL categories, are similar to the reputation-based objects described in option B. However, URL categories specifically represent web categories that can be used to block or allow access to specific types of web content based on their URL category.

In summary, the two types of objects that are reusable and supported by Cisco FMC are reputation-based objects and network-based objects. Reputation-based objects are used to detect and block threats based on known malicious activity or indicators of compromise, while network-based objects are used to define the network topology and to identify traffic flows based on specific criteria.