Sunday, May 17, 2020

FireEye NX SmartVision SC Killswitch

SmartVision is the lateral movement detection module of the network security product (NX) of FireEye. There are too many documents and descriptions about it on FireEye's website, so I will not touch on it here. I just want to explain what SC Killswitch is in the SmartVision configuration, since there is no any explanation about it anywhere.

The SC Killswitch is not a user configurable setting, so there is no any command to enable or disable it even if you see it is like configurable in show menu.

#show smartvision config


It is something about status of the SmartVision module. Sometimes, some Security-Contents may have to restart SmartVision module. This SC Killswitch value indicates whether SmartVision module should be restarted or not. If this value is no;

SC Killswitch: no

 this simply indicates that there is no need to restart SmartVision module.

zaman:
Etiketler: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

A Sad Story: Don't Invest, Just Prodigalize

Last week, a friend called me, gave some bad news about a company. The company was looking for help since they became a victim of Egregor ra...