The local malware detection engine statically analyzes and preclassifies files using signatures provided by Cisco. If you enable this option, the Secure Firewall Management Center checks for signature updates once every 30 minutes.
Share URI from Malware Events with Cisco
The system can send information about the files detected in network traffic to the AMP cloud. This information includes URI information associated with detected files and their SHA-256 hash values. Although sharing is opt-in, transmitting this information to Cisco helps future efforts to identify and track malware.