Re: Talos says Remcos is a Remote Access Trojan (RAT)
Is the the same Cisco that impliments SSL decryption on its switches, through the use of fake PKI certs. Basically implimenting a man-in-the-middle attack.The client browser has to be configered to accept such fake certs and not just the Cisco ones.
Your links points to the Firepower module, which is nominally installed at the edge of a network (think firewall, or IDS/IPS). It's not something that they throw in on every single switch they sell- you have to ask for it. (and pay extra for it!)
Cisco also has such functionality on their Web Security Appliance (aka Ironport); the intention for installing these devices is that you generate a CA class certificate (subordinate issuer) from your enterprise's private CA, install *that* certificate into the WSA or Firepower, and configure a group policy or some other method to have your clients automatically trust that certificate (which they should if they already trust the issuing CA), and you should be almost fine. You'll certainly run into exceptions, like Java applets and scripting that don't leverage the OS's trusted certificate store, for starters, but by and large the end user won't notice or care, because It Just Works.