Advertisement
Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide
Step 6
(Optional) If you plan to perform intrusion detection and prevention in your deployment, in the Recurring
Rule Update Imports section of the Setup page, we recommend that you check Enable Recurring Rule
Update Imports from the Support Site.
You can specify the Import Frequency, as well as configure the system to perform an intrusion Policy Deploy
after each rule update. To perform a rule update as part of the initial configuration process, check the Install
Now checkbox.
The Cisco Talos Intelligence Group releases intrusion rule updates as new vulnerabilities become known.
Rule updates provide new and updated intrusion rules and preprocessor rules, modified states for existing
rules, and modified default intrusion policy settings. Rule updates may also delete rules and provide new rule
categories and system variables.
Rule updates may contain new binaries. Make sure your process for downloading and installing rule updates
complies with your security policies. In addition, rule updates may be large, so make sure to import rules
during periods of low network use.
Step 7
(Optional) If you plan to perform geolocation-related analysis in your deployment, in the Recurring
Geolocation Updates section of the Setup page, we recommend that you check Enable Recurring Weekly
Updates from the Support Site and specify the Update Start Time using the provided fields. To perform
a GeoDB update as part of the initial configuration process, check the Install Now checkbox.
GeoDB updates may be large and may take up to 45 minutes to install after download. You should update the
GeoDB during periods of low network use.
FMCs can display geographical information about the routed IP addresses associated with events generated
by the system, as well as monitor geolocation statistics in the dashboard and Context Explorer. The FMC's
geolocation database (GeoDB) contains information to support this feature such as an IP address's associated
ISP, connection type, proxy information, and exact location. Enabling regular GeoDB updates ensures that
the system uses up-to-date geolocation information.
Step 8
(Optional) In the Automatic Backups section of the Setup page, you can check Enable Automatic Backups
to create a scheduled task that creates a weekly backup of the configurations on the FMC that can be restored
in case of failure.
Step 9
You use the FMC to manage licenses for the devices it manages. The FMC can manage devices regardless
of the type of license they require:
• For 7000 and 8000 Series, ASA with FirePOWER Services, and NGIPSv devices, you must use Classic
Licenses. Devices that use Classic Licenses are sometimes referred to as Classic devices.
You must add Classic Licenses for your managed devices before you can use licensed features. You can
add a license during the initial setup of the FMC, when you add a device to the FMC, or by editing the
device's general properties after you add the device.
To add a Classic License during the initial setup of your FMC, follow the instructions in
Classic Licenses During Initial Setup (Versions 6.2 - 6.4), on page
after completing initial setup, as described in
• For FTD physical and virtual devices, you must use Smart Licenses.
If you plan to manage devices that use Cisco Smart Software Licensing, you must add smart licenses
after completing initial setup, as described in
The
Firepower Management Center Configuration Guide
and Smart Licenses, the types of licenses for each class, and how to manage the licenses across your deployment.
FMC Initial Setup Using the Web Interface for Software Versions 6.2 - 6.4
Configure Classic Licensing, on page
Configure Smart Licensing, on page
Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide
28. You can also add classic licenses
provides more information about Classic Licenses
(Optional) Add
33.
31.
27
Advertisement
