Cisco Firepower 1010 Getting Started Manual page 59

Hide thumbs Also See for Firepower 1010:

Getting started manual (190 pages)

Hardware installation manual (50 pages)

Getting started (42 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

page of 182

/ 182
Contents
Table of Contents
Bookmarks

Table of Contents

Firepower Threat Defense Deployment with CDO

The following example shows how to allow traffic between the inside-zone and dmz-zone in the access control

policy. In this example, no options are set on any of the other tabs except for Logging, where At End of

Connection is selected.

Figure 26: Access Control Policy

Step 9

Locate the Security Database Updates section to create a scheduled task to check and update the security

databases for an FTD device.

When you onboard an FTD device to CDO, part of the onboarding process allows you to Enable scheduled

recurring updates for databases. This option is checked by default. When enabled, CDO immediately checks

for and applies any security updates as well as automatically schedules the device to check for additional

updates. You are able to modify the date and time of the scheduled task after the device is onboarded.

If you are using intrusion policies, set up regular updates for the Rules and VDB databases. If you use Security

Intelligence feeds, set an update schedule for them. If you use geolocation in any security policies as matching

criteria, set an update schedule for that database.

Step 10

Click the Preview and Deploy button in the menu, then click the Deploy Now button, to deploy your changes

to the device.

Changes are not active on the device until you deploy them.

Access the FTD and FXOS CLI

Use the command-line interface (CLI) to set up the system and do basic system troubleshooting. You cannot

configure policies through a CLI session. You can access the CLI by connecting to the console port.

You can also access the FXOS CLI for troubleshooting purposes.

Note

You can alternatively SSH to the Management interface of the FTD device. Unlike a console session, the SSH

session defaults to the FTD CLI, from which you can connect to the FXOS CLI using the connect fxos

command. You can later connect to the address on a data interface if you open the interface for SSH connections.

SSH access to data interfaces is disabled by default. This procedure describes console port access, which

defaults to the FXOS CLI.

All manuals and user guides at all-guides.com

You also apply intrusion and file (malware) policies using access control rules. Use this policy to

implement URL filtering.

Access the FTD and FXOS CLI

Cisco Firepower 1010 Getting Started Guide

Table of Contents

Chapters

Table of Contents

This manual is also suitable for:

Lightstream 1010

Cisco Firepower 1010 Getting Started Manual page 59

Chapters

Related Manuals for Cisco Firepower 1010

Related Products for Cisco Firepower 1010

This manual is also suitable for:

Table of Contents