Does anyone know if there is a way to successfully get a credentialed scan on the FirePower module of an ASA 5516? I just recently had a CCRI (Command Cyber Readiness Inspection) and the auditor stated that I should be getting credentialed scans on my IPS/Firepower module. I'm able to login to the module using SSL, but I don't see anyway to get into enable mode. Any help would be greatly appreciated. thanks
The dedicated FirePower module is running Fire Linux OS (as it's called).
Once logged in you get the following:
configure Change to Configuration mode
exit Exit this CLI session
expert Invoke a shell
history Display the current session's command line history
logout Logout of the current CLI session
show Change to Show Mode
system Change to System Mode
Expert mode will get you into the actual Linux portion, where you can run standard Linux commands i.e. ls, cd, cat etc.
I don't think this will work for a Nessus credentialed scan. While I can manually SSL into the Firepower module, You need to input "expert" to get to the Linux command line and then perform a SU or SUDO command. Hopefully, someone else can chime in for clarity. thanks