ASA Firepower SFR Settings

QUARK TARO · ‎11-27-2015

Since SFR is managed thru Firesight, is there any need for SFR to connect to any other systems other than Firesight?

Is it required for it to communicate to DNS, NTP (mandatory)?

Pujita Patni · ‎11-27-2015

Hi,

The following document lists the communication ports requirement for Firesight devices.

There is a column on the list that talks about what type of device it is applicable on :

http://www.cisco.com/c/en/us/td/docs/security/firesight/541/user-guide/FireSIGHT-System-UserGuide-v5401/Communication-Ports.html#pgfId-7733280

Thanks,

Pujita

QUARK TARO · ‎11-27-2015

I am not asking for the firewall ports between SFR and Firesight. I would like to know apart from Firesight, does it require to communicate (mandatory) with any other device?

Pujita Patni · ‎11-27-2015

I dont think DNS is necessary if you are using IP addresses in your deployment.

Time synchronization is important between them, so you can make the SFR get the time from FMC. So it need not be connected to the NTP also.

QUARK TARO · ‎11-27-2015

Can SFR sync the time with Firesight appliance?

Pujita Patni · ‎11-29-2015

Yes.

In the System Policy under Time synchronization, you can configure the Managed devices to synchroniza time from the Defence Center.