Yes thank you for the

Ralema Geno · ‎09-22-2015

We have recently installed a Cisco 5525X ASA and have fireshight manager installed. We have registered all licenses and IPS, AMP. control and protection.

HOwever, we are unable to register sensing interfaces and/or get any traffic through. Have configured for traffic to be redirected to the Firesight manager.

Is there any command or anything I have not configured or can check?

Marvin Rhoads · ‎09-23-2015

Traffic is not redirected to FireSIGHT Manager - it's redirected to the ASA's FirePOWER module. Can you verify you've done that with your service-policy in the ASA?

Have you built Intrusion, File, Network Discovery policies in FireSIGHT and applied them in an Access Control Policy?

Ralema Geno · ‎09-23-2015

Yes thank you for the correction, redirected traffic to the SFR Module:

We have used the default access policy/Intrusion policy. We can only pick up OS & Server Applications. we havent applied any other policies.

Just need some guidance to what we require to setup in order to start receiving some events. FOr eg: do we do network discovery and then access policy & then intrusion etc???

Marvin Rhoads · ‎09-24-2015

There is a good guide to the policies you should setup in Cisco Live presentation BRKSEC-2018. It explains the various policy types and their respective functions.

Cisco ASA 5525X with Firepower services