cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5550
Views
15
Helpful
6
Replies

Firepower Intrusion Policy Recommendations

de1denta
Level 3
Level 3

Hi All,

 

I'm in the process of configuring an FMC intrusion policy for all of my remote sites and I have a couple of questions regarding recommendations that I cant find a solid answer to.

 

I have a single intrusion policy and I have enabled it to use a Base Policy of 'Balanced Security & Connectivity' and to use recommendations. I have also created a schedule to automatically update the recommendations on a weekly basis, however, I'm not sure if I then need to manually commit the changes under the intrusion policy and then apply to the sensors or if all of this is done/can be done automatically as well? 

 

Many thanks

1 Accepted Solution

Accepted Solutions

yogdhanu
Cisco Employee
Cisco Employee

Hi Will,

 

You don't need to. Once the automatic update installs the new SRU( rules) update on FMC, the policy would show out of date. You can simply deploy the policy which will include the new updates.

You can also use the option to deploy the policy automatically once the new updates are installed as well under system>updates>rules update.

 

Hope this helps,

yogesh

View solution in original post

6 Replies 6