09-05-2018 05:03 PM - edited 03-12-2019 06:56 AM
Hello,
I was wondering if the Firesight Management Center can be integrated into Microsoft Active Directory? We would like to manage accounts through Active Directory to permit users to logging with certain levels of privileges (Read only/Full access/ etc.). Is this supported and easy to setup? Is there an application not or example on how to setup?
Additionally, if we wanted to install the Firesight VM onto a physical server (VMSphere), is there a recommended hardware platform to monitor up to 10 ASA's?
Thanks
Brett
09-05-2018 06:49 PM
Hi Brett,
Yes, this can be achieved on the FMC.
The sample configuration example is available at:
FMC as such will not be able to monitor ASA, but it monitors the firepower module running on the ASA. You can manage 10 devices on the vFMC without any issues. Logging capacity is restricted on the number of events that can be stored on vFMC though.
09-05-2018 10:57 PM
Sure - that's quite a common use case. Your external authentication can be via LDAP (AD) or RADIUS (e.g. Cisco ISE or ACS, optionally with AD or other external identity store as the backend to those systems).
The Firepower Management Center Configuration Guide includes the necessary instructions. Here's a link to the relevant section for the current release (6.2.3):
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide