05-17-2023 03:11 AM
Hello Comunity
I'm looking for a definitive link to enabling FMC 6.7 > EU Cloud (AMP for networks)
When we enable the option the toggle icon appears to be spinning in a pending state.
/var/log/message shows as connected to the EU cloud
During the setup of the AMP toggle within FMC I get a re-direct to the Cisco website where I get prompted for a login (console.eu.amp.cisco.com)
Question - Do I need to create any cloud logins for this integration to work? - see step 5 below (FMC GUI shows spinning state) - All DNS and connectivity checks have been successful - Was thinking i need an account to approve the FMC on the cloud for data sharing.
====================================
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Reference_a_wrapper_Chapter_topic_here.html
Procedure
Step 1
Choose AMP > AMP Management.
Step 2
Click Add AMP Cloud Connection.
Step 3
From the Cloud Name drop-down list, choose the cloud you want to use:
The AMP cloud is closest to the geographical location of your Firepower Management Center.
For AMP private cloud (AMPv), choose Private Cloud and proceed as described in Cisco AMP Private Cloud.
Step 4
If you want to use this cloud for both AMP for Networks and AMP for Endpoints, select the Use for AMP for Firepower check box.
If you configured a different cloud to handle AMP for Networks (AMP for Firepower) communications, you can clear this check box; if this is your only AMP cloud connection, you cannot.
In a multidomain deployment, this check box appears only in the Global domain. Each Firepower Management Center can have only one AMP for Networks connection.
Step 5
Click Register.
A spinning state icon indicates that a connection is pending, for example, after you configure a connection on the Firepower Management Center, but before you authorize it using the AMP for Endpoints management console. A failed or denied icon () indicates that the cloud denied the connection or the connection failed for another reason.
Step 6
Confirm that you want to continue to the AMP for Endpoints management console, then log into the management console.
Step 7
Using the management console, authorize the AMP cloud to send AMP for Endpoints data to the Firepower Management Center.
Step 8
If you want to restrict the data that the FMC receives, select specific groups within your organization for which you want to receive information.
By default, the AMP cloud sends data for all groups. To manage groups, choose Management > Groups on the AMP for Endpoints management console. For detailed information, see the management console online help.
Step 9
Click Allow to enable the connection and start the transfer of data.
Clicking Deny returns you to the Firepower Management Center, where the connection is marked as denied. If you navigate away from the Applications page on the AMP for Endpoints management console, and neither deny nor allow the connection, the connection is marked as pending on the Firepower Management Center's web interface. The health monitor does not alert you of a failed connection in either of these situations. If you want to connect to the AMP cloud later, delete the failed or pending connection, then recreate it.
Incomplete registration of an AMP for Endpoints connection does not disable the AMP for Networks connection.
06-02-2023 07:58 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide