08-14-2017 06:52 AM - edited 03-12-2019 06:29 AM
we just bought a 5525-x with the integrated firepower and virtual firesight module
still confused on how to configure it properly, does anyone have a guide or provide assistance? just freaked out traffic creating rulesets and not sure if its what i did or not (blocked all high and very high risks then did a permit any any)
i have a default rule doing balanced security and connections -- all internal ip at some point i will change that, however, i want to get this up and functioning before hand.
i do have smartnet obviously on it, but i would rather much learn how to deploy before i put a tac in and tie up someone that i dont need to.
08-14-2017 07:37 AM
Hi Mark,
You might find this useful:
https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118595-configure-firesight-00.html
It talks about the initial configuration steps to get the system functional.
Thanks,
Pujita Patni
08-14-2017 07:42 AM
There are several good presentations on the Cisco Live 365 site. Have a look there - just search "firepower" under the on-demand sessions and filter on this year's to start. they're all free and include both the slides and presentation video. I also highly recommend the free labminutes.com series for great how-to videos. They are all short and to the point but technically quite rich in detail.
Are you using ASDM or Firepower Management Center (FMC) to manage the module? ASDM is a bit more limited and FMC is recommended for most use cases.
Since you still have all your ASA ACLs in addition to what's done in Firepower, to start you can just not put any block rules and instead just some simple monitor rules plus a default "Balanced Security and Connectivity" IPS policy to get the feel of things.
08-15-2017 06:31 AM
we have FMC, but when i try to use it i think i dont have the control licence.
do i use the control i got in the documentation for the ASA or in the firepower module?
08-15-2017 08:13 AM
Yes you need to redeem the PAK and apply the Control license as a prerequisite for all others. It's a bit confusing and a common problem that new Firepower users face.
Here's one discussion thread (of many) where i explained it in more detail:
https://supportforums.cisco.com/discussion/13272821/firepower-license-error
08-15-2017 08:16 AM
thanks marvin, going to swap it on the portal.
08-15-2017 10:51 AM
You're welcome.
Please mark your question as answered if it has been.
08-17-2017 12:30 AM
Hello Mark
Here is the reference link for the understanding of the Access control policies.
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/asa-fp-services/asa-with-firepower-services-local-management-configuration-guide-v60/AC-Getting-Started.pdf
Let us know if you need any help.
Regards
Jetsy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide