This document is intended for Cisco engineers and customers who are interested in deploying Cisco Firepower Management Center (FMC) 6.0 with Cisco Identity Service Engine (ISE 1.3 or higher) using (platform exchange Grid) pxGrid.
Please note that pxGrid remediation is not supported in Cisco Firepower Management Center FMC 6.0.
Cisco Firepower Management Center (FMC) 6.0 can now enforce an organizations security policy based on ISE session attribute information available through pxGrid. These security policies can be applied to and enforced by the Cisco Firepower to managed NGIPS sensors and/or an ASA with Firepower services. The ASA with Firepower services vsm also manage these policies locally via ASDM.
This document provides the details of configuring Cisco Firepower Management Center (FMC) 6.0 and pxGrid integration with ISE in an ISE Stand-Alone environment using self-signed certificates or using CA (Certificate Authority)- signed certificates.
In this document an ASA with Firepower services will be configured with the ASA Firepower (sfr) module and register with Cisco Firepower Management Center (FMC) 6.0 to use the centrally managed Cisco Firepower Management Center policy. The ASA with Firepower services will also be configured on-box with the Firepower intrusion policy and access control rule independent of the FMC.
The Cisco Firepower Management Center managed security policy and ASA on box Firepower Management policy will consist of an intrusion policy and Employee SGT access control rule for denying access to specific web categories.
The background is the end devices PC would like to use EAP-TLS for 802.1x wired auth. by the cert. signed by window CA. When the cert. signed by window standalone CA, it is working fine.However, when the cert. signed by window enterprise CA. it ...
Hi, I want to create IPS Reporting on FMC but cant see any data under any available templates. I wana to create standard Intrusion Report for all kind of Intrusion events. Plus I can see IPS events in Dashboard Summary but None of them refl...
I'm trying to deploy ASAv in Azure and as the docs suggest, the management-only setting should be removed from the Management interface since "...the Management interface is the only interface that can have an Azure public IP address associated with it. B...
Hello Community, I need good advice to update two FTDs on ASA 5525X in HA from FMC1) do you need to break the HA to update them one at a time? so there is no effect on the service?Or is this process handled by the FMC without breaking the HA?I await...