Руководство По Установке для Cisco Cisco AMP Threat Grid 5500 Appliance
Cisco AMP Threat Grid Appliance Setup and Configuration Guide
PLANNING
PLANNING
6
DNS Server Access
The DNS server used for purposes other than Disposition Update Service lookups, resolving remote syslog
connections, and resolving the mail server used for notifications from the Threat Grid software itself needs to be
accessible via the dirty network.
connections, and resolving the mail server used for notifications from the Threat Grid software itself needs to be
accessible via the dirty network.
By default, DNS uses the Dirty interface. The Clean interface is used for FireAMP Private Cloud integrations. If
the FireAMP Private Cloud hostname cannot be resolved over the Dirty interface, then a separate DNS server
that uses the Clean interface can be configured in the OpAdmin interface.
the FireAMP Private Cloud hostname cannot be resolved over the Dirty interface, then a separate DNS server
that uses the Clean interface can be configured in the OpAdmin interface.
See the Threat Grid Appliance Administrator’s Guide for additional information.
NTP Server Access
The NTP server needs to be accessible via the Dirty network.
Integrations – ESA/WSA/FireAMP etc.
Additional planning may be required if the Threat Grid Appliance is going to be used with other Cisco products,
such as ESA/WSA appliances, FireAMP Private Cloud, etc.
such as ESA/WSA appliances, FireAMP Private Cloud, etc.
DHCP
If you are connected to a network configured to use DHCP, then follow the instructions provided in the Using
DHCP section of the Threat Grid Appliance Administrator's Guide.
DHCP section of the Threat Grid Appliance Administrator's Guide.
License
You will receive a license and password from Cisco AMP Threat Grid.
For questions about licenses, please contact support@threatgrid.com.
Organization and Users
Once you have completed the appliance setup and network configuration, you will need to create the initial
Threat Grid Organizations and user account(s), so people can login and begin submitting malware samples for
analysis. This task may require planning and coordination among multiple organizations and users, depending
on your requirements.
Threat Grid Organizations and user account(s), so people can login and begin submitting malware samples for
analysis. This task may require planning and coordination among multiple organizations and users, depending
on your requirements.
Managing Threat Grid Organizations and users is documented in the Threat Grid Appliance Administrator’s
Guide.
Guide.
Updates
The initial appliance setup and configuration steps must be completed before installing any Threat Grid
appliance updates.
appliance updates.
We recommend that you check for updates immediately after completing the initial configuration described in this
guide.
guide.
Updates must be done in sequence. Threat Grid Appliance updates cannot be downloaded until the license is
installed, and the update process requires the initial appliance configuration to be completed. Instructions for
updating the appliance are located in the Threat Grid Appliance Administrator's Guide.
installed, and the update process requires the initial appliance configuration to be completed. Instructions for
updating the appliance are located in the Threat Grid Appliance Administrator's Guide.
Note:
Verify that SSH is specified for updates.