Cisco Cisco FirePOWER Appliance 7125 Installationsanleitung
Version 5.3
Sourcefire 3D System Installation Guide
116
Setting Up a Sourcefire 3D System Appliance
Next Steps
Chapter 4
Individual User Accounts
After you complete the initial setup, the only user on the system is the
admin
user, which has the Administrator role and access. Users with that role have full
menu and configuration access to the system, including via the shell or CLI.
Sourcefire recommends that you limit the use of the
admin
account (and the
Administrator role) for security and auditing reasons.
Creating a separate account for each person who will use the system allows your
Creating a separate account for each person who will use the system allows your
organization not only to audit actions and changes made by each user, but also to
limit each person’s associated user access role or roles. This is especially
important on the Defense Center, where you perform most of your configuration
and analysis tasks. For example, an analyst needs access to event data to analyze
the security of your network, but may not require access to administrative
functions for the deployment.
The system includes ten predefined user roles designed for a variety of
The system includes ten predefined user roles designed for a variety of
administrators and analysts. You can also create custom user roles with
specialized access privileges.
Health and System Policies
By default, all appliances have an initial system policy applied. The system policy
governs settings that are likely to be similar for multiple appliances in a
deployment, such as mail relay host preferences and time synchronization
settings. Sourcefire recommends that you use the Defense Center to apply the
same system policy to itself and all the devices it manages.
By default, the Defense Center also has a health policy applied. A health policy, as
By default, the Defense Center also has a health policy applied. A health policy, as
part of the health monitoring feature, provides the criteria for the system
continuously monitoring the performance of the appliances in your deployment.
Sourcefire recommends that you use the Defense Center to apply a health policy
to all the devices it manages.
Software and Database Updates
You should update the system software on your appliances before you begin any
deployment. Sourcefire recommends that all the appliances in your deployment
run the most recent version of the Sourcefire 3D System. If you are using them in
your deployment, you should also install the latest intrusion rule updates, VDB,
and GeoDB.
WARNING!
Before you update any part of the Sourcefire 3D System, you must
read the release notes or advisory text that accompanies the update. The release
notes provide important information, including supported platforms, compatibility,
prerequisites, warnings, and specific installation and uninstallation instructions.