Cisco Cisco Firepower Management Center 2000 Installationsanleitung
4-2
Cisco NGIPS for Blue Coat X-Series Installation and Configuration Guide
Chapter 4 Setting Up the Defense Center
Adding Cisco NGIPS for Blue Coat X-Series to the Defense Center
Tip
Obtain and add all licenses to the Defense Center before you add Cisco NGIPS for Blue Coat X-Series
to the Defense Center so that you can add licenses when you add the devices to the Defense Center. For
information on licensing, see Licensing the FireSIGHT System in the FireSIGHT System User Guide.
to the Defense Center so that you can add licenses when you add the devices to the Defense Center. For
information on licensing, see Licensing the FireSIGHT System in the FireSIGHT System User Guide.
To add Cisco NGIPS for Blue Coat X-Series to a Defense Center:
Step 1
Log into the Defense Center’s web interface using a user account with Administrator access, and select
Devices > Device Management
.
The Device Management page appears.
Step 2
From the
Add
drop-down menu, select
Add Device
.
The Add Device pop-up window appears.
Step 3
In the
Host
field, type the IP address of Cisco NGIPS for Blue Coat X-Series you want to add. This is the
IP address that you assigned in
.
Step 4
In the
Registration Key
field, type the same registration key you set in step 6 of
.
Step 5
Optionally, add the device to a device group by selecting the group from the
Group
drop-down list.
You can configure device groups to correspond to VAP groups to make it easier to manage devices. For
more information about device groups, see Managing Device Groups in the FireSIGHT System User
Guide.
more information about device groups, see Managing Device Groups in the FireSIGHT System User
Guide.
Step 6
From the
Access Control Policy
drop-down list, select an initial policy to apply to the device:
•
The
Default Access Control
policy blocks all traffic from entering your network.
•
The
Default Intrusion Prevention
policy allows all traffic that is also passed by the Balanced Security
and Connectivity policy.
•
The
Default Network Discovery
policy allows all traffic, which is inspected by network discovery only.
•
You can select any existing user-defined access control policy.
For more information, see Using Access Control Policies in the FireSIGHT System User Guide.
Step 7
Select licenses to enable on the device. Note that:
•
Control and Malware licenses are not supported on Cisco NGIPS for Blue Coat X-Series.
•
the URL Filtering license requires a Protection license.
•
Although you can enable a Control license on Cisco NGIPS for Blue Coat X-Series, Cisco NGIPS
for Blue Coat X-Series does not support fast-path rules, switching, routing, clustering, or NAT.
for Blue Coat X-Series does not support fast-path rules, switching, routing, clustering, or NAT.
•
Although a FireSIGHT license is enabled on Cisco NGIPS for Blue Coat X-Series, Cisco NGIPS for
Blue Coat X-Series does not support geolocation.
Blue Coat X-Series does not support geolocation.
For more information, see Licensing the FireSIGHT System in the FireSIGHT System User Guide.
Step 8
If you used a NAT ID to identify the Cisco NGIPS for Blue Coat X-Series installation when you
configured it to be managed by the Defense Center, expand the
configured it to be managed by the Defense Center, expand the
Advanced
section and enter the same NAT
ID in the
Unique NAT ID
field.
Step 9
To allow the device to transfer packets to the Defense Center, select the
Transfer Packets
check box.
This option is enabled by default. If you disable it, you completely prohibit packet transfer to the
Defense Center.
Defense Center.
Step 10
Click
Register
.