Cisco Cisco Firepower Management Center 2000

Protection

Adding a variable to any set adds it to all sets; that is, each variable set is a collection of all variables 
currently configured on your system. Within any variable set, you can add user-defined variables and 
customize the value of any variable.

Initially, the FireSIGHT System provides a single, default variable set comprised of predefined default 
values. Each variable in the default set is initially set to its default value, which for a predefined variable 
is the value set by the VRT and provided in rule updates.

Although you can leave predefined default variables configured to their default values, Cisco 
recommends that you modify a subset of predefined variables as described in 

You could work with variables only in the default set, but in many cases you can benefit most by adding 
one or more custom sets, configuring different variable values in different sets, and perhaps even adding 
new variables.

When using multiple sets, it is important to remember that the current value of any variable in the default 
set determines the default value of the variable in all other sets. 

The following diagram illustrates set interactions when you add the user-defined variable 

Var1

 to the 

default set with the value 

192.168.1.0/24

.

$SSH_SERVERS

Defines SSH servers on your network, and is used in rules that 
address SSH-targeted exploits.

Yes, if you run SSH servers, you 
should adequately define 

$HOME_NET

 

and then include 

$HOME_NET

 as the 

value for 

$SSH_SERVERS.

$TELNET_SERVERS

Defines known Telnet servers on your network, and is used in 
rules that address Telnet server-targeted exploits.

Yes, if you run Telnet servers.

$USER_CONF

Provides a general tool that allows you to configure one or more 
features not otherwise available via the web interface. See 

.

Conflicting or duplicate 

$USER_CONF

 configurations 

will halt the system. See 

No, only as instructed in a feature 
description or with the guidance of 
Support.