Cisco Cisco Firepower Management Center 4000

A system policy allows you to manage the following on your FireSIGHT System appliances:

access control preferences

appliance access lists

audit log settings

authentication profiles

dashboard settings

database event limits

DNS cache properties

the mail relay host and notification address

tracking intrusion policy changes 

specifying a different language

custom login banners

SNMP polling settings

synchronizing time

STIG compliance

serving time from the Defense Center

user interface and command line interface timeout settings

mapping vulnerabilities for servers

You can use a system policy to control the aspects of your Defense Center that are likely to be similar 
for other appliances in your deployment. For example, your organization’s security policies may require 
that your appliances have a “No Unauthorized Use” message when a user logs in. With system policies, 
you can set the login banner once in a system policy on a Defense Center and then apply the policy to 
all the devices that it manages.

You can also benefit from having multiple system policies on a Defense Center. For example, if you have 
different mail relay hosts that you use under different circumstances or if you want to test different 
database limits, you can create several system policies and switch between them, rather than editing a 
single policy.

Contrast a system policy, which controls aspects of an appliance that are likely to be similar across a 
deployment, with system settings, which are likely to be specific to a single appliance. See 

 for more information.