Cisco Cisco Firepower Management Center 4000
50-18
FireSIGHT System User Guide
Chapter 50 Managing System Policies
Configuring a System Policy
•
To configure the email settings as part of a new system policy, click
Create Policy
.
Provide a name and description for the system policy as described in
, and click
Save
.
In either case, the Access List page appears.
Step 3
Click
Email Notification
.
The Configure Email Notification page appears.
Step 4
In the
Mail Relay Host
field, type the hostname or IP address of the mail server you want to use.
Note
The mail host you enter must allow access from the appliance.
Step 5
Enter the port number to use on the email server in the
Port Number
field. Typical ports include 25, when
using no encryption, 465, when using SSLv3, and 587, when using TLS.
Step 6
To select an encryption method, you have the following options:
•
To encrypt communications between the appliance and the mail server using Transport Layer
Security, select
Security, select
TLS
from the
Encryption Method
drop-down list.
•
To encrypt communications between the appliance and the mail server using Secure Socket Layers,
select
select
SSLv3
from the
Encryption Method
drop-down list.
•
To allow unencrypted communication between the appliance and the mail server, select
None
from
the
Encryption Method
drop-down list.
Note that certificate validation is not required for encrypted communication between the appliance and
mail server.
mail server.
Step 7
Enter a valid email address in the
From Address
field for use as the source email address for messages sent
by the appliance.
Step 8
Optionally, to supply a user name and password when connecting to the mail server, select
Use
Authentication
. Enter a user name in the
Username
field. Enter a password in the
Password
field.
Step 9
To send a test email using the configured mail server, click
Test Mail Server Settings
.
A message appears next to the button indicating the success or failure of the test.
Step 10
Click
Save Policy and Exit
.
The system policy is updated. Your changes do not take effect until you apply the system policy. See
Configuring Intrusion Policy Preferences
License:
Protection
You can configure the system to prompt users for a comment when they modify an intrusion policy. You
can use this to track users’ reasons for policy changes. If you enable comments on intrusion policy
changes, you can make the comments optional or mandatory. The change description is written to the
audit log.
can use this to track users’ reasons for policy changes. If you enable comments on intrusion policy
changes, you can make the comments optional or mandatory. The change description is written to the
audit log.
You can also have all intrusion policy changes written to the audit log. For more information on the audit
log, see
log, see