Cisco Cisco Firepower Management Center 4000

You cannot disable this setting without assistance from Support. In addition, this setting may 
substantially impact the performance of your system. Cisco does not recommend enabling STIG 
compliance except to comply with Department of Defense security requirements. 

Admin

Select 

.

The System Policy page appears.

You have the following options:

To modify the time settings in an existing system policy, click the edit icon (

) next to the system 

policy.

To configure the time settings as part of a new system policy, click 

.

Provide a name and description for the system policy as described in 

, and click 

.

In either case, the Access List page appears.

Click 

.

The STIG Compliance page appears.

If you want to permanently enable STIG compliance on the appliance, select 

.

You cannot disable STIG compliance on an appliance after you apply a policy with STIG compliance 
enabled. If you need to disable compliance, contact Support. 

Click 

.

The system policy is updated. Your changes do not take effect until you apply the system policy. See 

 for more information.

When you apply a system policy that enables STIG compliance to an appliance, note that the appliance 
reboots. Note that if you apply a system policy with STIG enabled to an appliance that already has STIG 
enabled, the appliance does not reboot. 

In addition, you need to re-register devices after enabling STIG compliance if the devices were upgraded 
from versions earlier than Version 5.2.0. 

Any

You can manage time synchronization on the appliance using the Time Synchronization page. You can 
choose to synchronize the time:

manually

using one or more NTP servers (one of which can be a Defense Center)