Cisco Cisco Firepower Management Center 4000
50-27
FireSIGHT System User Guide
Chapter 50 Managing System Policies
Configuring a System Policy
To configure user interface settings:
Access:
Admin
Step 1
Select
System > Local > System Policy
.
The System Policy page appears.
Step 2
You have the following options:
•
To modify user interface settings in an existing system policy, click the edit icon (
) next to the
system policy.
•
To configure user interface settings as part of a new system policy, click
Create Policy
.
Provide a name and description for the system policy as described in
, and click
Save
.
In either case, the Access List page appears.
Step 3
Click
User Interface
.
The User Interface page appears.
Step 4
You have the following options:
•
To configure session timeout for the web interface, type a number (of minutes) in the
Browser Session
Timeout (Minutes)
field. The default value is
60
; the maximum value is
1440
(24 hours).
For information on how to exempt users from this session timeout, see
.
•
To configure session timeout for the command line interface, type a number (of minutes) in the
Shell
Timeout (Minutes)
field. The default value is
0
; the maximum value is
1440
(24 hours).
•
To permanently disable the
expert
command in the command line interface, select the
Permanently
Disable Expert Access
check box.
Caution
After you apply a system policy with expert mode disabled to an appliance, you cannot restore the ability
to access expert mode through the web interface or the command line. You must contact Support to
restore the expert mode capability.
to access expert mode through the web interface or the command line. You must contact Support to
restore the expert mode capability.
Step 5
Click
Save Policy and Exit
.
The system policy is updated. Your changes do not take effect until you apply the system policy to the
Defense Center and its managed devices. Changes to session timeout intervals do not take effect until
the next login session.
Defense Center and its managed devices. Changes to session timeout intervals do not take effect until
the next login session.
Mapping Vulnerabilities for Servers
License:
Protection
The FireSIGHT System automatically maps vulnerabilities to a host IP address for any application
protocol traffic received or sent from that address, when the server has an application ID in the discovery
event database and the packet header for the traffic includes a vendor and version.
protocol traffic received or sent from that address, when the server has an application ID in the discovery
event database and the packet header for the traffic includes a vendor and version.
However, many servers do not include vendor and version information. For the server listed in the system
policy, you can configure whether the system associates vulnerabilities with server traffic for vendor and
versionless servers.
policy, you can configure whether the system associates vulnerabilities with server traffic for vendor and
versionless servers.