Cisco Cisco Firepower Management Center 2000
2-3
FireSIGHT User Agent Configuration Guide
Chapter 2 Setting up a User Agent
Preparing to Connect to a Version 5.x Defense Center
Preparing to Connect to a Version 5.x Defense Center
If you plan to use Version 2.2 of the User Agent to send LDAP login data to your Version 5.x Defense
Centers, you must configure a connection for each agent on each Defense Center where you want the
agent to connect. That connection allows the agent to establish a secure connection with the Defense
Center, over which it can send data.
Centers, you must configure a connection for each agent on each Defense Center where you want the
agent to connect. That connection allows the agent to establish a secure connection with the Defense
Center, over which it can send data.
In addition, if you are planning to implement user access control, you must set up a connection to each
Microsoft Active Directory server where you plan to collect data, with user awareness parameters
configured.
Microsoft Active Directory server where you plan to collect data, with user awareness parameters
configured.
For more information, see the following sections:
•
•
Setting up a User Agent on the Defense Center
The first step in collecting LDAP user login information using User Agents is to configure each Defense
Center to allow connections from the agents you plan to connect to your Active Directory servers. This
chapter describes the procedure for authorizing an agent connection on a Version 5.x Defense Center.
Center to allow connections from the agents you plan to connect to your Active Directory servers. This
chapter describes the procedure for authorizing an agent connection on a Version 5.x Defense Center.
To configure the Defense Center to connect to a User Agent:
Access:
Admin/Discovery Admin
Step 1
Select
Policies > Users
.
Step 2
Click
Add User Agent
.
Step 3
Type a descriptive name for the agent in the
Name
field.
Step 4
Type the IP address or host name of the computer where the agent will reside in the
Hostname or IP Address
field. You must use an IPv4 address; you cannot configure the Defense Center to connect to a User Agent
using an IPv6 address.
using an IPv6 address.
Step 5
Click
Add User Agent
.
The Defense Center can now connect to a User Agent on the configured host.
Step 6
You have the following options:
•
If you want to perform user control, continue with
•
If you do not want to perform user control, continue with
.
Setting up an LDAP Connection to Allow User Access Control
If you want to perform user control (that is, write access control rules with user conditions), you must
configure and enable a connection between the Defense Center and at least one of your organization’s
Microsoft Active Directory servers. This configuration, called an LDAP connection or a user awareness
configure and enable a connection between the Defense Center and at least one of your organization’s
Microsoft Active Directory servers. This configuration, called an LDAP connection or a user awareness