Cisco Cisco FirePOWER Appliance 7030
49-6
FireSIGHT System User Guide
Chapter 49 Scheduling Tasks
Automating Applying an Intrusion Policy
operating systems, applications, or servers up to date. If the host is deleted from the network map and
re-added, any Nmap scan results are discarded and the system resumes monitoring of all operating
system and service data for the host.
re-added, any Nmap scan results are discarded and the system resumes monitoring of all operating
system and service data for the host.
To automate Nmap scanning:
Access:
Admin/Maint
Step 1
Select
System > Tools > Scheduling
.
The Scheduling page appears.
Step 2
Click
Add Task
.
The New Task page appears.
Step 3
From the
Job Type
list, select
Nmap Scan
.
The page reloads to show the options for automating Nmap scans.
Step 4
Specify how you want to schedule the task,
Once
or
Recurring
:
•
For one-time tasks, use the drop-down lists to specify the start date and time. The
Current Time
field
indicates the current time on the appliance.
•
For recurring tasks, you have several options for setting the interval between instances of the task.
See
See
for details.
Step 5
In the
Job Name
field, type a name using up to 255 alphanumeric characters, spaces, or dashes.
Step 6
In the
Nmap Remediation
field, select the Nmap remediation to use when running the scan.
Step 7
In the
Nmap Target
field, select the scan target that defines the target hosts you want to scan.
Step 8
Optionally, in the
Comment
field, type a comment using up to 255 alphanumeric characters, spaces, or
periods.
Tip
The comment field appears in the View Tasks section of the page, so you should try to keep it relatively
short.
short.
Step 9
Optionally, in the
Email Status To:
field, type the email address (or multiple email addresses separated by
commas) where you want status messages sent.
You must have a valid email relay server configured to send status messages. See
for more information about configuring a relay host.
Step 10
Click
Save
.
The task is added. You can check the status of a running task on the Task Status page; see
.
Automating Applying an Intrusion Policy
License:
Protection
You can queue an intrusion policy apply to a managed device. This task only applies the intrusion policy
if an access control policy that references the intrusion policy is applied to the selected device when the
task runs. Otherwise, the task aborts before completion.
if an access control policy that references the intrusion policy is applied to the selected device when the
task runs. Otherwise, the task aborts before completion.