Cisco Cisco FirePOWER Appliance 8130
27-25
FireSIGHT System User Guide
Chapter 27 Using the FireSIGHT System as a Compliance Tool
Working with Shared Host Profiles
The system creates one or more baseline shared host profiles. You can edit or delete these shared
host profiles as described in
host profiles as described in
and
. To add any other shared host profiles you might need, continue with the
next step.
•
To skip surveying your network, continue with the next step.
Step 4
Next to
Shared Host Profiles
, click the add icon (
).
The settings for the new shared host profile appear.
Step 5
In the
Name
field, type a descriptive name for the shared host profile.
Step 6
From the
OS Vendor
,
OS Name
, and
Version
drop-down lists, pick the operating system and version for
which you want to create a shared host profile.
Step 7
Specify the application protocols you want to allow. You have three options:
•
To allow all application protocols, select the
Allow all Application Protocols
check box.
•
To allow no application protocols, leave the
Allow all Application Protocols
check box cleared.
•
To allow specific application protocols, next to
Allowed Application Protocols
, follow the directions in
Step 8
Specify the clients you want to allow. You have three options:
•
To allow all clients, select the
Allow all Clients
check box.
•
To allow no clients, leave the
Allow all Clients
check box cleared.
•
.
Step 9
Specify the web applications you want to allow. You have three options:
•
To allow all web applications, select the
Allow all Web Applications
check box.
•
To allow no web applications, leave the
Allow all Web Applications
check box cleared.
•
To allow specific web applications, follow the directions in
.
Step 10
Specify the protocols you want to allow.
To add a protocol, next to
Allowed Protocols
, follow the directions in
. Note that ARP, IP, TCP, and UDP are always allowed.
Step 11
Click
Save all Profiles
to save your changes.
The shared host profile is created. You can now add the shared host profile to any compliance white list.
Modifying a Shared Host Profile
License:
FireSIGHT
Modifying a shared host profile changes the profile for all the white lists it belongs to. For the white lists
that use the shared host profile and are also used in an active correlation policy, modifying a shared host
profile may bring hosts into or out of compliance, but does not generate white list events.
that use the shared host profile and are also used in an active correlation policy, modifying a shared host
profile may bring hosts into or out of compliance, but does not generate white list events.