Cisco Cisco Firepower Management Center 2000
C H A P T E R
1-1
FireSIGHT User Agent Configuration Guide
1
Introduction
Version 2.2 of the User Agent works in conjunction with FireSIGHT System managed devices to gather
user data. If you are using the agent with Version 5.x of the FireSIGHT System, the User Agent is also
essential to implementing user access control.
user data. If you are using the agent with Version 5.x of the FireSIGHT System, the User Agent is also
essential to implementing user access control.
User Agents monitor Microsoft Active Directory servers and report logins and logoffs authenticated via
LDAP. The FireSIGHT System integrates these records with the information it collects via direct
network traffic observation by managed devices.
LDAP. The FireSIGHT System integrates these records with the information it collects via direct
network traffic observation by managed devices.
For more information, see the following sections:
•
•
Major Changes to the User Agent Version 2.2
If you are upgrading your User Agent to Version 2.2, please note the following changes:
•
When you remove Version 2.0 to Version 2.1.1 of the agent, you must back up the database to
preserve your configuration settings. See
preserve your configuration settings. See
for more
information.
However, Version 2.2 of the agent preserves configuration settings for future upgrades
automatically. If you uninstall and reinstall Version 2.2 of the agent, you do not need to manually
back up the database.
automatically. If you uninstall and reinstall Version 2.2 of the agent, you do not need to manually
back up the database.
•
The agent can detect logins to a configured Active Directory server. When configuring the
connection, select an IP address from the
connection, select an IP address from the
Local Login IP Address
field.
•
Configured Active Directory server connections support user passwords of up to 64 characters.
•
The agent now supports an
Active Directory Server Max Poll Length
of 1 minute and 5 minutes. The
shorter maximum poll lengths can improve real-time monitoring performance and logout detection.
Understanding User Agents
The concepts in this section focus on the role of the User Agent in implementing user discovery on the
FireSIGHT System. For a more detailed discussion of all concepts related to user discovery and network
discovery (or RNA, in Version 4.x documentation), see the FireSIGHT System User Guide for the version
of the FireSIGHT System running on your appliances.
FireSIGHT System. For a more detailed discussion of all concepts related to user discovery and network
discovery (or RNA, in Version 4.x documentation), see the FireSIGHT System User Guide for the version
of the FireSIGHT System running on your appliances.
For more information, see the following sections: