Cisco Cisco Firepower Management Center 2000 설치 가이드
Installing the Firepower Management Center
Firepower Management Center Getting Started Guide
10
An exception occurs if you previously managed a device with a Management Center and you changed the device’s
initial interface configuration. In this case, the policy applied by this new Management Center page depends on
the changed (current) configuration of the device. If there are interfaces configured, the Management Center
applies the Default Intrusion Prevention policy. Otherwise, the Management Center applies the Default Access
Control policy.
initial interface configuration. In this case, the policy applied by this new Management Center page depends on
the changed (current) configuration of the device. If there are interfaces configured, the Management Center
applies the Default Intrusion Prevention policy. Otherwise, the Management Center applies the Default Access
Control policy.
If a device is incompatible with an access control policy, the policy apply fails. This incompatibility could occur for
multiple reasons, including licensing mismatches, model restrictions, passive vs inline issues, and other
misconfigurations. If the initial access control policy apply fails, the initial network discovery policy apply also fails.
After you resolve the issue that caused the failure, you must manually apply access control and network discovery
policies to the device. For more information about issues that could cause access control policy apply to fail, see
the Firepower Management Center Configuration Guide.
multiple reasons, including licensing mismatches, model restrictions, passive vs inline issues, and other
misconfigurations. If the initial access control policy apply fails, the initial network discovery policy apply also fails.
After you resolve the issue that caused the failure, you must manually apply access control and network discovery
policies to the device. For more information about issues that could cause access control policy apply to fail, see
the Firepower Management Center Configuration Guide.
To add a device, type its
Hostname
or
IP Address
, as well as the
Registration Key
you specified when you registered
the device. Remember this is a simple key that you specified, up to 37 characters in length, and is not the same
as a license key.
as a license key.
Then, use the check boxes to add licensed capabilities to the device. You can only select licenses you have already
added to the Management Center; see
added to the Management Center; see
.
Not all licenses are supported on all managed devices. However, the setup page does not prevent you from
enabling unsupported licenses on managed devices, or enabling a capability for which you do not have a
model-specific license. This is because the Management Center does not determine the device model until later.
The system cannot enable an invalid license, and attempting to enable an invalid license does not decrement your
available license count.
enabling unsupported licenses on managed devices, or enabling a capability for which you do not have a
model-specific license. This is because the Management Center does not determine the device model until later.
The system cannot enable an invalid license, and attempting to enable an invalid license does not decrement your
available license count.
After you enable licenses, click
Add
to save the device’s registration settings and, optionally, add more devices. If
you selected the wrong options or mis-typed a device name, click
Delete
to remove it. You can then re-add the
device.
End User License Agreement
Read the EULA carefully and, if you agree to abide by its provisions, select the check box. Make sure that all
the information you provided is correct, and click
the information you provided is correct, and click
Apply
.
The Management Center is configured according to your selections. You are logged into the web interface as
the
the
admin
Next Steps
After you complete the initial setup process for an appliance and verify its success, Cisco recommends that you
complete various administrative tasks that make your deployment easier to manage. You should also complete any
tasks you skipped during the initial setup, such as device registration and licensing. For detailed information on
any the tasks described in the following sections, as well as information on how you can begin to configure your
deployment, see the Firepower Management Center Configuration Guide.
complete various administrative tasks that make your deployment easier to manage. You should also complete any
tasks you skipped during the initial setup, such as device registration and licensing. For detailed information on
any the tasks described in the following sections, as well as information on how you can begin to configure your
deployment, see the Firepower Management Center Configuration Guide.
Passive
Default Intrusion Prevention
Access Control
Default Access Control
Network Discovery
Default Network Discovery
Table 1
Default Access Control Policy Applied Per Detection Mode (continued)
Detection Mode
Default Access Control Policy