Cisco Cisco FirePOWER Appliance 8350 Guia Da Instalação
4-13
FireSIGHT System Installation Guide
Chapter 4 Setting Up a FireSIGHT System Appliance
Initial Setup Page: Defense Centers
Network Settings
A Defense Center’s network settings allow it to communicate on your management network. If you
already configured the network settings, this section of the page may be prepopulated.
already configured the network settings, this section of the page may be prepopulated.
The FireSIGHT System provides a dual stack implementation for both IPv4 and IPv6 management
environments. You must specify the management network protocol (
environments. You must specify the management network protocol (
IPv4
,
IPv6
, or
Both
). Depending on
your choice, the setup page displays various fields where you must set the IPv4 or IPv6 management IP
address, netmask or prefix length, and default gateway:
address, netmask or prefix length, and default gateway:
•
For IPv4, you must set the address and netmask in dotted decimal form (for example: a netmask of
255.255.0.0).
255.255.0.0).
•
For IPv6 networks, you can select the
Assign the IPv6 address using router autoconfiguration
check box
to automatically assign IPv6 network settings. Otherwise, you must set the address in
colon-separated hexadecimal form and the number of bits in the prefix (for example: a prefix length
of 112).
colon-separated hexadecimal form and the number of bits in the prefix (for example: a prefix length
of 112).
You can also specify up to three DNS servers, as well as the host name and domain for the device.
Time Settings
You can set the time for a Defense Center either manually or via network time protocol (NTP) from an
NTP server.
NTP server.
You can also specify the time zone used on the local web interface for the
admin
account. Click the
current time zone to change it using a pop-up window.
Recurring Rule Update Imports
License:
Protection
As new vulnerabilities become known, the Vulnerability Research Team (VRT) releases intrusion rule
updates. Rule updates provide new and updated intrusion rules and preprocessor rules, modified states
for existing rules, and modified default intrusion policy settings. Rule updates may also delete rules and
provide new rule categories and system variables.
updates. Rule updates provide new and updated intrusion rules and preprocessor rules, modified states
for existing rules, and modified default intrusion policy settings. Rule updates may also delete rules and
provide new rule categories and system variables.
If you plan to perform intrusion detection and prevention in your deployment, Cisco recommends that
you
you
Enable Recurring Rule Update Imports
.
You can specify the
Import Frequency
, as well as configure the system to perform an intrusion
Policy
Reapply
after each rule update. To perform a rule update as part of the initial configuration process, select
Install Now
.
Note
Rule updates may contain new binaries. Make sure your process for downloading and installing rule
updates complies with your security policies. In addition, rule updates may be large, so make sure to
import rules during periods of low network use.
updates complies with your security policies. In addition, rule updates may be large, so make sure to
import rules during periods of low network use.
Recurring Geolocation Updates
Supported Defense Centers:
Any except DC500
You can use most Defense Centers to view geographical information about the routed IP addresses
associated with events generated by the system, as well as monitor geolocation statistics in the dashboard
and Context Explorer.
associated with events generated by the system, as well as monitor geolocation statistics in the dashboard
and Context Explorer.