Cisco Cisco Firepower Management Center 2000

If you plan to use Version 2.2 of the User Agent to send LDAP login data to your Version 5.x Defense 
Centers, you must configure a connection for each agent on each Defense Center where you want the 
agent to connect. That connection allows the agent to establish a secure connection with the Defense 
Center, over which it can send data. 

In addition, if you are planning to implement user access control, you must set up a connection to each 
Microsoft Active Directory server where you plan to collect data, with user awareness parameters 
configured.

For more information, see the following sections:

The first step in collecting LDAP user login information using User Agents is to configure each Defense 
Center to allow connections from the agents you plan to connect to your Active Directory servers. This 
chapter describes the procedure for authorizing an agent connection on a Version 5.x Defense Center.

Admin/Discovery Admin

Select 

.

Click 

.

Type a descriptive name for the agent in the 

 field.

Type the IP address or host name of the computer where the agent will reside in the 

 

field. You must use an IPv4 address; you cannot configure the Defense Center to connect to a User Agent 
using an IPv6 address.

Click 

. 

The Defense Center can now connect to a User Agent on the configured host.

You have the following options:

If you want to perform user control, continue with 

If you do not want to perform user control, continue with 

.

If you want to perform user control (that is, write access control rules with user conditions), you must 
configure and enable a connection between the Defense Center and at least one of your organization’s 
Microsoft Active Directory servers. This configuration, called an LDAP connection or a user awareness