Name: Cisco ASA 5512-X
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

7-10

Cisco ASA Series Firewall CLI Configuration Guide

Chapter 7 ASA FirePOWER Module

Configure the ASA FirePOWER Module

• {hostname | IPv4_address | IPv6_address | DONTRESOLVE} specifies either the fully qualified

host name or IP address of the FireSIGHT Management Center. If the FireSIGHT Management

Center is not directly addressable, use DONTRESOLVE.

• reg_key is the unique alphanumeric registration key required to register a ASA FirePOWER module

to the FireSIGHT Management Center.

• nat_id is an optional alphanumeric string used during the registration process between the

FireSIGHT Management Center and the ASA FirePOWER module. It is required if the hostname is

set to DONTRESOLVE.

Step 4 Close the console connection. For the software module, enter:

> exit

Configure the ASA FirePOWER Module

Configure the security policy in the ASA FirePOWER OS, and then configure the ASA to send traffic to

the module.

• Configure the Security Policy on the ASA FirePOWER Module, page 7-10

• Redirect Traffic to the ASA FirePOWER Module, page 7-10

Configure the Security Policy on the ASA FirePOWER Module

The security policy controls the services provided by the module, such as Next Generation IPS filtering

and application filtering. You configure the security policy on the ASA FirePOWER module using one

of the following methods.

For more information about ASA FirePOWER configuration, see the online help or the ASA

FirePOWER Module User Guide or FireSIGHT System User Guide.

FireSIGHT Management Center (All Models)

Use a web browser to open https://DC_address, where DC_address is the DNS name or IP address of

the manager you defined in Configure ASA FirePOWER Basic Settings, page 7-9. For example,

https://dc.example.com.

Alternatively, in ASDM, choose Home > ASA FirePOWER Status and click the link at the bottom of

the dashboard.

ASDM (ASA 5506-X, 5508-X, and 5516-X)

In ASDM, choose Configuration > ASA FirePOWER Configuration.

Redirect Traffic to the ASA FirePOWER Module

For inline and inline tap (monitor-only) modes, you configure a service policy to redirect traffic to the

module. If you want passive monitor-only mode, you configure a traffic redirection interface, which

bypasses ASA policies.

The following topics explain how to configure these modes.

Cisco ASA 5512-X Configuration Guide

Other manuals for Cisco ASA 5512-X