Cisco 2000 Руководство по началу работы - Страница 8
Просмотреть онлайн или скачать pdf Руководство по началу работы для Сервер Cisco 2000. Cisco 2000 31 страница.
Recurring Rule Update Imports
As new vulnerabilities become known, the Vulnerability Research Team (VRT) releases intrusion rule updates. Rule
updates provide new and updated intrusion rules and preprocessor rules, modified states for existing rules, and
modified default intrusion policy settings. Rule updates may also delete rules and provide new rule categories and
system variables.
If you plan to perform intrusion detection and prevention in your deployment, Cisco recommends that you
Recurring Rule Update Imports from the Support Site
You can specify the
rule update. To perform a rule update as part of the initial configuration process, select
Rule updates may contain new binaries. Make sure your process for downloading and installing rule updates
complies with your security policies. In addition, rule updates may be large, so make sure to import rules during
periods of low network use.
Recurring Geolocation Updates
Firepower Management Centers can display geographical information about the routed IP addresses associated
with events generated by the system, as well as monitor geolocation statistics in the dashboard and Context
Explorer.
The Management Center's geolocation database (GeoDB) contains information such as an IP address's associated
Internet service provider (ISP), connection type, proxy information, and exact location. Enabling regular GeoDB
updates ensures that the system uses up-to-date geolocation information. If you plan to perform
geolocation-related analysis in your deployment, Cisco recommends that you
.
the Support Site
You can specify the weekly update frequency for the GeoDB. Click the time zone to change it using a pop-up
window. To download the database as part of the initial configuration process, select
GeoDB updates may be large and may take up to 45 minutes to install after download. You should update the
GeoDB during periods of low network use.
Automatic Backups
The Firepower Management Center provides a mechanism for archiving data so configurations can be restored in
case of failure. As part of the initial setup, you can
Enabling this setting creates a scheduled task that creates a weekly backup of the configurations on the
Management Center.
License Settings
You use the Firepower Management Center to manage licenses for itself and the devices it manages. The license
types offered by the Firepower System depend upon the type of device you want to manage:
For 7000 and 8000 Series, ASA FirePOWER, and NGIPSv devices, you must use Classic Licenses. Devices
that use Classic Licenses are sometimes referred to as Classic devices.
For Firepower Threat Defense physical and virtual devices, you must use Smart Licenses.
Before you add a classic license to the Firepower Management Center, make sure you have the PAK provided by
Cisco when you purchased the license. If you have a legacy, pre-Cisco license, contact Support.
Note:
You must enable Classic Licenses on your managed devices before you can use licensed features. You can
enable a license during the initial setup of the Firepower Management Center, when you add a device to the
Firepower Management Center, or by editing the device's general properties after you add the device.
Cisco Firepower Management Center Getting Started Guide
Import Frequency
, as well as configure the system to perform an intrusion
.
Enable Automatic Backups
Installing the Firepower Management Center
Policy Reapply
Install Now
Enable Recurring Weekly Updates from
Install Now
.
Enable
after each
.
.
8