Quick Start: Basic Setup
The Firepower feature set is powerful and flexible enough to support basic and advanced configurations. Use the following sections to quickly set up a Firepower Management Center and its managed devices to begin controlling and analyzing traffic.
Installing and Performing Initial Setup on Physical Appliances
Procedure
Install and perform initial setup on all physical appliances using the documentation for your appliance:
|
Deploying Virtual Appliances
Follow these steps if your deployment includes virtual appliances. Use the documentation roadmap to locate the documents listed below: http://www.cisco.com/c/en/us/td/docs/security/firepower/roadmap/firepower-roadmap.html.
Procedure
Step 1 |
Determine the supported virtual platforms you will use for the Management Center and devices (these may not be the same). See the Cisco Firepower Compatibility Guide. |
Step 2 |
Deploy virtual Firepower Management Centers on the supported Public and Private cloud environment. See, Cisco Secure Firewall Management Center Virtual Getting Started Guide. |
Step 3 |
Deploy virtual devices for your appliance on the supported Public and Private cloud environment. For details, see the following documentation.
|
Logging In for the First Time
Before logging in to a new FMC for the first time, prepare the appliance as described in Installing and Performing Initial Setup on Physical Appliances or Deploying Virtual Appliances.
The first time you log in to a new FMC (or an FMC newly restored to factory defaults), use the admin account for either the CLI or the web interface and follow the instructions in the Cisco Firepower Management Center Getting Started Guide for your FMC model. Once you complete the initial configuration process, the following aspects of your system will be configured:
-
The passwords for the two admin accounts (one for web interface access and the other for CLI access) will be set to the same value, complying with strong password requirements as described in Guidelines and Limitations for User Accounts. The system synchronizes the passwords for the two admin accounts only during the initial configuration process. If you change the password for either admin account thereafter, they will no longer be the same and the strong password requirement can be removed from the web interface admin account. (See Add an Internal User at the Web Interface.)
-
The following network settings the FMC uses for network communication through its management interface (eth0) will be set to default values or values you supply:
-
Fully qualified domain name (
<hostname>.<domain>
) -
Boot protocol for IPv4 configuration (DHCP or Static/Manual)
-
IPv4 address
-
Network mask
-
Gateway
-
DNS Servers
-
NTP Servers
Values for these settings can be viewed and changed through the FMC web interface; see Modify FMC Management Interfaces and Time and Time Synchronization for more information.
-
-
As a part of initial configuration the FMC configures a weekly automatic GeoDB update. You can observe the status of this update using the web interface Message Center. If configuring the update fails and your FMC has internet access, we recommend you configure regular GeoDB updates as described in Schedule GeoDB Updates.
-
As a part of initial configuration the FMC schedules a weekly task to download the latest software for the FMC and its managed devices. You can observe the status of this task using the web interface Message Center. If the task scheduling fails and your FMC has internet access, we recommend you schedule a recurring task for downloading software updates as described in Automating Software Downloads.
Important
This task only downloads software updates to the FMC. It is your responsibility to install any updates this task downloads. See the Cisco Firepower Management Center Upgrade Guide for more information.
-
As a part of initial configuration the FMC schedules a weekly task to perform a locally-stored configuration-only backup. You can observe the status of this task using the web interface Message Center. If the task scheduling fails we recommend you schedule a recurring task to perform a backup as described in Schedule FMC Backups.
On completion of FMC initial configuration, the web interface displays the device management page, described in Device Management Basics. (This is the default login page only for the first time the admin user logs in. On subsequent logins by the admin or any user, the default login page is determined as described in Specifying Your Home Page.)
Once you have completed the initial configuration, begin controlling and analyzing traffic by configuring basic policies as described in Setting Up Basic Policies and Configurations.
Setting Up Basic Policies and Configurations
You must configure and deploy basic policies in order to see data in the dashboard, Context Explorer, and event tables.
Note |
This is not a full discussion of policy or feature capabilities. For guidance on other features and more advanced configurations, see the rest of this guide. |
Before you begin
-
Log into the web interface using the admin account for either the web interface or CLI and perform the initial configuration as described in the Cisco Firepower Management Center Getting Started Guide for your hardware model, available from https://www.cisco.com/c/en/us/support/security/defense-center/products-installation-guides-list.html.
Procedure
Step 1 |
Set a time zone for this account as described in Setting Your Default Time Zone. |
Step 2 |
If needed, add licenses as described in Licensing the Firepower System. |
Step 3 |
Add managed devices to your deployment as described in Add a Device to the FMC. |
Step 4 |
Configure your managed devices as described in:
|
Step 5 |
Configure an access control policy as described in Creating a Basic Access Control Policy.
|
Step 6 |
Apply the system-provided default health policy as described in Applying Health Policies. |
Step 7 |
Customize a few of your system configuration settings:
|
Step 8 |
Customize your network discovery policy as described in Configuring the Network Discovery Policy. By default, the network discovery policy analyzes all traffic on your network. In most cases, Cisco suggests restricting discovery to the addresses in RFC 1918. |
Step 9 |
Consider customizing these other common settings:
|
Step 10 |
Deploy configuration changes; see Deploy Configuration Changes. |
What to do next
-
Review and consider configuring other features described in Firepower Features and the rest of this guide.