FirePOWER Agent – Real-Time Status ‘Unavailable’
Jul02

FirePOWER Agent – Real-Time Status ‘Unavailable’

KB ID 0001323 Dtd 01/07/17 Problem I was deploying a Cisco FirePOWER user agent last week, but once setup, the agent reported that the Real-Time status for SOME of the domain controllers was permanently¬†‘Unavailable’. Now I know you have to be patient with these things so I went and had a coffee. Still it refused to ‘go green’. Solution I addition to all the other rights and firewall rules that you normally...

Read More
Cisco FirePOWER Management Center Appliance – Allowing Domain Authentication
Jun28

Cisco FirePOWER Management Center Appliance – Allowing Domain Authentication

KB ID 0001117 Dtd¬†28/06/17 Problem Once deployed, authentication is handled by the appliances own internal user database, in larger organisations this is a little impractical. So the ability to create an Active Directory Group, and delegate access to Firesight to members of that group is a little more versatile. Solution I’m making the assumption that the appliance does not already have external authentication setup at all, so...

Read More
Deploy Cisco FirePOWER Management Center (Appliance)
Nov30

Deploy Cisco FirePOWER Management Center (Appliance)

KB ID 0001263 Dtd 30/11/16 Problem You have been able to manage your firewalls Internal SFR module for ¬†while using the ASDM Setup FirePOWER Services (for ASDM) For most people that’s fine, but if you have a lot of FirePOWER devices to manage that does not scale well. In those cases you should use theFMC ¬†(FirePOWER Management Center). Here ‘Im going to use the Vmware virtual appliance, (at time of writing there is no...

Read More
Cisco FirePOWER User Agent – Use With the FirePOWER Management Console
Apr27

Cisco FirePOWER User Agent – Use With the FirePOWER Management Console

KB ID 0001179 Dtd 27/04/16 Problem FirePOWER Management Center, will give you a wealth of information on traffic/threats etc. Usually it will tell you what IP the offenders are on, but if you want to know what a USER is doing, then that means you have to look though logs see who had what IP, at what time etc. So you can install the FirePOWER User Agent on a machine, (this can be a client machine, though I usually put it on a member...

Read More
Cisco Add FirePOWER Module to FirePOWER Management Center
Apr25

Cisco Add FirePOWER Module to FirePOWER Management Center

KB ID 0001178 Dtd 25/04/16ProblemIf you only have one FirePOWER service module you can now manage it from the ASDM;ASA 5505-X / 5508-X Setup FirePOWER Services (for ASDM)But if you have got more than one, and you can manage them centrally with the FirePOWER Management Center, (formally SourceFIRE Defence Center).¬†WARNING: ¬†If you are going¬†to use FMC DON’T register your licences in the ASDM, they all need to be registered in the...

Read More
Cisco Firepower Services – Change IP and DNS Addresses
Apr07

Cisco Firepower Services – Change IP and DNS Addresses

KB ID 0001173 Dtd 07/04/16 Problem If you change your internal LAN addresses its easy to re-ip the firewall but what about the FirePOWER module? If you manage your SFR from the ASDM it will tell you what the IP is, but it won’t let you change it? ¬† Solution Change the FirePOWER Module IP Address Log into the firewall, then open a session with the SFR module. find the physical address of the module (usually eth0, but check)....

Read More