hit counter script
Download
Share
Print this page
Cisco 1600 Getting Started Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Server
  5. 1600
  6. Getting started manual

Cisco 1600 Getting Started Manual

Firepower management center
Hide thumbs Also See for 1600:

Advertisement

Quick Links

Download this manual
Cisco Firepower Management Center 1600, 2600,
and 4600 Getting Started Guide
First Published: 2019-06-26
Last Modified: 2022-05-31
Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
The Firepower Management Center 1600, 2600, and 4600 Getting Started Guide explains installation, login,
setup, initial administrative settings, and configuration for your secure network. This document also describes
maintenance activities such as establishing alternative means of management center access, adding managed
devices to the management center, factory reset, saving and loading configurations, erasing the hard drive,
and performing shutdown or restart.
In a typical deployment on a large network, you install multiple managed devices on network segments. Each
device controls, inspects, monitors, and analyzes traffic, and then reports to a management center. The
management center provides a centralized management console with a web interface that you can use to
perform administrative, management, analysis, and reporting tasks in service to securing your local network.
About the Firepower Management Center Models 1600, 2600, and 4600
The following topics provide information about front and rear panel features that you need to follow the
instructions in this document.
Rear Panel Features
The following figure illustrates the rear panel of the Firepower Management Center 1600, 2600, and 4600.
For more information on the rear-panel features, see the
and 4600 Hardware Installation
Figure 1: Rear Panel
1
Guide.
USB 3.0 Type A (USB 1)
You can connect a keyboard, and along with a
monitor on the VGA port, you can access the
console.
Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
Cisco Firepower Management Center 1600, 2600,
2
USB 3.0 Type A (USB 2)
You can connect a keyboard, and along with a
monitor on the VGA port, you can access the
console.
1

Advertisement

loading

Related Manuals for Cisco 1600

Summary of Contents for Cisco 1600

  • Page 1 The following topics provide information about front and rear panel features that you need to follow the instructions in this document. Rear Panel Features The following figure illustrates the rear panel of the Firepower Management Center 1600, 2600, and 4600. For more information on the rear-panel features, see the Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide.
  • Page 2 Front Panel LEDs and their States The following figure illustrates the front panel of the Firepower Management Center 1600, 2600, and 4600, identifies the LED lights, and provides the information you need to determine appliance status based on the LEDs.
  • Page 3 • Amber—The chassis is in standby mode. • Blue, flashing—The unit identification • Green—The chassis is in main power mode. function is activated. Power is supplied to all components. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 4 • Green—The chassis is operating at normal temperature. • Amber—One or more temperature sensors breached the critical threshold. • Amber, flashing—One or more temperature sensors breached the unrecoverable threshold. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 5 Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide. For a complete list of the Cisco Secure Firewall series documentation and where to find it, see the documentation roadmap. Access the CLI or the Linux Shell on the Management Center Accessing the management center CLI or the Linux shell requires a different sequence of steps depending on what version the management center is running.
  • Page 6 Review Network Deployment for Versions 6.5 and Later To deploy the management center you need information about the environment within which it will operate. The following figure shows an example network configuration for a firewall deployment. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 7 You can upload updates for system software, as well as the Vulnerability Database (VDB), Geolocation Database (GEoDB), and intrusion rules directly to the management center from an internet connection or from a local computer that has previously downloaded these updates from the internet. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 8 End to End Procedure to Install the Management Center for Versions 6.5 and Later See the following tasks to deploy and configure a management center that will run Versions 6.5 and later. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 9 Connect Cables Turn On Power Verify Status for Versions 6.5 and Later This procedure references the rear panel ports of the Firepower Management Center 1600, 2600, and 4600. AC power supplies have internal grounding so no additional chassis grounding is required when the supported AC power cords are used.
  • Page 10 For more information about management interfaces, see the Cisco Secure Firewall Management Center Administration Guide and about network topology, see the Cisco Secure Firewall Management Center Device Configuration Guide. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 11 Management Center Initial Setup Using the CLI for Versions 6.5 and Later, on page Step 7 (Optional) Use the RJ-45 to DB-9 console cable supplied with the appliance (Cisco part number 72-3383-XX) to connect a local computer to the management center serial port. (You may need a DB-9-to-USB adaptor to connect to the local computer.) You can use this connection for serial access (see...
  • Page 12 When you have completed the Initial Configuration Wizard and completed or dismissed the Smart Licensing dialog, the system displays the device management page, described in “Device Management” in the Cisco Secure Firewall Management Center Device Configuration Guide for your version. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 13 English dictionary words but also other character strings that could be easily cracked with common password hacking techniques. For example, the initial configuration script may reject passwords such as "abcdefg" or "passw0rd". Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 14 If you change the gateway address during initial configuration, you may need to reconnect to the management center using the new network information. f) (Optional) For DNS Group you can accept the default value, Cisco Umbrella DNS. To change the DNS settings, choose Custom DNS Servers from the drop-down list, and enter IPv4 addresses for the Primary DNS and Secondary DNS.
  • Page 15 • When you have completed the Initial Configuration Wizard and completed or dismissed the Smart Licensing dialog, the system displays the device management page, described in the Cisco Firepower Management Center Device Configuration Guide. Establish basic configuration for your management...
  • Page 16 Administration Guide for your version. If you change the password for either admin account thereafter, they will no longer be the same, and the strong password requirement can be removed from the web interface admin account. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 17 Step 7 The final prompt gives you the opportunity to confirm the settings. • If the settings are correct, enter y and press Enter to accept the settings and continue. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 18 Geolocation Updates>Recurring Geolocation Updates. If the system fails to configure the update and your management center has internet access, we recommend you configure regular GeoDB updates as described in the Cisco Secure Firewall Management Center Administration Guide for your version. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 19 In Versions 6.6+, the management center downloads and installs the latest vulnerability database (VDB) update from the Cisco support site. This is a one-time operation. You can observe the status of this update using the web interface Message Center. To keep your system up to date, if your management center has...
  • Page 20 You can upload updates for system software, as well as the Vulnerability Database (VDB), Geolocation Database (GEoDB), and intrusion rules directly to the management center from an internet connection or from a local computer that has previously downloaded these updates from the internet. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 21 End to End Procedure to Install the Management Center to Run Software Versions 6.3 - 6.4 See the following tasks to deploy and configure the management center that will run Versions 6.3 - 6.4. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 22 Connect Cables Turn On Power Verify Status for Versions 6.3 - 6.4 This procedure references the rear panel ports of the Firepower Management Center 1600, 2600, and 4600. AC power supplies have internal grounding so no additional chassis grounding is required when the supported AC power cords are used.
  • Page 23 10-Gigabit Ethernet SFP+ interface as needed. You can connect this interface to the same or different network from your other management interfaces depending on your network needs. For more information Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 24 Software Versions 6.3 - 6.4, on page Step 7 (Optional) Use the RJ-45 to DB-9 console cable supplied with the appliance (Cisco part number 72-3383-XX) to connect a local computer to the management center serial port. (You may need a DB-9-to-USB adaptor to connect to the local computer.) You can use this connection for serial access (see...
  • Page 25 EULA. Procedure Step 1 Direct your browser to https://mgmt_ip/, where mgmt_ip is the IP address of the management center interface: Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 26 See the Time and Time Synchronization section in the Cisco Secure Firewall Management Center Administration Guide for your version for more information. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 27 • For the Secure Firewall Threat Defense physical and virtual devices, you must use Smart Licenses. If you plan to manage devices that use Cisco Smart Software Licensing, you must add smart licenses after completing initial setup, as described in...
  • Page 28 Before you begin Before you add a classic license to the management center, make sure you have the Product Authorization Key (PAK) provided by Cisco when you purchased the license. If you have a legacy, pre-Cisco license, contact Cisco TAC.
  • Page 29 Direct your browser to https://ipaddress_or_hostname/, where ipaddress or hostname corresponds to your management center. Step 2 In the Username and Password fields, enter your user name and password. Step 3 Click Login. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 30 Step 1 Choose System > Configuration > Time Synchronization. Step 2 Disable the Serve Time via NTP option. Step 3 Choose Via NTP for the Set My Clock option. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 31 Versions 6.3 - 6.4. For Versions 6.3 - 6.4: Add Smart licenses after completing initial setup. For each license: • Obtain a product license registration token for Smart Licensing from the Cisco Smart Software Manager (CSSM). Consult the Getting Started Guide for your device to determine the license PIDs available for that device.
  • Page 32 • Make sure the management center has established a connection with an NTP server. During registration, a key exchange occurs between the NTP server and the Cisco Smart Software Manager, so time must be in sync for proper registration.
  • Page 33 Decide whether to send usage data to Cisco. • Enable Cisco Success Network is enabled by default. You can click sample data to see the kind of data Cisco collects. To help you make your decision, read the Cisco Success Network information block.
  • Page 34 Generate a Classic License and Add it to the Management Center Before you begin • Confirm you have access to the Cisco Product License Registration Portal at https://cisco.com/go/license. • Review the information about types of Classic licenses in the Cisco Secure Firewall Management Center...
  • Page 35 Schedule Weekly GeoDB Updates The Cisco Geolocation Database (GeoDB) is a database of geographical data (such as country, city, coordinates) and connection-related data (such as Internet service provider, domain name, connection type) associated with routable IP addresses.
  • Page 36 You must install the GeoDB on your system to view any geolocation details other than country or continent. Cisco issues periodic updates to the GeoDB; to optimize accuracy of GeoDB lookups we recommend you always use the latest GeoDB update on your system.
  • Page 37 Use these instructions to schedule regular automatic downloads and installations of the latest VDB update. The Cisco Talos Intelligence Group (Talos) issues periodic VDB updates no more than once daily. We strongly recommend you always maintain the latest VDB update on your management center.
  • Page 38 For each managed device, use these instructions to establish a simple deployment that does not incude multi-tenancy, clusters, or high availability. To configure a deployment using any of these features, see the Cisco Secure Firewall Management Center Device Configuration Guide for your version. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 39 Cisco Secure Firewall Management Center Device Configuration Guide for your version for more information. After you resolve the issue that caused the failure, manually deploy configurations to the device. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 40 • Obtain and install terminal emulation software (such as HyperTerminal or XModem) on the local computer to interact with the management center. • Redirect console output to the serial port. See Redirect Console Output, on page Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 41 Locate the serial port on the management center rear panel, item 4 in the diagram b e l o w . Step 2 Use the RJ-45 to DB-9 console cable supplied with the appliance (Cisco part number 72-3383-XX) to connect a local computer to the management center serial port. Step 3 Use terminal emulation software (such as HyperTerminal or XModem) on the local computer to interact with the management center.
  • Page 42 -U username -U username Specifies the username of an authorized LOM account. n/a (prompted on login) For ipmiutil only, specifies the password for -P password an authorized LOM account. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 43 The LOM IP address must be different from and in the same subnet as the management center Note management interface IP address. • Enter the Netmask for the system. • Enter the Default Gateway for the system. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 44 Install the Management Center for Versions 6.5 and Later, on page • For Versions 6.3 - 6.4 see Install the Management Center for Software Versions 6.3 - 6.4, on page Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 45 (any locatiaon other than the staging location). To preconfigure and deploy an appliance to a target location, perform the following steps: 1. Install the system on the device at the staging location. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 46 • The time zone (if you choose to manually set the time for your appliances) • The remote storage location for automatic backups • The LOM IP address to enable LOM Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 47 Shipping Considerations To prepare the appliance for shipment to the target location, you must safely power down and repackage the appliance. Keep in mind the following considerations: Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 48 The management center provides a system restore utility that you can use to perform the a number of maintenance functions: • Restore the management center to factory settings using an ISO image Cisco provides on its Support Site. See About the Restore Process, on page •...
  • Page 49 • To select a multiple-choice (radio button) option, first highlight the correct option using the up and down keys, then press the space bar to mark that option with an X. To accept your selection, press Enter while the OK button is highlighted. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 50 About the Restore Process The ISO image you use to restore an appliance depends on when Cisco introduced support for that appliance model. Unless the ISO image was released with a minor version to accommodate a new appliance model, ISO images are usually associated with major versions of the system software (for example, 6.1 or 6.2).
  • Page 51 Management Interface, on page Step 4 Use the interactive restore menu to specify the ISO image location and transport method. See Specify the ISO Image Location and Transport Method, on page Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 52 Management Center Initial Setup Using the Web Interface for Software Versions 6.3 - 6.4, on page 25 • If you deregistered the management center from the Cisco Smart Software Manager, register the appliance to the Cisco Smart Software Manager. Choose System > Licenses > Smart Licenses and click the register icon.
  • Page 53 Obtain the Restore ISO and Update Files Before you begin Cisco provides ISO images for restoring appliances to their original factory settings. Before you restore an appliance, obtain the correct ISO image from the Support Site as described here. Procedure...
  • Page 54 When restoring a device to factory settings using LOM, if you do not have physical access to the appliance and you delete the license and network settings, you will be unable to access the appliance after the restore. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 55 The first step in running the restore utility is to identify the management interface on the appliance you want to restore, so that the appliance can communicate with the server where you copied the ISO and any update files. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 56 Use the series of pages presented by the restore utility to provide the necessary information for the protocol you chose; see Restore Files Download Configuration, on page If your information was correct, the appliance connects to the server and displays a list of the Cisco ISO images in the location you specified. Step 4 Choose the ISO image you want to use.
  • Page 57 For more information, see the release notes for the update you want to install, as well as the Updating System Software chapter in the Cisco Secure Firewall Management Center Administration Guide. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 58 If you are restoring an appliance to the same major version, or if this is your second pass through the process, do not use these instructions; see Install the New System Software Version, on page Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 59 58. (If you are performing the two-pass restore process, this will be the second time you download and mount the ISO image.) Procedure Step 1 From the restore utility main menu, choose 5 Run the Install. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 60 ISO and other files to the appliance, you must re-authenticate to the server to complete the restore process. The best time to save a configuration is after you provide the information listed above, but before you download and mount the ISO image. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 61 What to do next To use the configuration you just loaded to restore the system, continue with Step 7 of Restore a Management Center to its Factory Defaults, on page Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 62 From the restore utility main menu, choose 8 Wipe Contents of Disk. Step 3 When prompted, confirm that you want to erase the hard drive. The process may take several hours to complete; larger drives will take longer. Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide...
  • Page 63 Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html.

This manual is also suitable for:

26004600