Introduction to System Configuration
System configuration settings apply to either a Firepower Management Center or a Classic managed device (7000 and 8000 Series, ASA FirePOWER, NGIPSv):
-
For the Firepower Management Center these configuration settings are part of a "local" system configuration. Note that system configuration on the Firepower Management Center is specific to a single system, and changes to a FMC's system configuration affect only that system.
-
For a Classic managed device, you apply a configuration from the Firepower Management Center as part of a platform settings policy. You create a shared policy to configure a subset of the system configuration settings, appropriate for managed devices, that are likely to be similar across a deployment.
Tip
For 7000 and 8000 Series devices, you can perform limited system configuration tasks from the local web interface, such as console configuration and remote management. These are not the same configurations that you apply to a 7000 or 8000 Series device using a platform settings policy.
Navigating the Firepower Management Center System Configuration
Smart License |
Classic License |
Supported Devices |
Supported Domains |
Access |
---|---|---|---|---|
Any |
Any |
FMC |
Global only |
Admin |
The system configuration identifies basic settings for a Firepower Management Center.
Procedure
Step 1 |
Choose . |
Step 2 |
Use the navigation panel to choose configurations to change; see Table 1 for more information. |
System Configuration Settings
Setting |
Description |
Also configurable from: |
|
---|---|---|---|
Platform Settings |
7000 & 8000 Series |
||
Information |
View current information about the appliance and edit the display name; see Appliance Information. |
no |
yes |
HTTPS Certificate |
Request an HTTPS server certificate, if needed, from a trusted authority and upload certificates to the system; see HTTPS Certificates . |
no |
yes |
External Database Access |
Enable external read-only access to the database, and provide a client driver to download; see External Database Access Settings. |
no |
no |
Database |
Specify the maximum number of each type of event that the Firepower Management Center can store; see Database Event Limits. |
no |
no |
Management Interfaces |
Change options such as the IP address, hostname, and proxy settings of the appliance; see Management Interfaces. |
no |
yes |
Process |
Shut down, reboot, or restart Firepower System-related processes; see System Shut Down and Restart. |
no |
yes |
Remote Storage Device |
Configure remote storage for backups and reports; see Remote Storage Management. |
no |
no |
Change Reconciliation |
Configure the system to send a detailed report of changes to the system over the last 24 hours; see Change Reconciliation. |
no |
yes |
Access Control Preferences |
Configure the system to prompt users for a comment when they add or modify an access control policy; see Policy Change Comments. |
no |
no |
Access List |
Control which computers can access the system on specific ports; see The Access List. |
yes |
no |
Audit Log |
Configure the system to send an audit log to an external host; see Audit Logs. |
yes |
no |
Dashboard |
Enable Custom Analysis widgets on the dashboard; see Dashboard Settings. |
no |
no |
DNS Cache |
Configure the system to resolve IP addresses automatically on event view pages; see DNS Cache. |
no |
no |
Email Notification |
Configure a mail host, select an encryption method, and supply authentication credentials for email-based notifications and reporting; see Email Notifications. |
no |
no |
External Authentication |
Set the default user role for any user who is authenticated by an external RADIUS, LDAP or Microsoft Active Directory repository; see External Authentication Settings |
yes |
no |
Intrusion Policy Preferences |
Configure the system to prompt users for a comment when they modify an intrusion policy; see Policy Change Comments. |
no |
no |
Language |
Specify a different language for the web interface; see Language Selection. |
yes |
no |
Login Banner |
Create a custom login banner that appears when users log in; see Login Banners. |
yes |
no |
Network Analysis Policy Preferences |
Configure the system to prompt users for a comment when they modify a network analysis policy; see Policy Change Comments. |
no |
no |
SNMP |
Enable Simple Network Management Protocol (SNMP) polling; see SNMP Polling. |
yes |
no |
STIG Compliance |
Enable compliance with specific requirements set out by the United States Department of Defense; see STIG Compliance. |
yes |
no |
Time |
View the current time setting and, if the time synchronization setting in the current system configuration is set to Manually in Local Configuration, change the time; see Time and Time Synchronization. |
no |
yes |
Time Synchronization |
Manage time synchronization on the system; see Time and Time Synchronization. |
yes |
no |
Shell Timeout |
Configure the amount of idle time, in minutes, before a user’s login session times out due to inactivity; see Session Timeouts. |
yes |
no |
Vulnerability Mapping |
Map vulnerabilities to a host IP address for any application protocol traffic received or sent from that address; see Vulnerability Mapping. |
no |
no |
Console Configuration |
Configure console access via VGA or serial port, or via Lights-Out Management (LOM); see Remote Console Access Management. |
no |
limited |
VMware Tools |
Enable and use VMware Tools on a Firepower Management Center Virtual; see VMware Tools and Virtual Systems. |
n/a |
n/a |