Cisco Secure Firewall Management Center Virtual Getting Started Guide

Review Automatic Initial Configuration for Versions 6.5 and Later

Updated: February 5, 2026

Want to summarize with AI?

Overview

Learn about the automatic maintenance tasks configured during initial setup, including scheduled GeoDB updates, software downloads, configuration backups, vulnerability database updates, and daily intrusion rule updates, along with UTC-based scheduling considerations and recommendations for review and adjustment.

As a part of initial configuration (whether performed through the Initial Configuration Wizard or through the CLI), the Firewall Management Center automatically configures maintenance tasks to keep your system up-to-date and your data backed up.

These tasks are scheduled in UTC, which means that when they occur locally depends on the date and your specific location. Also, because tasks are scheduled in UTC, they do not adjust for daylight saving time, summer time, or any such seasonal adjustments that you may observe in your location. If you are affected, scheduled tasks occur one hour "later" in the summer than in the winter, according to local time.

Note

We strongly recommend you review the auto scheduled configurations, confirm that the Firewall Management Center has established them successfully, and adjust them if necessary.

Weekly GeoDB Updates

The Firewall Management Center automatically schedules GeoDB updates to occur each week at the same randomly selected time. You can observe the status of this update using the web interface Message Center. You can see the configuration for this automatic update in the web interface under System > Updates > Geolocation Updates>Recurring Geolocation Updates. If the system fails to configure the update and your Firewall Management Center has internet access, we recommend you configure regular GeoDB updates as described in the Cisco Secure Firewall Management Center Administration Guide for your version.
Weekly Firewall Management Center Software Updates

The Firewall Management Center automatically schedules a weekly task to download the latest software for the Firewall Management Center and its managed devices. This task is scheduled to occur between 2 and 3 AM UTC on Sunday mornings; depending on the date and your specific location this can occur any time from Saturday afternoon to Sunday afternoon local time. You can observe the status of this task using the web interface Message Center. You can see the configuration for this task in the web interface under System > Tools > Scheduling. If the task scheduling fails and your Firewall Management Center has internet access, we recommend you schedule a recurring task for downloading software updates as described in the Cisco Secure Firewall Management Center Administration Guide for your version.

This task only downloads software patch and hotfix updates for the version your appliances are currently running; it it your responsibility to install any updates this task downloads. See the Cisco Firewall Management Center Upgrade Guide for more information.
Weekly Firewall Management Center Configuration Backup

The Firewall Management Center automatically schedules a weekly task to perform a locally-stored configuration-only backup at 2 AM UTC on Monday mornings; depending on the date and your specific location this can occur any time from Saturday afternoon to Sunday afternoon local time. You can observe the status of this task using the web interface Message Center. You can see the configuration for this task in the web interface under System > Tools > Scheduling. If the task scheduling fails, we recommend you schedule a recurring task to perform backups as described in the Cisco Secure Firewall Management Center Administration Guide for your version.
Vulnerability Database Update

In Versions 6.6+, the Firewall Management Center downloads and installs the latest vulnerability database (VDB) update from the Cisco support site. This is a one-time operation. You can observe the status of this update using the web interface Message Center. To keep your system up to date, if your Firewall Management Center has internet access, we recommend you schedule tasks to perform automatic recurring VDB update downloads and installations as described in the Cisco Secure Firewall Management Center Administration Guide for your version.
Daily Intrusion Rule Update

In Versions 6.6+, the Firewall Management Center configures a daily automatic intrusion rule update from the Cisco support site. The Firewall Management Center deploys automatic intrusion rule upates to affected managed devices when it next deploys affected policies. You can observe the status of this task using the web interface Message Center. You can see the configuration for this task in the web interface under System > Updates > Rule Updates. If configuring the update fails and your Firewall Management Center has internet access, we recommend you configure regular intrusion rule updates as described in the Cisco Secure Firewall Management Center Administration Guide for your version.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.