Editing Device Configuration
The Device tab of the Device Management page displays detailed device configuration and information, as it applies to the ASA FirePOWER module. It also allows you to make changes to some parts of device configuration, such as changing the displayed module name and modifying management settings.
Editing General Device Configuration
License: Any
The General section of the Device tab shows the module name, which you can change. Here, you can also specify whether or not the device can transfer packets to the ASA FirePOWER module.
To edit general device configuration:
Procedure
Step 1 |
Select .The Device page appears. |
Step 2 |
Next to the General section, click the edit icon (). The General pop-up window appears. |
Step 3 |
In the Name field, enter a new assigned name for the module. You may enter alphanumeric characters and special characters, with the exception of the following characters, which are invalid: +, (, ), {, }, #, &, \, <, >, ?, ‘, and “. |
Step 4 |
Select the Transfer Packets check box to allow packet data to be stored in the ASA FirePOWER module with events. Clear the check box to prevent the device from sending packet data with the events. |
Step 5 |
Click Save. The changes are saved. Note that your changes do not take effect until you apply the device configuration; see Applying Changes to Device Configuration for more information. |
Viewing Device System Settings
License: Any
The System section of the Device tab displays a read-only table of system information, as described in the following table.
Field |
Description |
---|---|
Model |
The model name and number for the device. |
Serial |
The serial number of the chassis of the device. |
Time |
The current system time of the device. |
Version |
The version of the software currently installed on the ASA FirePOWER module. |
Policy |
A link to the system policy currently applied to the ASA FirePOWER module. |
Understanding Advanced Device Settings
The Advanced section of the Device tab displays advanced configuration settings, as described in the following table.
Field |
Description |
---|---|
Application Bypass |
The state of Automatic Application Bypass on the module. |
Bypass Threshold |
The Automatic Application Bypass threshold, in milliseconds. |
You can use the Advanced section to edit any of these settings. See the following sections for more information:
Automatic Application Bypass
License: Any
The Automatic Application Bypass (AAB) feature limits the time allowed to process packets through an interface and allows packets to bypass detection if the time is exceeded. The feature functions with any deployment; however, it is most valuable in inline deployments.
You balance packet processing delays with your network’s tolerance for packet latency. When a malfunction within Snort or a device misconfiguration causes traffic processing time to exceed a specified threshold, AAB causes Snort to restart within ten minutes of the failure, and generates troubleshoot data that can be analyzed to investigate the cause of the excessive processing time.
You can change the bypass threshold if the option is selected. The default setting is 3000 milliseconds (ms). The valid range is from 250 ms to 60,000 ms.
Note |
AAB is activated only when an excessive amount of time is spent processing a single packet. If AAB engages, the system kills all Snort processes. |
For more information about enabling Automatic Application Bypass and setting the bypass threshold, see Editing Advanced Device Settings.
Editing Advanced Device Settings
You can use the Advanced section of the Devices tab to modify the Automatic Application Bypass.
To modify advanced device settings:
Procedure
Step 1 |
Select > > > .The Device page appears. |
Step 2 |
Next to the Advanced section, click the edit icon () . The Advanced pop-up window appears. |
Step 3 |
Optionally, select Automatic Application Bypass if your network is sensitive to latency. Automatic Application Bypass is most useful in inline deployments. For more information, see Automatic Application Bypass. |
Step 4 |
When you select the Automatic Application Bypass option, you can type a Bypass Threshold in milliseconds (ms). The default setting is 3000 ms and the valid range is from 250 ms to 60,000 ms. |
Step 5 |
Click Save. Your changes are saved. Note that your changes do not take effect until you apply the device configuration; see Applying Changes to Device Configuration for more information. |