- ASA FirePOWER Module User Guide
- Introduction to the Cisco ASA FirePOWER Module
- Managing Reusable Objects
- Managing Device Configuration
- Getting Started with Access Control Policies
- Blacklisting Using Security Intelligence IP Address Reputation
- Tuning Traffic Flow Using Access Control Rules
- Controlling Traffic with Network-Based Rules
- Controlling Traffic with Reputation-Based Rules
- Controlling Traffic Based on Users
- Controlling Traffic Using Intrusion and File Policies
- Understanding Network Analysis and Intrusion Policies
- Using Layers in a Network Analysis or Intrusion Policy
- Customizing Traffic Preprocessing
- Getting Started with Network Analysis Policies
- Using Application Layer Preprocessors
- Configuring SCADA Preprocessing
- Configuring Transport & Network Layer Preprocessing
- Tuning Preprocessing in Passive Deployments
- Getting Started with Intrusion Policies
- Tuning Intrusion Policies Using Rules
- Detecting Specific Threats
- Globally Limiting Intrusion Event Logging
- Understanding and Writing Intrusion Rules
- Blocking Malware and Prohibited Files
- Logging Connections in Network Traffic
- Viewing Events
- Configuring External Alerting
- Configuring External Alerting for Intrusion Rules
- Using the ASA FirePOWER Dashboard
- Using ASA FirePOWER Reporting
- Scheduling Tasks
- Managing System Policies
- Configuring ASA FirePOWER Module Settings
- Licensing the FireSIGHT System ASA FirePOWER Module
- Updating ASA FirePOWER Module Software
- Monitoring the System
- Using Backup and Restore
- Generating Troubleshooting Files
- Importing and Exporting Configurations
- Viewing the Status of Long-Running Tasks
- Security, Internet Access, and Communication Ports
- Configuring a Recurring Task
- Automating Backup Jobs
- Automating Certificate Revocation List Downloads
- Automating Applying an Intrusion Policy
- Automating Geolocation Database Updates
- Automating Software Updates
- Automating URL Filtering Updates
- Viewing Tasks
- Editing Scheduled Tasks
- Deleting Scheduled Tasks
Scheduling Tasks
You can schedule many different types of administrative tasks to run at designated times, either once or on a recurring basis.
Note
Some tasks (such as those involving automated software updates) may place a significant load on networks with low bandwidths. You should schedule tasks like these to run during periods of low network use.
See the following sections for more information:
- Configuring a Recurring Task explains how to set up a scheduled task so that it runs at regular intervals.
- Automating Backup Jobs provides procedures for scheduling backup jobs.
- Automating Certificate Revocation List Downloads provides procedures for automatically refreshing the certificate revocation list (CRL) for an appliance.
- Automating Applying an Intrusion Policy provides procedures for queuing an intrusion policy apply.
- Automating Geolocation Database Updates provides procedures for scheduling automatic updates of the geolocation database (GeoDB).
- Automating Software Updates provides procedures for scheduling the download, push, and installation of software updates.
- Automating URL Filtering Updates provides procedures for automating updates of URL filtering data.
- Viewing Tasks describes how to view and manage tasks after they are scheduled.
- Editing Scheduled Tasks describes how to edit an existing task.
- Deleting Scheduled Tasks describes how to delete one-time tasks and all instances of recurring tasks.
Configuring a Recurring Task
You set the frequency for a recurring task using the same process for all types of tasks.
Note that the time displayed on most pages on the user interface is the local time, which is determined by using the time zone you specify in your local configuration. Further, the ASA FirePOWER module automatically adjusts its local time display for daylight saving time (DST), where appropriate. However, recurring tasks that span the transition dates from DST to standard time and back do not adjust for the transition. That is, if you create a task scheduled for 2:00 AM during standard time, it will run at 3:00 AM during DST. Similarly, if you create a task scheduled for 2:00 AM during DST, it will run at 1:00 AM during standard time.
To configure a recurring task:
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 3 From the Job Type list, select the type of task that you want to schedule.
Each of the types of tasks you can schedule is explained in its own section.
Step 4 For the Schedule task to run option, select Recurring.
The page reloads with the recurring task options.
Step 5 In the Start On field, specify the date when you want to start your recurring task. You can use the drop-down list to select the month, day, and year.
Step 6 In the Repeat Every field, specify how often you want the task to recur. You can specify a number of hours, days, weeks, or months.
Tip You can either type a number or click the up icon (
) and the down () icon to specify the interval. For example, type 2 and select Days to run the task every two days.
Step 7 In the Run At field, specify the time when you want to start your recurring task.
Step 8 If you selected Weeks for Repeat Every, a Repeat On field appears. Select the check boxes next to the days of the week when you want to run the task.
Step 9 If you selected Months for Repeat Every, a Repeat On field appears. Use the drop-down list to select the day of the month when you want to run the task.
The remaining options on the New Task page are determined by the task you are creating. See the following sections for more information:
– Automating Certificate Revocation List Downloads
– Automating Applying an Intrusion Policy
– Automating URL Filtering Updates
Automating Backup Jobs
You can use the scheduler to automate backups of your ASA FirePOWER module. You must design a backup profile before you can configure a backup as a scheduled task. For more information, see Creating Backup Profiles.
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 3 From the Job Type list, select Backup.
The page reloads to show the backup options.
Step 4 Specify how you want to schedule the backup, Once or Recurring :
- For one-time tasks, use the drop-down lists to specify the start date and time. The Current Time field indicates the current time on the appliance.
- For recurring tasks, you have several options for setting the interval between instances of the task. See Configuring a Recurring Task for details.
Step 5 In the Job Name field, type a name using up to 255 alphanumeric characters, spaces, or dashes.
Step 6 From the Backup Profile list, select the appropriate backup profile.
For more information on creating new backup profiles, see Creating Backup Profiles.
Step 7 Optionally, in the Comment field, type a comment using up to 255 alphanumeric characters, spaces, or periods.
Tip The comment field appears in the View Tasks section of the page, so you should try to keep it relatively short.
Step 8 Optionally, in the Email Status To: field, type the email address (or multiple email addresses separated by commas) where you want task status messages sent.
You must have a valid email relay server configured to send status messages. See Configuring a Mail Relay Host and Notification Address for more information about configuring a relay host.
The task is added. You can check the status of a running task on the Task Status page; see Viewing the Status of Long-Running Tasks.
Automating Certificate Revocation List Downloads
You can use the scheduler to automatically refresh the certificate revocation list (CRL) for the appliance web server on an appliance where you enable user certificates for the appliance. The Download CRL task is automatically created when you enable fetching of a CRL in the local appliance configuration, so this procedure explains how to open the scheduled task to set the frequency.
To automate download of certificate revocation lists:
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 2 Locate the download CRL task in the Task Details and click the edit icon (
).
The Edit Task page appears, showing the download options.
Step 3 Specify how you want to schedule the CRL download, Once or Recurring :
- For one-time tasks, use the drop-down lists to specify the start date and time. The Current Time field indicates the current time on the appliance.
- For recurring tasks, you have several options for setting the interval between instances of the task. See Configuring a Recurring Task for details.
Step 4 Optionally, in the Comment field, type a comment using up to 255 alphanumeric characters, spaces, or periods.
Tip The comment field appears in the View Tasks section of the page, so you should try to keep it relatively short.
Step 5 Optionally, in the Email Status To: field, type the email address (or multiple email addresses separated by commas) where you want task status messages sent.
You must have a valid email relay server configured on the ASA FirePOWER module to send status messages. See Configuring a Mail Relay Host and Notification Address for more information about configuring a relay host.
The task is added. You can check the status of a running task on the Task Status page; see Viewing the Status of Long-Running Tasks.
Automating Applying an Intrusion Policy
You can queue an intrusion policy apply to the ASA FirePOWER module. This task only applies the intrusion policy if an access control policy that references the intrusion policy is applied to the ASA FirePOWER module when the task runs. Otherwise, the task aborts before completion.
You must associate an intrusion policy with an access control policy and apply the access control policy to a device before scheduling this task; see Controlling Traffic Using Intrusion and File Policies.
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
The schedule calendar page for the current month appears.
Step 3 From the Job Type list, select Queue Intrusion Policy Apply.
The page reloads to show the options for queuing a policy apply.
Step 4 Specify how you want to schedule the task, Once or Recurring :
- For one-time tasks, use the drop-down lists to specify the start date and time. The Current Time field indicates the current time on the ASA FirePOWER module.
- For recurring tasks, you have several options for setting the interval between instances of the task. See Configuring a Recurring Task for details.
Step 5 In the Job Name field, type a name using up to 255 alphanumeric characters, spaces, or dashes.
Step 6 In the Intrusion Policy field, you have the following options:
Step 7 Optionally, in the Comment field, type a comment using up to 255 alphanumeric characters, spaces, or periods.
Tip The comment field appears in the Tasks Details section at the bottom of the schedule calendar page, so you should limit the size of your comment.
Step 8 Optionally, in the Email Status To: field, type the email address (or multiple email addresses separated by commas) where you want task status messages sent.
You must have a valid email relay server configured to send status messages. See Configuring a Mail Relay Host and Notification Address for more information about configuring a relay host.
The task is added. You can check the status of a running task in the Task Details section of the calendar page; see Viewing the Status of Long-Running Tasks.
Step 10 To edit your saved task, click the task anywhere it appears on the schedule calendar page.
The Task Details section appears at the bottom of the page. To make any changes, click the edit icon (
).
Automating Geolocation Database Updates
You can use the scheduler to automate recurring geolocation database (GeoDB) updates. Recurring GeoDB updates run once every 7 days (weekly); you can configure the time the update recurs each week. For more information on GeoDB updates, see Updating the Geolocation Database.
To automate geolocation database updates:
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Updates.
The Product Updates page appears.
Step 2 Click the Geolocation Updates tab.
The Geolocation Updates page appears.
Step 3 Under Recurring Geolocation Updates, select the Enable Recurring Weekly Updates check box.
The Update Start Time field appears.
Step 4 In the Update Start Time field, specify the time and day of the week when you want weekly GeoDB updates to occur.
The task is added. You can check the status of a running task on the Task Status page; see Viewing the Status of Long-Running Tasks.
Automating Software Updates
You can automatically download and apply most patches and feature releases to the ASA FirePOWER module.
Note You must manually upload and install updates in two situations. First, you cannot schedule major updates to the ASA FirePOWER module. Second, you cannot schedule updates for or pushes from appliances that cannot access the Support Site. For information on manually updating the ASA FirePOWER module, see Updating ASA FirePOWER Module Software.
If you want to have more control over this process, you can use the Once option to download and install updates during off-peak hours after you learn that an update has been released.
See the following sections for more information:
Automating Software Downloads
You can create a scheduled task that automatically downloads the latest software updates from Cisco. You can use this task to schedule download of updates you plan to install manually.
To automate software update downloads:
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 3 From the Job Type list, select Download Latest Update.
The New Task page reloads to show the update options.
Step 4 Specify how you want to schedule the task, Once or Recurring :
- For one-time tasks, use the drop-down lists to specify the start date and time. The Current Time field indicates the current time on the appliance.
- For recurring tasks, you have several options for setting the interval between instances of the task. See Configuring a Recurring Task for details.
Step 5 In the Job Name field, type a name using up to 255 alphanumeric characters, spaces, or dashes.
Step 6 In the Update Items section, select Software.
Step 7 Optionally, in the Comment field, type a comment using up to 255 alphanumeric characters, spaces, or periods.
Tip The comment field appears in the View Tasks section of the page, so you should try to keep it relatively short.
Step 8 Optionally, in the Email Status To: field, type the email address (or multiple email addresses separated by commas) where you want task status messages sent.
You must have a valid email relay server configured to send status messages. See Configuring a Mail Relay Host and Notification Address for more information about configuring a relay host.
The task is added. You can check the status of a running task on the Task Status page; see Viewing the Status of Long-Running Tasks.
Automating Software Installs
Depending on the update being installed, the appliance may reboot after the software is installed.
To schedule a software installation task:
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 3 From the Job Type list, select Install Latest Update.
The page reloads to show the options for installing updates.
Step 4 Specify how you want to schedule the task, Once or Recurring :
- For one-time tasks, use the drop-down lists to specify the start date and time. The Current Time field indicates the current time on the appliance.
- For recurring tasks, you have several options for setting the interval between instances of the task. See Configuring a Recurring Task for details.
Step 5 In the Job Name field, type a name using up to 255 alphanumeric characters, spaces, or dashes.
Step 6 Optionally, in the Comment field, type a comment using up to 255 alphanumeric characters, spaces, or periods.
Tip The comment field appears in the View Tasks section of the page, so you should try to keep it relatively short.
Step 7 Optionally, in the Email Status To: field, type the email address (or multiple email addresses separated by commas) where you want task status messages sent.
You must have a valid email relay server configured to send status messages. See Configuring a Mail Relay Host and Notification Address for more information about configuring a relay host.
The task is added. You can check the status of a running task on the Task Status page; see Viewing the Status of Long-Running Tasks.
Automating URL Filtering Updates
You can use the scheduler to automate updates of URL filtering data from the Collective Security Intelligence Cloud. For a URL filtering update task to succeed:
- The ASA FirePOWER module must have access to the Internet or it cannot contact the cloud.
- You must enable URL filtering, as described in Enabling Cloud Communications.
Note that when you enable URL filtering, you can also enable automatic updates. This forces the ASA FirePOWER module to contact the cloud every 30 minutes for URL filtering data updates. If you have enabled automatic updates, you should not create a scheduled task to update URL filtering data.
Although daily updates tend to be small, if it has been more than five days since your last update, new URL filtering data may take up to 20 minutes to download, depending on your bandwidth. Then, it may take up to 30 minutes to perform the update itself.
To automate URL filtering data tasks:
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 3 From the Job Type list, select Update URL Filtering Database.
The page reloads to show the URL filtering update options.
Step 4 Specify how you want to schedule the update, Once or Recurring :
- For one-time tasks, use the drop-down lists to specify the start date and time. The Current Time field indicates the current time on the appliance.
- For recurring tasks, you have several options for setting the interval between instances of the task. See Configuring a Recurring Task for details.
Step 5 In the Job Name field, type a name using up to 255 alphanumeric characters, spaces, or dashes.
Step 6 Optionally, in the Comment field, type a comment using up to 255 alphanumeric characters, spaces, or periods.
Tip The comment field appears in the View Tasks section of the page, so you should try to keep it relatively short.
Step 7 Optionally, in the Email Status To field, type the email address (or multiple email addresses separated by commas) where you want task status messages sent.
You must have a valid email relay server configured to send status messages. See Configuring a Mail Relay Host and Notification Address for more information about configuring a relay host.
The task is added. You can check the status of a running task on the Task Status page; see Viewing the Status of Long-Running Tasks.
Viewing Tasks
After adding scheduled tasks, you can view them and evaluate their status. The View Options section of the page allows you to view scheduled tasks using a calendar and a list of scheduled tasks.
See the following sections for more information:
Using the Calendar
The Calendar view option allows you to view which scheduled tasks occur on which day.
To view scheduled tasks using the calendar:
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 2 You can perform the following tasks using the calendar view:
) to move back one year.
) to move back one month.
) to move forward one month.
) to move forward one year.
Note For more information about using the task list, see Using the Task List.
Using the Task List
The Task List shows a list of tasks along with their status. The task list appears below the calendar when you open the calendar. In addition, you can access it by selecting a date or task from the calendar. See Using the Calendar for more information.
|
|
|
|---|---|
Displays the name of the scheduled task and the comment associated with it. |
|
Displays the name of the user that created the scheduled task. |
|
) indicates that the task ran successfully.
) indicates that the task is in an unknown state.
) indicates that the task failed.
Editing Scheduled Tasks
You can edit a scheduled task that you previously created. This feature is especially useful if you want to test a scheduled task once to make sure that the parameters are correct. Later, after the task completes successfully, you can change it to a recurring task.
To edit an existing scheduled task:
Step 1 Select System > Tools > Scheduling.
Step 2 Click either the task that you want to edit or the day on which the task appears.
The Task Details table containing the selected task or tasks appears.
Step 3 Locate the task you want to edit in the table and click the edit icon ()
The Edit Task page appears, showing the details of the task you selected.
Step 4 Edit the task to meet your needs, including the start time, the job name, the comment, and how often the task runs, once or recurring. You cannot change the type of job.
The remaining options are determined by the task you are editing. See the following sections for more information:
Step 5 Click Save to save your edits.
Your change are saved and the Scheduling page appears again.
Deleting Scheduled Tasks
There are two types of deletions you can perform from the Schedule View page. You can delete a specific one-time task that has not yet run or you can delete every instance of a recurring task. If you delete an instance of a recurring task, all instances of the task are deleted. If you delete a task that is scheduled to run once, only that task is deleted.
The following sections describe how to delete tasks:
- To delete all instances of a task, see Deleting a Recurring Task.
- To delete a single instance of a task, see Deleting a One-Time Task.
Deleting a Recurring Task
When you delete one instance of a recurring task, you automatically delete all instances of that task.
Step 1 In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 2 On the calendar, select an instance of the recurring task you want to delete.
The page reloads to display a table of tasks below the calendar.
Step 3 Locate an instance of the recurring task you want to delete in the table and click the delete icon (
).
All instances of the recurring task are deleted.
Deleting a One-Time Task
You can delete a one-time scheduled task or delete the record of a previously run scheduled task using the task list.
To delete a single task or, if it has already run, delete a task record:
Step 1 Select In ASDM, select Configuration > ASA FirePOWER Configuration > Tools > Scheduling.
Step 2 Click the task that you want to delete or the day on which the task appears.
A table containing the selected task or tasks appears.
Step 3 Locate the task you want to delete in the table and click the delete icon ().
The instance of the task you selected is deleted.
Feedback