Quick Start: Basic Setup
The Secure Firewall feature set is powerful and flexible enough to support basic and advanced configurations. Use the following sections to quickly set up a Secure Firewall Management Center and its managed devices to begin controlling and analyzing traffic.
Installing and Performing Initial Setup on Physical Appliances
Procedure
Install and perform initial setup on all physical appliances using the documentation for your appliance:
|
Deploying Virtual Appliances
Follow these steps if your deployment includes virtual appliances. Use the documentation roadmap to locate the documents listed below: Navigating the Cisco Secure Firewall Threat Defense Documentation.
Procedure
Step 1 |
Determine the supported virtual platforms you will use for the Management Center and devices (these may not be the same). See the Cisco Secure Firewall Compatibility Guide. |
Step 2 |
Deploy virtual Secure Firewall Management Centers using the documentation for your environment:
|
Step 3 |
Deploy virtual devices using the documentation for your appliance:
|
Logging In for the First Time
Before logging in to a new management center for the first time, prepare the appliance as described in Installing and Performing Initial Setup on Physical Appliances or Deploying Virtual Appliances.
The first time that you log in to a new management center (or a management center newly restored to factory defaults), use the admin account for either the CLI or the web interface and follow the instructions in the Cisco Secure Firewall Management Center Getting Started Guide for your management center model. When you complete the initial configuration process, the following aspects of your system will be configured:
-
The passwords for the two admin accounts (one for web interface access and the other for CLI access) will be set to the same value, complying with strong password requirements as described in Guidelines and Limitations for User Accounts for Management Center. The system synchronizes the passwords for the two admin accounts only during the initial configuration process. If you change the password for either admin account thereafter, they will no longer be the same and the strong password requirement can be removed from the web interface admin account. (See Add or Edit an Internal User.)
-
The following network settings the management center uses for network communication through its management interface (eth0) will be set to default values or values you supply:
-
Fully qualified domain name (
<hostname>.<domain>
) -
Boot protocol for IPv4 configuration (DHCP or Static/Manual)
-
IPv4 address
-
Network mask
-
Gateway
-
DNS Servers
-
NTP Servers
Values for these settings can be viewed and changed through the management center web interface; see Modify Management Center Management Interfaces and Time Synchronization for more information.
-
-
The Cisco Success Network and Cisco Support Diagnostic capabilities get enabled by default. Cisco collects telemetry data from the Secure Firewall devices and uses it for customer success initiatives. For more information about the telemetry data that Cisco collects, see Cisco Success Network Telemetry Data Collected from the Management Center Devices.
-
Upon the first login to the management center by a user with Administrator privileges after an upgrade or new installation, a one-time prompt will request the Administrator user to provide the email address. Providing the email address is optional. Cisco collects and uses the email addresses for sales and product renewal conversations, new release adoption newsletters, and for sharing other product-related communications.
-
As part of the initial configuration, the system schedules weekly GeoDB updates. We recommend you review this task and make changes if necessary, as described in Schedule GeoDB Updates.
-
As part of the initial configuration, the system schedules weekly downloads. We recommend you review this task and make changes if necessary, as described in Automating Software Downloads.
Important
This task only downloads the updates. It is your responsibility to install any updates this task downloads.
-
As part of the initial configuration, the system schedules weekly configuration-only management center backups (locally stored). We recommend you review this task and make changes if necessary, as described in Schedule Management Center Backups.
-
As part of the initial configuration, the system downloads and installs the latest VDB. To keep the system up to date, we recommend you schedule recurring updates as described in Vulnerability Database Update Automation.
-
As part of the initial configuration, the system schedules daily intrusion rule updates. We recommend you review this task and make changes if necessary, as described in Schedule Intrusion Rule Updates.
On completion of management center initial configuration, the web interface displays the device management page, described in Cisco Secure Firewall Management Center Device Configuration Guide.
(This is the default login page only for the first time the admin user logs in. On subsequent logins by the admin or any user, the default login page is determined as described in Specifying Your Home Page.)
When you complete the initial configuration, begin controlling and analyzing traffic by configuring the basic policies as described in Setting Up Basic Policies and Configurations.
Setting Up Basic Policies and Configurations
You must configure and deploy basic policies to see data in the dashboard, Context Explorer, and event tables.
Note |
This is not a full discussion of policy or feature capabilities. For guidance on other features and more advanced configurations, see the rest of this guide. |
Before you begin
Log in to the web interface using the admin account for either the web interface or CLI and perform the initial configuration as described in the Cisco Secure Firewall Management Center Getting Started Guide for your hardware model, available from Install and Upgrade Guides.
Procedure
Step 1 |
Set a time zone for this account as described in Setting Your Default Time Zone. |
Step 2 |
If needed, add licenses as described in Licenses. |
Step 3 |
Add managed devices to your deployment as described in Add a Device to the Management Center in the Cisco Secure Firewall Management Center Device Configuration Guide. |
Step 4 |
Configure your managed devices as described in:
|
Step 5 |
Configure an access control policy as described in Creating a Basic Access Control Policy in the Cisco Secure Firewall Management Center Device Configuration Guide.
|
Step 6 |
Apply the system-provided default health policy as described in Apply a Health Policy. |
Step 7 |
Customize a few of your system configuration settings:
|
Step 8 |
Customize your network discovery policy as described in Configuring the Network Discovery Policy in the Cisco Secure Firewall Management Center Device Configuration Guide. By default, the network discovery policy analyzes all traffic on your network. In most cases, Cisco suggests restricting discovery to the addresses in RFC 1918. |
Step 9 |
Consider customizing these other common settings:
|
Step 10 |
Deploy configuration changes; see the Cisco Secure Firewall Management Center Device Configuration Guide. |
What to do next
Review and consider configuring other features described in Features and the rest of this guide.