Table of Contents
Cisco Firepower Management Center
Getting Started Guide for Models 750,
1500, 2000, 3500, and 4000
Updated: January 19, 2017
This guide is organized as follows:
Package Contents
License Requirements
Installing the Firepower Management Center
Restoring a Firepower Management Center to Factory Defaults
Preconfiguring Firepower Management Centers
Scrubbing the Hard Drive
Related Documentation
Package Contents
This section lists the items included with each model. Note that contents are subject to change, and your exact contents
might contain additional or fewer items.
Chassis Models
Firepower Management Center 750 (1U model). The following illustration of the rear of the chassis indicates
the location of the management interface on a MC750.
Figure 1
MC750 Chassis and Management Interface
1
Management interface
Cisco Firepower Management Center Getting Started Guide
1
Cisco Systems, Inc.
www.cisco.com
1
Table of Contents
Related Manuals for Cisco 750
Summary of Contents for Cisco 750
-
Page 1: Package Contents
Chassis Models Firepower Management Center 750 (1U model). The following illustration of the rear of the chassis indicates the location of the management interface on a MC750. Figure 1 MC750 Chassis and Management Interface Management interface Cisco Systems, Inc. -
Page 2: Included Items
MC2000 and MC4000 PSU1 PSU1 PSU2 PSU2 Management interface Included Items One power cord per power supply. One straight-through Cat 5e Ethernet cables per chassis. One rack-mounting kit per chassis. Cisco Firepower Management Center Getting Started Guide... -
Page 3: License Requirements
For 7000 and 8000 Series, ASA FirePOWER, and NGIPSv devices, you must use Classic Licenses. Devices that use Classic Licenses are sometimes referred to as Classic devices. Cisco recommends that you use the initial setup page to add the licenses your organization has purchased; see License Settings, page 8. -
Page 4: Management Center Initial Setup
Ethernet connection to the appliance’s management interface. After initial setup, you can configure the appliance for serial access. For more information, see the Cisco Firepower Management Center 750, 1500, 2000, 3500, and 4000 Hardware Installation Guide. -
Page 5: Management Center Setup Using The Management Interface
Enter the IP address you want to assign to the management interface or press Enter to accept the current value. For example: 10.2.2.20 The following prompt (appended with the current value) appears: Management netmask? Cisco Firepower Management Center Getting Started Guide... -
Page 6: Initial Setup Page: Management Centers
— Time Settings, page 7 — Recurring Rule Update Imports, page 8 — Recurring Geolocation Updates, page 8 — Automatic Backups, page 8 — License Settings, page 8 — Device Registration, page 9 Cisco Firepower Management Center Getting Started Guide... - Page 7 This account has Administrator privileges and cannot be admin deleted. Cisco recommends that you use a strong password that is at least eight alphanumeric characters of mixed case and includes at least one numeric character. Avoid using words that appear in a dictionary. Network Settings A Management Center’s network settings allow it to communicate on your management network.
-
Page 8: Automatic Backups
Rule updates may also delete rules and provide new rule categories and system variables. If you plan to perform intrusion detection and prevention in your deployment, Cisco recommends that you Enable Recurring Rule Update Imports from the Support Site... -
Page 9: Device Registration
Continue with initial setup. Note: If you have devices that use Cisco Smart Licensing, you use the System>Licenses>Smart Licenses page to add and verify licenses. Refer to the product documentation for those devices for information on how to add Smart Licenses to the Firepower Management Center. The Firepower Management Center Configuration Guide provides more information about Classic Licenses and Smart Licenses, the types of licenses for each class, and how to manage the licenses across your deployment. -
Page 10: End User License Agreement
Management Center. Next Steps After you complete the initial setup process for an appliance and verify its success, Cisco recommends that you complete various administrative tasks that make your deployment easier to manage. You should also complete any tasks you skipped during the initial setup, such as device registration and licensing. -
Page 11: Redirecting Console Output
By default, Management Centers direct initialization status, or init, messages to the VGA port. If you want to use the physical serial port or SOL to access the console, Cisco recommends you redirect console output to the serial port after you complete the initial setup. -
Page 12: Using The Web Interface To Redirect The Console Output
Enabling LOM and LOM Users, page Restoring a Firepower Management Center to Factory Defaults Cisco provides ISO images on its Support Site for restoring, or reimaging, Firepower Management Centers to their original factory settings. For more information, see the following sections: ... -
Page 13: Before You Begin
Serial Connection/Laptop You can use a rollover serial cable (also known as a NULL modem cable or a Cisco console cable) to connect a computer to the appliance. See the hardware specifications for your appliance to locate the serial port. To interact with the appliance, use terminal emulation software such as HyperTerminal or XModem. -
Page 14: Obtaining The Restore Iso And Update Files
ISO image from the Support Site. The ISO image you should use to restore an appliance depends on when Cisco introduced support for that appliance model. Unless the ISO image was released with a minor version to accommodate a new appliance model, ISO images are usually associated with major versions of the system software (for example, 5.2 or 5.3). -
Page 15: Beginning The Restore Process
(sometimes called expert mode). Starting the Restore Utility Using KVM or Physical Serial Port For Firepower devices, Cisco provides a restore utility on an internal flash drive. Note: Do not use a KVM console with USB mass storage to access the appliance for the initial setup because the appliance may attempt to use the mass storage device as a boot device. -
Page 16: Starting The Restore Utility Using Lights-Out Management
If you are using a Firepower device, type to display the shell prompt. expert Reboot the appliance as root user. For a Firepower device, type system reboot The appliance reboots. Cisco Firepower Management Center Getting Started Guide... -
Page 17: Using The Interactive Menu To Restore An Appliance
4 Download and Mount Download the appropriate ISO image and any Downloading the ISO and Update Files system software or intrusion rule updates. Mount and Mounting the Image, page 20 the ISO image. Cisco Firepower Management Center Getting Started Guide... -
Page 18: Identifying The Appliance's Management Interface
Downloading the ISO and Update Files and Mounting the Image, page However, Cisco recommends you double-check the settings in the restore configuration before proceeding. Note: To use a previously saved configuration, start with menu option... -
Page 19: Specifying Iso Image Location And Transport Method
Note that the restore utility will also look for update files in the ISO image directory. To specify the restore files’ location and transport method: From the restore utility main menu, select 2 Choose the transport protocol On the page that appears, select either , or HTTP Cisco Firepower Management Center Getting Started Guide... -
Page 20: Updating System Software And Intrusion Rules During Restore
Table 3 on page -19. If your information was correct, the appliance connects to the server and displays a list of the Cisco ISO images in the location you specified. Select the ISO image you want to use. -
Page 21: Invoking The Restore Process
For a serial or SOL/LOM connection, type at the prompt and press Enter. System_Restore In either case, the prompt appears after the following choices: boot 0. Load with standard console 1. Load with serial console Cisco Firepower Management Center Getting Started Guide... - Page 22 Reimaging resets appliances in bypass mode to a non-bypass configuration and disrupts traffic on your network until you reconfigure bypass mode. For more information, see Traffic Flow During the Restore Process, page What to Do Next Continue with Next Steps, page Cisco Firepower Management Center Getting Started Guide...
-
Page 23: Saving And Loading Restore Configurations
Restoring your appliance to factory default settings results in the loss of almost all configuration and event data on the appliance, including bypass configurations for devices deployed inline. For more information, see Traffic Flow During the Restore Process, page Cisco Firepower Management Center Getting Started Guide... -
Page 24: Setting Up Lights-Out Management
If you deregistered the Firepower Management Center from the Cisco Smart Software Manager, register the appliance to the Cisco Smart Software Manager. Choose System > Licenses > Smart Licenses and click the register icon. Note that deleting license and network settings also resets display (console) and LOM settings. After you complete the initial setup process: ... -
Page 25: Enabling Lom And Lom Users
IP address assigned to it by the DHCP server. Because of this, Cisco recommends you configure the Firepower 7050 BMC with a static IP address. Alternately, you can disconnect the network cable and reconnect it, or remove and restore power to the device to force renegotiation of the link. -
Page 26: Installing An Ipmi Utility
Shut down and ship the appliance to the target location. Deploy the appliances in the target locations. Note: Save all packing materials and include all reference material and power cords when repackaging the appliance. Cisco Firepower Management Center Getting Started Guide... -
Page 27: Required Preconfiguration Information
IP address assigned to it by the DHCP server. Because of this, Cisco recommends you configure the 3D7050 BMC with a static IP address. Alternately, you can disconnect the network cable and reconnect it, or remove and restore power to the device to force renegotiation of the link. -
Page 28: Installing The System
Deleting a License from a Management Center Use the following procedure if you need to delete a license for any reason. Keep in mind that, because Cisco generates licenses based on each Management Center’s unique license key, you cannot delete a license from one Management Center and reuse it on a different Management Center. -
Page 29: Troubleshooting The Appliance Preconfiguration
— Starting the Restore Utility Using Lights-Out Management, page 16 From the restore utility main menu, select 8 Wipe Contents of Disk When prompted, confirm that you want to scrub the hard drive. Cisco Firepower Management Center Getting Started Guide... -
Page 30: Related Documentation
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners.