Cisco CCNP Security 300-710 SNCF – Cisco NGFW Firepower Threat Defense (FTD) Part 4

30. Lecture-30:Cisco Firepower Management Center (FMC) Main Menu.

So first of all we will discuss about FMC. So in this way you will be used to with FMC, okay? Firepower Management Center the first thing is menu. OK? So there is on top a big menu if you go there from here to here. Basically this menu is divided in two part. From here you can see overview, analysis, policy, devices, object, amp and intelligence So this left side menu is called configuration detection and prevention menu. So most of the time you will be here to configure FTDs, okay? Because this centralized management provide you a place where you can configure and you can push the policies and configuration and you can monitor those devices. Like see yesterday we visit some website now is showing us here. So this FMC, you can use them for configuration detection, prevention Management and Monitoring purpose of FTD. So this left side menu where Overview, Analysis, Policy, Devices, Object and all these things, okay, let me go there, sorry, let me make them a bit smaller. Here is this one. So this menu, the right side there is a menu which is admin.

There is a system setting. When you click, there is drop down a lot of other stuff as well. And there is we will discuss this one and reply we will discuss this one separately. So this part this part is called operational task menu. Most of the thing here is related to Operational Task and if I say 80%, this side is related to if I go to System Enablement, this side is related directly to FMC configuration because this FMC is also provide you as a device, okay? So it can be a virtual, it can be a physical device. So if you want to put some restriction, if you want to configure them, SNMP, Monitoring, syslogs and so many things, active Directory Integration, all those things can be configured on this right side menu which is called Operational Task Menu. This one, yeah, there are some stuff which is related to FTD but most of the stuff on this right side menu is related directly or indirectly to FMC. But from here to here, this is directly related to FTDs because from here we want to configure FTD.

So if you want to configure FTD you will use this menu from here to here. So if I go back and there is sub menu if you go there, if you click on Overview so there is drop down submenu like in dashboard, different dashboard summary if you click on Analysis and mouse over so you will see sub menu there. Same as in policy, same in devices. Object, amp and intelligence. So this FMC is divided and top label menu is divided in two part Configuration Detection and Prevention Setting menu. And the other one is operational Task menu. So the right side you can deploy, you can system help user Name detail, operational task related like a health license, user Management system integration, backup task monitoring and so on. Those things can be found on this side and if you go on the left side. So overview analysis, policy, devices, object amp, intelligent policy creation, monitoring, okay, device configuration, object configuration, different security policies.

All these things can be done on your left side and if you mass over, so you will see many other menu. If I go back, the one which I show here, basically, this is the old style menu. So if you want the old style menu, just say classic menu. So it will show you in that way. The one which I take the screenshot. So now it’s better. So from here to here and from here to here, this is left side and this one is the right side. So when you click on system, so there are submenu like a configuration which we will do a bit later. User domain, detail integration, update license, which we done. One of them is license, smart license, we done from here, logging, et cetera, monitoring and all those stuff. So most of the time, if you want here, it means that you want to change something in FMC. And if you are here, it means you want to do something on FTD. Okay? So these are the two main menu. You need to know that’s it.

31. Lecture-31:Deploy Configuration and Message Center Details.

Is deploy configuration. You know this one there’s deploy. So when you click there is deploy then deployment and deployment history. So when you click on deployment if you do any changes. So it’s not effect directly on FTD. If I do some changes here, it will not affect an FTD until an unlike is you click on deploy button and you push them to which device it will show you. Right now they say all devices are up to date. Let me change something. Suppose if I change the policy access control policy. Suppose okay and let me click this policy and let me do some changes. Suppose if I have allowed policy and let me do something logging. Let me do at the end as well. And save. So I’ve done changes which is temporary. First of all you need to save this changes. So this changes a save here in FMC which is not pushed to FTD right now. How you can push these details to FTD you need to come to deploy and then deployment. And now they are showing us that there is pending status. So this is the device name. If you have more FTD it will show you all of them. Right now we have only one. And type is also FTD. We don’t have a group. If you want to create more than one group so you can create a group as well. Then they say last deploy time. It means when last time you deploy changes. You’re showing us 10th of a trail means yesterday we done this changes. The time is wrong.

So that’s why showing 01:00 p. m. . But we’ve done yesterday the changes. So it will show you the changes. When last time you deploy some changes. And you can see preview the changes and everything from here if you want. Okay. So it says that somebody changed access control policy ACP policy log at the end connection files which is now true. So there says somebody went to access control policy. Then he went to access rule which with the name of allowed Al. And then he changed the log was false. Log at the end of connection was false. He made them true. So this is a new version. So it will show you the detail. If you want to see where the exit changes are. And if you click here and if you sorry if you click here, you can see from here as well all the detail. Let me hide them. So this is the device name. If you have more devices that will show you all the devices. You can select a specific device by click this one. So now I want to push this detail. The one which is access control policy where I done the changes. And the changes is here. If you click on preview and it says it’s pending. Now choose this one. And then click again deploy. And then again they will say you have select one device to deploy. And then say deploy. So it means whatever we are doing here s temporary changes in FMC until our list. You press on deploy. And then when you click on deployment and you select your device to push them. Then it will push to that device.

Then in the deployment there is another one deployment history. It will show you the previous history. Whatever you’ve done the changes and who done the changes. And which time they done the changes. And when it’s finished the changes. And if you want to roll back the changes and status is completed. Either error either in progress. So these are the changes which we done last time. So Edmund changed this one. Okay. This one is no detail. So maybe we done a thing. It’s better to show this one. So right now it’s in progress. And you can see again the detail from here. Okay. This is an FTD which is in progress. Let me see the last one which we done this one. And let’s check out the detail. So these are the details which they telling you what you’ve done. They create allowed all policy access control policy. What they’ve done. They disable this one. They create some object and blah blah blah. And then these the details. Everything you can check from here. And all of them are complete. Okay. And in case if you want to roll back, you can roll back on this one. Suppose you’ve done a changes and you are not happy with that one. So you can click and you can roll back the changes. So this is deployment history. To check what has been pushed before. All the details. You can see from here and from deployment. So you can see the devices. Now you see this last deployment time. It will change now when it’s finished. So here it will show you the status. So the status is moving around. It means and in progress. And if I go there, okay, you can expand. So that’s the old method. So it was here like this. Where you done the changes with index. And is the current version means when you done the last changes, okay. You can get two type of issue. Maybe there is some warning. So they will say you want to proceed. Either you want to cancel. If you get in case some issue here. So there are two possibilities. They can show you proceed. It means you want to without resolve the issue and you want to proceed. Click proceed button. Right now there is no issue. So I hope so it will complete. And second thing, if there is an issue you can cancel. You can sort out the issue and you can come back to deploy.

In some cases you can find out. Now it says completed with green bar. It says it’s okay. And if I go to the switch to the new one. So it will be a bit different. Okay. Now I’m back because I don’t have any deployment right now. So if I go to deployment history so it’s a bit different, you know, in the new screen, in the new layout, but almost the same thing. Okay, so what else will let me go there? You can explain and you can see. I show you this one whereas exactly the changes are suppose if I do changes, suppose this time let me go to net and let me do changes here this time. So let me go to network policy and let me change the name. Suppose let me do some changes so from inside to outside. Okay, I just want to change something like a translation DNS. So I checked this one. I done a small changes now save the changes and now let’s deploy now so that you can see where exactly the changes are. So now again it’s FTD. If you go to preview so this time it will show you net.

You see, they say somebody go to net, then auto net, okay? And then version on FMC translate DNS because I click this one. So if you edit so it will be like this. If you edit them so it will be in this color, a light blue and if you remove something, so it will be in. This one is green and this one is not a red but you can say a pink color type so that will show you because now I added them existing policies. So it’s showing me in this color, the background color. You can see it’s a light blue. Let me add something, it will become green. So let me do one thing. Let me go to the same device net. Let me add another net object, something okay, so that I can show you those legends. So let me add a new rule, manual, whatever and let’s okay, I just need to choose something. It will not work. So let me make the maze auto net, static net and PC one we create object yesterday and let me translate this object to let me translate them to destination interface. What else I need to change is okay because it’s in use. So I just need to put another IP. So let me create an object with the ven IP. Okay, 109, 21681, 114 suppose 210 okay, and let me copy this one. Okay.

And I need to choose the object now and okay, so now save and let me show you now again. So deployment and now let’s see and click on preview and here is now you see the difference. This one is light green and this one is light blue. So light blue means somebody added existing configuration and green means somebody added a new configuration. That’s why I added this object new one. And if you remove something, I just need to remove something to show you the pink one. Okay, so what should I do? And let me go to device net. I just want to delete something to show you. Okay? I just need the already existing one. So what can I do? What can I do? What I done? I just need something which we already created because object, it will not show us. Because objects are not pushed to the device. So in case if I delete object, it will not show us. So I’m here. But let me test them if it can. No, it will not work because objects are local. I just need to delete something which is already exist. So what I done yesterday, I need to delete something anyway. Let me go and try this one to delete this one and see. Because yesterday we create this policy from inside to outside. So let me delete this one this time and yes and save, I will create again. I just want to show you and go to deployment. Okay? And let’s click on preview. Okay, now you can see Auto net is in this pink color. You see background pink color. So it means that somebody removed this rule.

And light green means somebody edited this rule. And this light blue, it means somebody added existing policy. So you can find the information from here. And now the status is pending. It can be complete and it can be pending. And it can be some error and then error. They can give you two choice to proceed either to cancel to start out the issue and either to proceed with error. Okay, what else? So I already told you this device name and everything which is mentioned here. This one device name is FTD. Inspection interruption is nothing we will do later. This one and type is FTD. There is no group. Last time the change is done is today we’ve done. The changes is the preview and pending. Okay? And second thing to add with this one is Message Center. So let me go back. I want to delete those things. Just give me a minute to roll back the changes. You can roll back from there as well. I don’t need this one. Okay, and let me add the role with Auto Net dynamic and our land subnet inside LAN. I don’t think so. Inside lane it was or something. Yeah. Inside subnet to destination interface inside to outside. Translated to this one, no need of anything and that’s it. That’s the only changes I done. And let me save. Okay, and let’s deploy this one again. So until it’s deploy, let me select this one to deploy. And deploy. And deploy. Now, second thing is here. Message center. Message center.

I will show you this one as well. You know this one? This is called message center here. Now it’s moving around. It means something in progress running. So total one task. One of them is running right now. Because it’s running. Zero successful. Zero warning, zero failure. But this is related to deployment. Because Message Center is divided in three part deployment, health and task if any issue here keep in mind this icon will change. So now you see one total is green and tick mark and it’s a six pool. Now if it is running then it will show you here. If there is a warning it will show you here. If there is anything fail it will show you here. This is related to deployment we just discussed deployment. Second one is if any issue related to health like it’s not reachable to internet maybe the signature is not up to date or something wrong. So again it will show you warning, critical and error and then the task all the tasks which we done, it will show you here again how many tasks? So totally up to these two days, we done 20 total tasks. Out of them, zero is waiting, zero is running, zero retrying and 20 plus successful and zero failure. Again, if any issue here, this icon will change. So you will see this green techmar. This the message center. So it means if it is green, everything is okay. And it can be three type. It can show you a red one okay and it can show you a triangle means warning and it can be green. Now it’s green so no warning or error it means everything is okay. If there is a red like this one it means there is error you get my point what I’m saying? So now it’s okay.

I don’t just want to create error so that this icon can change what can I do so that I can present you if I am not reachable to internet so in that case it can be changed. I don’t know how to create something so that it can change. You know this one you know it’s green but when your mouse or it become blue because this let me change to classic one so it will not change now it’s okay. It has to be all the time green in tech mark this message center so if it is green and everything is okay you need to watch all the time this one and it will show you when you click so it will show you any error or anything in deployment, either in health, either in task. Maybe the task is not successful. Maybe something wrong with task. Maybe something wrong with health which I told you not reachable or something. And maybe there is issue and deployment. So this icon will change three type of icon you can see here this one it can change to three type yellow with triangle either green or red besides that one there will be web interface display whenever you do any deployment there will be a pop up. Let me show you let me do some changes so that you can see that one let me go to policies and access control policies and let me change something so that I can show you okay? Let me go to access control policy and edit this policy. Okay. And let’s go to edit this policy. And let me go to log in and disable this one. So I’ve done a small changes. So if I save the changes okay. And now let’s deploy. So when I am going to deploy you will see pop up window. Let me select the device to push them deploy and deploy. Watch out here. There you will see two type of web interface. One which you have to dismiss them to close them by dismiss. And the other one is for five second automatically it will remove. So if I go back and see now. So let’s see there has to come up a pop up automatically. One of them is within a five second. It will be this one. Now it’s come up. So after a five second it will be disappear. And some of them you have to dismiss them. You see now some of them as kickout from here is disappear. But some of them is showing still. You see now it’s a policy pre deployment, pre deployment, global configuration generation and so on whatever. Now this one is not going because it has to be there for 5 seconds. If it is more than five second, it means you need to dismiss.

You can click on dismiss to dismiss it. So this is called web interface display. Whenever you do something this popup will come. This popup notification automatically will come and will be disappear after 5 seconds. And some of them are tricky. It means you need to dismiss them. Got it. Now keep in mind and deployment tab which is right now we are if you go to message center and deployment how many icon you can see one of them there’s one which is moving around. It means it’s running. Something is running and deployment. Second thing you can see a tick mark which is a sex pool. After a while it will show you CSX pool. This one will tick mark. Now it’s running these two icon you will see right now. But if there is any issue it will show you a warning like this one. And if there is any fail or something so it will show you icon here. And deployment tab. I’m especially talking about this deployment tab. Because this message center is divided in three. Part one is related to deployment where you can see CSX pull green tech mark. Where you can see a triangle with yellow and you can see a failure with red. And the fourth one is this one when something is running. So this one is running these four things. You can see this icon. You can see now this one is stick mark. So it will go to successful now then in health again we can see three type of icon. Let’s go to hell. Deployment is done in health again you can see this icon warning critical and error but error will be shown with this icon. Keep in mind even though error their own sign is this one cross. But it will show you the same and critical and error both with the same icon and warning is the same one. Where is these three icon and health. If there is an issue and also if there is an issue in health, automatically this icon will change. I told you this measure center icon. It can be a green, it can be a triangle and it can be a yellow sorry, yellow triangle and red and green. So automatically if something wrong in hell, this icon will change.

Something wrong in deployment, this will change. Something wrong with task, it will change. So basically this health center above showing you that something is wrong in three tabs and deployment and health and task. So we discussed in deployment there can be four type of icons. One of them running, successful warning and failure related to health, there can be two type of icons. The third one, it will not show you the cross, it will show you the same. This one and the last one is task tape. This one, the third one. These are the tasks waiting, running, retrying and failure. So if something is here so you can see like waiting, running, retrying, successful, failure, stop and skip. We are in task. So tasks you can see many things. If I want to run something so it will show you here something. If something is running here, it will show you and task as well. Something is here, it will show you here. So task basically showing you all the tasks whatever is going on and you can remove the task. All these things if you want to clear how many are there, look at if you want you can cancel one by one like I don’t want this one, I don’t want this one, this one and this one if you want all of them to clear. So remove all completed tasks. So everything is clear now. So these two things, you will use them till end of the course. All the time you will come to message center and deploy. Message center and deploy. So that’s why I thought let me show you what is this? Even though after a while you will understand these two things automatically. Okay? The message center and the other one is the deploy. Okay?

32. Lecture-32:Configure and Verify System Settings In Cisco FMC.

Let’s configure system setting which is related to FMC this local system FMC Firepower Management Center because this is a device from where you are controlling all the devices FTD so it means you need to secure FMC and you need to configure them properly. So from here we can configure them if we go to system and there is a configuration. System and configuration I told you this side up menu is mostly related to FMC. These are the thing which is related to FMC from here to here but when you click system and configuration the first window it will show you information related to this device but we’re going to start from access list. The first one is related to access list. What is access list? We already use access list means to protect this FMC who can use this device is http in SSH and SNMP by default anybody can access right now I access this FMC 192 one, 6800, 210 with four, four, three and anybody can access them. If you want to restrict, you can add rule and you can type IP. Suppose if you say that only 100 dot whatever. Suppose 20 this guy can only do SSH and http SNMP it will give us error because SNMP is not configured. So let me say aid and then remove these two. I don’t want to remove I don’t know my IP, so I will be locked out. So I don’t know.

So you know you can restrict the access to this FMC that who can access this device through http https and through SSH right now by default. Is any any keep in mind if I lift them like this, it means anybody can access these two IP is just good for nothing. It’s not like an access list to check from top to bottom. It means they can check any combination. So it’s useless right now you need to remove this one and this one. By the way, let me show you one thing now I can do SSH premiere everywhere. Yeah, I have a puti now. So I need to install puti quickly put it download okay, just 1 minute give me a minute to download and don’t want installer version okay and open it and let’s do SSH to this device 192, 168, 100, 210 let me show you yes, I can access this device. Sorry. Admin is the password and ABC one and now I am in FMC cisco Firepower Management Center because why I am doing SSH. Because I say any, let’s remove this one and save N okay? And I will try again. Do you think I will access this device? No so accessless means to restrict the access to this FMC so that nobody else can access them. Let’s check out again now put EA and let’s try again the same IP 192, 168, 100, 210 why it allowed me? It has to give me error by the way, did I save? Okay, just 1 minute yes, I saved the setting and let’s put it and type 192 168 it has to give me error by the way.

Okay, let me try login admin and ABC. ABC one, for some reason they allowed me, which hasn’t to be because I say only Http is allowed for everyone, but I don’t know why they allowed me for I need to check. There is no need to deploy. By the way, if you are thinking that you need to deploy the changes, because this changes is not related to FTD, this changes is related to FMC this device. So no need to deploy. If maybe you are thinking that you did not deploy, so it doesn’t require any deployment. Anyway, I will check a bit later maybe the history of taking or something. So this is access list if you want to restrict access to this device. So I mentioned here. So access list, where is this one? So http and SSH and SNMP because SNMP is disabled. So I did not try that one. I will show you and you can restrict which IP has to be allowed the subnet either single IP normally administrator IP then second thing is related to Audit log. I don’t know which thing is here. Your access control preferences. Second tab is here. Access control preferences. What is access control preferences? Control policy is related to access control policy. If I go to policy, we will do Access Control Policy this week or next. Let me open this access control policy. A new tab. If I do some changes in this Excess Control Policy, do you think they’re going to ask me to commit something to put comments? No, this comments because it’s optional. If I do some changes, suppose logging and save it did not ask me anything, but for security reason, if you say no, whenever somebody do changes in Excess control, what they need, they need or require requirements must to put them comments so that we know what he done. So now I save. So let’s do again, let me go to Access Control Policy and let me do changes again.

This time uncheck and save. You see, description of change is required and okay is not working until I type something N. Okay, so this is true. Somebody has to put the command which is required if you say optional, so optional means that it’s okay if you type or not. So this time if I do some changes, suppose logging again in this place again it will ask me comments. But now okay is there because it’s optional either to type or not. Okay, so it’s working because I say here optional and require means it’s must and disable means no need to put the comments. So excess control policy is related to access policies. Then audit log. Audit Log means to send the logs syslogs to external server. Right now syslog server is disabled. If you want to enable okay, you need to put the IP of the syslog server 192, 168 I don’t know I have because I change my system, so I just want to check 140 IP. This is my IP, so let me put 140. Okay, and which facility we already discuss in many courses to up to level seven. Okay. In the severity debug level, if you want to put any extra optional tag. Tag is nothing, it will show you in every log. Suppose I put Hmar, so in every log this should be a mention and if you want to send the logs to Http server so you need to put that one right now I put this one, my syslog server and test syslog server. So let me check it’s. Reachable here and let me go to syslog server and let me clear this one so that we can see the logs now and save the changes.

So now it will start sending logs here. So let’s see, you can see now and every log there should be Ahmed name because we mentioned that you can see here Ahmad. So take is nothing, just a word, a key word, something so that you can identify that this log is related to something. So this one I don’t need the syslog, so let me disable it and save the changes. So we’ve done access list to restrict this device, then access control preferences to restrict access control policy to put the comments and then audit log to send the syslog logs to some external server. This is related to audit log certificate if you are using certificate. So right now we don’t need and then TLS means to protect them because logs are sent not an encrypted form. You already know. Yeah, I’ll show you from wireshark. Then the fourth one is CLI timeout is the name suggest command line interface timeout. So by default the browser session timeout 60 minutes. Now I’m logging through browser and CLI timeout is zero. So if want to configure these value, you can set here. Okay, then change reconciliation.

Change Reconciliation means if you want to send a report through email to someone if somebody change anything last 24 hours changes this is called change reconciliation by default is not enabled. So if somebody do some changes in this FMC and time to run, you can put the time and you can configure your email address. Email is below here. Email is somewhere here to configure, but you can configure from here as well. Whereas email configuration should be here somewhere. When we do changes, it will come up here something why I cannot see. It should be somewhere. Yeah, here is email, but you can configure them here as well. So configure your email like Google one SMTP Google. com and Google is using some other port, I forgot the port number and from which email put an email. Suppose you say AA at the rate@gmail. com and use authentication to send to my email xsmsc at the@gmail. com and put your password because I forgot the number of Smtpgoogle. com I need to put that detail. So let me find out. I don’t know what is the SMTP? I think so they’re using 67 or some port configuration option I forgot the port number, I think so one of them is this one, it should be 25 or 87, I think so this one is working with SSL, but anyway, let’s try port 85 or something. So where I was in configuration, where I put the email just give me a minute, let me do again so what it will do basically, when you configure this email, after every 24 hours it will send the report.

Whatever you change in this FMC so it will send to that email address if I mentioned here, let me go to theory this one. So when somebody done changes and last 24 hours and this device so it will send the report through that email. So it means you will know everything, whatever changes and last 24 hours. And this FMC okay then DNS cache. Cache is a small memory which keeping detail temporary by default. DNS can keep the record up to 300 minutes if you want to disable them resolution if you want to increase the time of DNS caches so you can increase and decrease here for how long to keep the record then a dashboard by default, every user is allowed to change the dashboard which is enabled by default. Widgets. You know this widgets? If I go to dashboard, any dashboard which is some summary dashboard suppose so I can change the widgets and I can do anything. These are widgets, this is called widgets, you know this one I can click to delete and I click click add widgets if I want to click widgets. Okay, so widgets is here, which widgets I need suppose I need application sorry, appliance information, aid and done. And if you go back it will be there summary dashboard.

So it means there is no restriction, you can aid and you can remove any widgets and anything. I added this one appliance information, this is appliance and let me remove them and okay, done. So if you want to protect them that no user can aid and delete this one so you can say enable custom analysis widgets you can disable and save if you want. Related to analysis widgets there are so many. Dashboards which we will discuss anyway then a database is they keep all the record in a database same like a Linux so like intrusion events they will keep how much events they will keep these old record up intrusion events, then discovery events, then connection details, then summary database details. And so many things are there. So if you want to increase, decrease, you can type here by default. This is the value for how long and how much to keep the events record in database. So you can change from database in FMC, then email notification which we discussed above. But as here you need to configure email notification. Here you can type the mail relay like SMTP. Normally your organization in SMTP, then the port number, maybe you are using something different.

And then SSL either TLS and email and this way you can send the report and everything to this email. So whenever something change in this device, they will send 24 hours report to that email. Then external database access. If you want to provide external database for backup so you can configure this one. External database access. There are so many other options. If I check here ad Host no, not this one. It has to show us. There is one place to show us. Maybe no. Ad host, maybe. Let me see. There was one option to see it. Not this one, but anyway, if you want before and the old one is showing us many other options. But in this one and say only allow external database access. Okay, that is down this separate one. Basically, if you want that, somebody can access the database which we discuss of this FMC. So you can allow them from external access and you can download the driver and you can provide them the access to access the database from external. It can be read only. So you can do this one then Https certificate this browser certificate is showing us the error so this is related to this one. You can import a certificate and you can generate a certificate and then you can import to your browser so this issue will be not there this related to that one. Then information related to this FMC. This is the name of the device product model then serial number is none software version and then operating system is Linux. I told you most of the command is Linux One and Operating System 6.

7 this the management IP IP Six is disabled and health policy and so on and this the model number intrusion policy preferences just like excess control policy. You can put restrictions on intrusion policy as well if you go to policy so we saw excess control policy. There is intrusion policy as well, which is not by default there. So if you want to put restriction to put the comments same like we done in access control policy. So you can put disable, you can put optional and you can say require that this is must to put the commands and also to send logs. Audit logs. We just done audit log to send the logs to Syslog server.

That somebody changed the intrusion policy. From here three options same like an excess control policy then language if you want to change the language, display language of FMC so there are many language like English, Japanese and so many other which is useless I don’t understand either Japanese in this one so you can change the language as well of this FMC from here login Banner if somebody log into this device it will show us the banner you can type the banner suppose this is a banner message normally nobody has authorized and blah blah blah company all those detail can be put here so if I say save so whenever I log in so it will show me this message so save and let’s log out and see okay it has to show us admin and ABC at the rate you see now this is a banner message if you want to accept then it will put you and you can log in so you can put here a banner message if you want for FMC so let me go back to system configuration and I was here in login banner okay so let’s go to login banner same like an SSH and telnet which we put the banner let me remove the banner I don’t need and save the changes because every time it will ask you to accept the information then next one is management interface this one the management interface which I’m logging to this device if you want to change the management detail from here like IP address make address in detail and if you want to put a default route by default this one and if you want to change the name of the device primary DNS of the device we are using this one let me put it at eight at eight as well and remote management port this the default port to remotely manage and IPV six and proxy if you have a proxy in your organization you can put the proxy detail here to access this device through management and if you want to change the primary SEC country and third DNA default route which we configure when we configuring first time so these detail we already put so you can click on this one to edit and you can change everything if you want and let me save the changes if you run some changes just save it will show you a warning because we are already logging through this management IP but it’s okay, I did not change the IP I just changed the DNS I put the third DNS so anything related to DNS interface and host name you can change from here either put the domain name then network analysis policy preferences same like access control policy I just need to go there let me go to policy and intrusion policy which network analysis they are asking so let’s go to network analysis policy same concept like excess control policy there is a network analysis policy when you click here this tab. If you want to put restriction on this policy that whenever somebody changes this policy, they need to put comments which I already show you the same thing.

So when somebody change in this policy they need to put the comments. Okay? And also it will send the logs to Syslog server then process tape this one sorry process and process you can shut down this device. If you want to shut down FMC run command, reboot the device and restart. So if you click on run I don’t want to click OK otherwise this device will shut down. So you can shut down through CLI as well. Shut down H and then now it will shut down the device but here through GI graphically you can come here and you can shut down the device properly. This is the proper way to shut down. So this is in process, debri, boot or shut down whatever then rest API Preferences API we discuss Nccnp security if you want to access this device through API, so it’s enabled by default. If it is enabled by default, it means I can access this device through API. So what is the IP of this device? 192 168 then API API something I forgot the last command, I just need to check how to check them. You can use the application as well. We use that application and you can use a browser as well. I just want to check we’ve done this one. Access control preferences. Okay. Information we done it will show you all the information. Intrusion policy we done this one as well.

And languages and manage interface if you want to change anything related to management interface, either hostname and route. Okay. And let’s go to network analysis remote storage Device this one? Yeah, this one. API Explorer. I was searching for this one API Explorer. So let me copy this one. I just need this information. Our IP is different. So let’s go to here and put this information and enter and admin is our user ABC at the rate ABC one. This is the password I change. So you can access this device through API. There is another application you can change from there, but it will log out you from here because I’m using through graphically postman. You remember, we done through postman. You see now I can access this device through API and you can do all the changes through API. So API is enabled by default and either you can use post men yeah, we done this application basically you remember Nccnp, we use them so you can download this application and you can access this device through API and there are many other anyway, so let’s go back to our detail. Okay. And let me log in back because when you are using API, it will session out. So let me log in ABC at the rate ABC one and existing session because we already log in there. So it will end the session and then we will log in back. So let’s go to where was here is Rest API and we discuss what is Rest API.

Okay, you can watch those videos. Okay then remote storage devices. I was confused in this one. Basically remote storage devices. Here the one which I was talking here. This one. External database access external database if you want to provide them access from external to access your database. Then this concept and this one is remote storage device to keep the breakup and remote storage. So I thought this one is that one. So I was confused in this too. But anyways, come up now. So NFS and you can use SMB and you can use SSH to put your backup remotely using NFS. Linux is also using an SMBs window and also in Linux and you can through SSH you can take backup of this device remotely to some other place. Okay. And if not so locally it’s already there. So this is for remote backup and restore. And also you can send your report through as a backup to remote storage device. Then SNMP which was not configured above. So you can configure SNMP here to send SNMP detail which is disabled by default. If I say one, two, version two and community strength test, that’s it. So now it’s configure and rest of the thing configure. Now go back to SSLs. You remember SNMP was not working there, I told you. So let me come back to Sslist. Now I enable SNMP version two with community string test and now I can put the IP. So what is the SNMP IP? I need any SNMP application.

It’s okay here. So what is my IP? I need to put that IP CMD IP config. So this is my IP and enter. Okay and now let’s go to put this IP and say SNMP in it. Okay now and save. Okay, they say the SSH is not there. It’s okay because I remove SSH. I thought to show you but it was working still. So now SNMP is configured and it will send the detail to here. So let’s register this device. We already discussed SNMP, I hope so you already know. So what is the IP of the device? 192, 168, 100, 210 FMC IP using 161 name should be anything that we don’t care and we are using SNMP version two. I configure this one. So let me put FMC something and let’s go to password. So the password we say test test and okay, so if everything is okay, I will access this device. So let’s go to management and system and let’s see the description get. So you see, it says Linux FMC resty version and then system name is FMC because it’s the name we gave them FMC location we did not put says unknown and what else you need? So I can access this device through FMC. You see, it’s showing me the only thing I can show you this one, the system host name which we give them this FMC name.

So SNMP is working. So whatever you know the logic of SNMP, I don’t want to go in detail we will do in the course. But anyway so this is SNMP. Then time related to this FMC like NTP time and everything you can configure from here it will show you the here changes are a bit down here it will show you only time, you cannot do anything. The second tab is time synchronization. Either from here. Then it will take you to change the timing. So time is nothing. But you have to come to time synchronization to change the timing of this device. So you can change NTP to get the time from where right now is taking from source file. You can put like a Google NTP either your country NTP either locally with authentication, without authentication. So for NTP to integrate this device to NTP, you have to come this place. Then these things are related to complain and everything. Maybe I mentioned here, I don’t know the abbreviation of these things. This related to USA something. They have some law and something. Yeah, this one I don’t know what is the abbreviation? It’s a defense unified capability approval product list. And then it’s a common critical something changes. I don’t know what the hell is this, but it’s here if you want to send your report either none either if you want to send them. So you can choose from here either CC or this organization to enable disable and then user configuration. Okay, user configuration. So let’s go to user configuration. So let’s see user detail, password reset time and successful login failure maximum and all those things which is related to user password. So you can change those value from here. And then VMware tool. Because I installed SQL on VMware basically in real life also VMware no more appliance is coming by Cisco even though it’s there.

If you need appliance is the FMC Swiss available? But most of the time it will be installed in VMware. So if you want enable VMware tool is like a driver than window when we install window so for everything we install driver to work. Same thing is when you install something virtually. So there is a tool which we call them VMware tool. Like your graphic will work properly and everything will work properly. So you can enable disable those VMware tool from here. Then Venerability mapping a lot of information related to vendorability in their detail. So you can find out from here which is a huge number, it will show us a bit later. And the last one is web analytics.

Web analytics is related to Fie mentioned here. This one if you want to send your personal detail to share with Cisco. Like a product version, browser version integration, location management, IP host name and all those details with Cisco for improvement. So you can use web analytics for that purpose. So vendorability mapping you see a lot of thing is there. So I don’t want to go in detail. We will do a vendorability there, then you will understand. Okay? And the last thing is web analytics which I told you to share the information with Cisco improvement to share your detail. So they can use those detail to improve this product so you want to share? So just check if you don’t want to share, then uncheck so this was configuration of FMC all the detail was related how to configure this FMC device?

• Category: Uncategorized