Configuring Cisco Devices - FirePOWER


    Firewall Analyzer supports the following versions of various Cisco devices.

     

    Configuring Cisco ASA with FirePOWER services

    Creating a Syslog Alert Response
    1.  Choose ASA Firepower ConfigurationPolicies > Actions > Alerts.
    2.  From the Create Alert drop-down menu, choose Create Syslog Alert.
    3.  Enter a Name for the alert.
    4.  In the Host field, enter the hostname or IP address of Firewall Analyzer server.
    5.  In the Port field, enter the port the server uses for syslog messages. By default, this value is 1514 in Firewall Analyzer server.
    6.  From the Facility list, choose a facility LOCAL7.
    7.  From the Severity list, choose a severity INFO.
    8.  Click Save.

     

     

     

    Configuration for sending the Traffic Events
    1. Navigate to ASA Firepower Configuration > Policies > Access Control Policy
    2. Edit the access rule and navigate to logging option.
    3. Select log at Beginning and End of Connection options.
    4. Navigate to Send Connection Events to option , select Syslog, and then select a Syslog alert response.
    5. Click Save.

     

     

     

    For detailed configuration of ASA FirePOWER services refer the following documents:

     

    Configure logging for FirePOWER Threat Defense (FTD) via Firepower Management Center (FMC)

    Refer the link given below: