The Quick Start Guide for the FirePOWER Services Module is from the second book of the series.
The document shows how to install and register the SFR module with the FireSIGHT Management Center.
Before attempting the procedures described in this document, your system should meet these requirements.
You can read Installation of FirePOWER (SFR) Services on the Hardware Module.
The devices in the lab environment created the information in this document.The devices used in the document started with the default configuration.Make sure you understand the impact of any command if your network is live.
Next-Generation Firewall services are provided by the ASA FirePOWER module.
You can use the module in Single or Multiple context mode.
Before you attempt the procedures described in this document, consider this important information.
The same commands are used in order to remove the CX module, but the cxsc keyword is used instead.
The section describes how to install the SFR module on the ASA.
Here is an example that uses a different name for your server.
If the session command fails and a message appears to indicate that the system is unable to connect over TTYS1, this is a tip.Wait for the module boot to complete and try again if this happens.
If you don't want to respond to confirmation messages, include the noconfirm option.The url should be replaced with the location of the file.This is an example.
The system restarts when the installation is complete.Allow ten or more minutes for the installation of the application component.All processes should be indicated by the output of the show module sfr command.
The FirePOWER software and the FireSIGHT Management Center are described in this section.
You must register the security policy with the FireSIGHT Management Center in order to manage it.You can't do these actions with a FireSIGHT Management Center.
You have to create a service policy that identifies specific traffic in order to get traffic to the SFR module.Complete the steps in order to get traffic to the SFR module.
You can't set both passive mode and inline mode at the same time.Only one type of security policy can be used.