CISCO An Fara Da Wuta Yana Yin Saitin Farko
Ƙayyadaddun bayanai
- Sunan samfur: Cisco Firepower
- Nau'in Samfur: Tsaro na hanyar sadarwa da Gudanar da zirga-zirga
- Zaɓuɓɓukan Aiwatarwa: Manufa-ginin dandamali ko maganin software
- Interface Mai Gudanarwa: Tsarin Mai Amfani
Umarnin Amfani da samfur
Shigarwa da Yin Saitin Farko akan Na'urorin Jiki:
Bi waɗannan matakan don saita Cibiyar Gudanar da Wuta akan kayan aikin jiki:
- Koma zuwa Jagoran farawa don cikakkun umarnin shigarwa.
Aiwatar da Kayan Aiki na Virtual
Idan ana tura kayan aikin kama-da-wane, bi waɗannan matakan:
- Ƙayyade dandali masu goyan baya don Cibiyar Gudanarwa da na'urori.
- Ƙaddamar da Cibiyoyin Gudanar da Wuta na Wuta akan Jama'a da mahallin girgije masu zaman kansu.
- Ƙaddamar da na'urori masu kama-da-wane don na'urar ku a kan wuraren da aka goyan bayan girgije.
Shiga a karon farko:
A cikin matakan shiga na farko don Cibiyar Gudanar da Wuta:
- Shiga tare da tsoffin takaddun shaida (admin/Admin123).
- Canja kalmar wucewa kuma saita yankin lokaci.
- Ƙara lasisi da rajistar na'urorin sarrafawa.
Ƙirƙirar Manufofi da Tsare-tsare:
Zuwa view bayanai a cikin dashboard, saita mahimman manufofi:
- Tsara mahimman manufofi don tsaro na cibiyar sadarwa.
- Don ci-gaba saituna, koma zuwa cikakken jagorar mai amfani.
FAQ:
Tambaya: Ta yaya zan shiga Cibiyar Gudanar da Wuta web dubawa?
A: Kuna iya shiga cikin web dubawa ta shigar da adireshin IP na Cibiyar Gudanarwa a cikin ku web mai bincike.
Farawa Da Wuta
Cisco Firepower haɗe-haɗe ne na tsaro na cibiyar sadarwa da samfuran sarrafa zirga-zirga, wanda aka tura ko dai akan dandamalin da aka gina da niyya ko azaman mafita na software. An tsara tsarin don taimaka muku sarrafa zirga-zirgar hanyar sadarwa ta hanyar da ta dace da manufofin tsaro na ƙungiyar ku — jagororin ku don kare hanyar sadarwar ku.
A cikin turawa na yau da kullun, na'urorin sarrafa zirga-zirga da yawa da aka girka akan sassan cibiyar sadarwa suna lura da zirga-zirga don bincike da bayar da rahoto ga manaja:
- Cibiyar Gudanar da Wuta
- Manajan Na'urar Wuta
Manajan Na'urar Tsaro Adaptive (ASDM)
Manajoji suna ba da na'ura mai kwakwalwa ta tsakiya tare da mahallin mai amfani mai hoto wanda zaku iya amfani da shi don aiwatar da gudanarwa, gudanarwa, bincike, da ayyukan bayar da rahoto.
Wannan jagorar tana mai da hankali kan Cibiyar Gudanar da Wuta mai sarrafa kayan aiki. Don bayani game da Manajan Na'urar Wuta ko ASA tare da Ayyukan FirePOWER da ake gudanarwa ta ASDM, duba jagororin waɗancan hanyoyin gudanarwa.
- Cisco Firepower Barazana Tsaro Jagorar Kanfigareshan Wuta don Wuta na Na'urar Manager
- ASA tare da Ayyukan WutaPOWER Jagoran Kanfigareshan Gudanar da Gida
- Saurin Farawa: Babban Saiti, a shafi na 2
- Na'urorin Wuta, a shafi na 5
- Fasalolin Wuta, a shafi na 6
- Canja wurin Yankuna akan Cibiyar Gudanar da Wuta, a shafi na 10
- Menu na Magana, a shafi na 11
- Raba bayanai tare da Cisco, a shafi na 13
- Taimakon Wuta Kan Layi, Yadda Ake Yi, Da Takaddun Shafi, shafi na 13
- Tsarin Wuta na Adireshin IP, a shafi na 16
- Ƙarin Bayanai, shafi na 16
Saurin Farawa: Saitin Asali
Saitin fasalin Wuta yana da ƙarfi da sassauƙa isa don tallafawa ƙa'idodi na asali da ci gaba. Yi amfani da sassan masu zuwa don saita Cibiyar Gudanar da Wuta da sauri da na'urorin da aka sarrafa don fara sarrafawa da nazarin zirga-zirga.
Shigarwa da Yin Saitin Farko akan Na'urorin Jiki
Tsari
Shigar da aiwatar da saitin farko akan duk kayan aikin jiki ta amfani da takaddun don kayan aikin ku:
- Cibiyar Gudanar da Wuta
Cibiyar Gudanar da Wutar Wuta ta Cisco don samfurin kayan aikin ku, akwai daga http://www.cisco.com/go/firepower-mc-install - Na'urorin da aka sarrafa na Barazana na Wuta
Muhimmi Yi watsi da takaddun Manajan Na'urar Wuta akan waɗannan shafuka.
- Cisco Firepower 2100 Jerin Farawa Jagora
- Cisco Firepower 4100 Jagoran Farawa
- Cisco Firepower 9300 Jagoran Farawa
- Tsaron Barazana na Wuta na Cisco don ASA 5508-X da ASA 5516-X Amfani da Cibiyar Gudanar da Wuta Mai Saurin Jagora
- Tsaron Barazana na Wuta na Cisco don ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, da ASA 5555-X Amfani da Cibiyar Gudanar da Wuta ta Gaggawar Jagorar Farawa.
- Tsaron Barazana na Wuta na Cisco don ISA 3000 Amfani da Cibiyar Gudanar da Wuta na gaggawa Jagoran farawa
Na'urorin sarrafawa na gargajiya
- Cisco ASA Firepower Module Saurin Fara Jagora
- Cisco Firepower 8000 Jerin Farawa Jagora
- Cisco Firepower 7000 Jerin Farawa Jagora
Aiwatar da Kayan Aiki na Virtual
Bi waɗannan matakan idan aikin naku ya ƙunshi kayan aikin kama-da-wane. Yi amfani da taswirar takaddar don gano wuri
takardun da aka jera a kasa: http://www.cisco.com/c/en/us/td/docs/security/firepower/roadmap/ wuta-roadmap.html.
Tsari
- Mataki na 1 Ƙayyade dandali mai goyan bayan da za ku yi amfani da su don Cibiyar Gudanarwa da na'urori (watakila waɗannan ba iri ɗaya ba ne). Duba Jagoran Daidaituwar Wuta ta Cisco.
- Mataki na 2 Ƙarfafa Cibiyoyin Gudanar da Wuta na Wuta akan ingantaccen muhallin gajimare na Jama'a da Masu zaman kansu. Duba, Cisco Secure Firewall Management Center Virtual Farawa Jagora.
- Mataki na 3 Yi amfani da na'urori masu kama-da-wane don na'urarka akan ingantaccen yanayin girgije na Jama'a da Masu zaman kansu. Don cikakkun bayanai, duba takaddun masu zuwa.
- NGIPSv yana gudana akan VMware: Cisco Firepower NGIPSv Jagoran Farawa Mai sauri don VMware
- Cisco Firepower Tsaro na Barazana don ASA 5508-X da ASA 5516-X Amfani da Gudanar da Wuta
Jagora Mai Saurin Farawa na Cibiyar
- Firepower Barazana Tsaro Virtual Gudun a kan Jama'a da kuma masu zaman kansu girgije muhallin, duba Cisco Secure Firewall Barazana Tsaro Virtual Fara Jagora, Version 7.3.
Shiga A Karon Farko
Kafin ka fara
- Shirya kayan aikin ku kamar yadda aka bayyana a cikin Shigarwa da Yin Saitin Farko akan Na'urorin Jiki, a shafi na 2 ko Ƙaddamar da Kayan Aikin Kaya, a shafi na 3.
Tsari
- Mataki 1 Shiga Cibiyar Gudanar da Wuta web dubawa tare da admin azaman sunan mai amfani da Admin123 azaman kalmar sirri. Canja kalmar sirri ta wannan asusun kamar yadda aka bayyana a cikin Jagorar Fara Saurin don kayan aikin ku.
- Mataki 2 Saita yankin lokaci don wannan asusu kamar yadda aka bayyana a Saitin Wurin Lokaci na Tsohuwar ku.
- Mataki na 3 Ƙara lasisi kamar yadda aka bayyana a cikin Lasisin Tsarin Wuta.
- Mataki na 4 Yi rijistar na'urorin sarrafawa kamar yadda aka bayyana a Ƙara Na'ura zuwa FMC.
- Mataki na 5 Sanya na'urorin da ake sarrafa ku kamar yadda aka bayyana a:
- Gabatarwa zuwa Aiwatar da Na'urar IPS da Kanfigareshan, don saita musaya ko musaya na layi akan 7000 Series ko 8000 Series na'urorin
- Interface Overview don Tsaron Barazana na Wuta, don saita yanayin gaskiya ko karkatacce akan na'urorin Tsaron Barazana na Wuta
- Interface Overview don Tsaron Barazana na Wuta, don saita musaya akan na'urorin Tsaron Barazana na Wuta
Abin da za a yi na gaba
- Fara sarrafawa da nazarin zirga-zirga ta hanyar daidaita manufofi na asali kamar yadda aka bayyana a cikin Kafa Basic Manufofin da Tsare-tsare, a shafi na 4.
Ƙirƙirar Manufofi na asali da Tsare-tsare
Dole ne ku tsara da tura mahimman manufofi don ganin bayanai a cikin dashboard, Context Explorer, da teburin taron.
Wannan ba cikakken tattaunawa ba ne na manufofi ko damar fasali. Don jagora kan wasu fasaloli da ƙarin ci gaba, duba sauran wannan jagorar.
Lura
Kafin ka fara
- Shiga cikin web dubawa, saita yankin lokacinku, ƙara lasisi, na'urori masu rijista, da saita na'urori kamar yadda aka bayyana a Shiga Shiga da farko, a shafi na 3.
Tsari
- Mataki na 1 Tsaya tsarin sarrafa damar shiga kamar yadda aka bayyana a Ƙirƙirar Manufofin Sarrafa Hannun Hannu.
- A mafi yawan lokuta, Cisco yana ba da shawarar saita Madaidaicin Tsaro da manufofin kutse Haɗuwa azaman tsoho aikinku. Don ƙarin bayani, duba Tsohuwar Ayyukan Manufofin Sarrafa Sabis da Tsarin-Samarwar Hanyar Sadarwa da Manufofin Kutsawa.
- A mafi yawan lokuta, Cisco yana ba da shawarar ba da damar shiga haɗin gwiwa don saduwa da tsaro da bukatun ƙungiyar ku. Yi la'akari da zirga-zirga a kan hanyar sadarwar ku lokacin da za ku yanke shawarar haɗin haɗin da za ku shiga don kada ku rikitar da nunin ku ko mamaye tsarin ku. Don ƙarin bayani, duba Game da Logging Connection.
- Mataki na 2 Aiwatar da tsohowar tsarin kiwon lafiya da aka samar kamar yadda aka bayyana a Aiwatar da Manufofin Lafiya.
- Mataki 3 Keɓance kaɗan daga saitunan tsarin tsarin ku:
- Idan kana son ba da izinin haɗin shiga don sabis (na misaliample, SNMP ko syslog), gyara tashoshin jiragen ruwa a cikin jerin hanyoyin shiga kamar yadda aka bayyana a Sanya Lissafin Samun dama.
- Fahimta kuma kuyi la'akari da gyara iyakokin abubuwan da suka faru na bayananku kamar yadda aka bayyana a Tsabtace Iyakokin Abubuwan Abubuwan Bayanan Bayanai.
- Idan kana son canza yaren nuni, shirya saitin yare kamar yadda aka bayyana a Saita Harshe don Web Interface.
- Idan ƙungiyar ku ta hana hanyar sadarwar hanyar sadarwa ta amfani da uwar garken wakili kuma ba ku saita saitunan wakili ba yayin daidaitawar farko, gyara saitunan wakili kamar yadda aka bayyana a Gyara Interfaces Management FMC.
- Mataki na 4 Keɓance manufar gano hanyar sadarwar ku kamar yadda aka bayyana a Tsabtace Manufar Gano hanyar sadarwa. Ta hanyar tsoho, manufar gano hanyar sadarwar tana nazarin duk zirga-zirgar hanyar sadarwar ku. A mafi yawan lokuta, Cisco yana ba da shawarar taƙaita ganowa ga adiresoshin RFC 1918.
- Mataki na 5 Yi la'akari da keɓance waɗannan sauran saitunan gama gari:
- Idan ba kwa son nuna fafutukan cibiyar saƙon, musaki sanarwar kamar yadda aka bayyana a Halayen Halayen Sanarwa.
- Idan kuna son keɓance tsoffin ƙima don masu canjin tsarin, ku fahimci amfaninsu kamar yadda aka bayyana a Saiti masu Sauyawa.
- Idan kana son sabunta bayanan Gelocation, sabuntawa da hannu ko akan tsarin da aka tsara kamar yadda aka bayyana a Sabunta Database na Gelocation.
- Idan kuna son ƙirƙirar ƙarin ingantattun asusun mai amfani na gida don samun damar FMC, duba Ƙara mai amfani na ciki a Web Interface.
- Idan kana so ka yi amfani da LDAP ko RADIUS tabbacin waje don ba da damar shiga FMC, duba Ƙirƙiri ETabbatar da xternal.
- Mataki na 6 Sanya canje-canjen sanyi; duba Sanya Canje-canje na Kanfigareshan.
Abin da za a yi na gaba
- Review kuma la'akari da daidaita wasu fasalulluka da aka siffanta a Features na Wuta, a shafi na 6 da sauran wannan jagorar.
Na'urorin Wuta
A cikin turawa na yau da kullun, na'urori masu sarrafa zirga-zirga da yawa suna ba da rahoto zuwa Cibiyar Gudanar da Wuta guda ɗaya, wacce kuke amfani da ita don aiwatar da gudanarwa, gudanarwa, bincike, da ayyukan bayar da rahoto.
Na'urorin gargajiya
Na'urorin gargajiya suna gudanar da software na IPS (NGIPS) na gaba. Sun hada da:
- Firepower 7000 jerin da Firepower 8000 jerin jiki na'urorin.
- NGIPSv, wanda aka shirya akan VMware.
- ASA tare da Ayyukan Wutar Wuta, akwai akan zaɓin ASA 5500-X jerin na'urorin (har ma sun haɗa da ISA 3000). ASA tana ba da tsarin tsarin layin farko, sannan ta wuce zirga-zirga zuwa tsarin ASA FirePOWER don ganowa da ikon samun dama.
Lura cewa dole ne ka yi amfani da ASA CLI ko ASDM don saita abubuwan tushen ASA akan na'urar ASA FirePOWER. Wannan ya haɗa da babban wadatar na'urar, sauyawa, kewayawa, VPN, NAT, da sauransu.
Ba za ku iya amfani da FMC don saita musaya na ASA FirePOWER ba, kuma FMC GUI baya nuna mu'amalar ASA lokacin da aka tura ASA FirePOWER a yanayin tashar tashar SPAN. Hakanan, ba za ku iya amfani da FMC don rufewa, sake farawa, ko kuma sarrafa ayyukan ASA FirePOWER ba.
Na'urorin Tsaro na Barazana na Wuta
Na'urar Tsaron Barazana ta Wuta (FTD) ita ce ta wuta ta zamani mai zuwa (NGFW) wacce kuma tana da damar NGIPS. NGFW da fasalulluka na dandamali sun haɗa da yanar gizo-zuwa-rubutu da samun damar VPN mai nisa, ƙaƙƙarfan tuƙi, NAT, tari, da sauran haɓakawa a cikin binciken aikace-aikacen da ikon samun dama.
Ana samun FTD akan dandamali masu yawa na zahiri da kama-da-wane.
Daidaituwa
Don cikakkun bayanai kan daidaitawar mai sarrafa-na'ura, gami da software da ke dacewa da takamaiman ƙirar na'ura, mahallin ɗaukar hoto na kama-da-wane, tsarin aiki, da sauransu, duba Bayanan Bayanan Sakin Wuta na Cisco da Jagoran Compatibility Firepower.
Fasalolin Wuta
Waɗannan allunan suna lissafin wasu fasalolin Wuta da aka saba amfani da su.
Kayan aiki da Abubuwan Gudanar da Tsarin
Don gano takaddun da ba a sani ba, duba: http://www.cisco.com/c/en/us/td/docs/security/firepower/roadmap/firepower-roadmap.html
| Idan kana so… | Sanya… | Kamar yadda aka bayyana a… |
| Sarrafa asusun mai amfani don shiga cikin kayan aikin Wuta na ku | Tantance wutar wuta | Game da Asusun Mai amfani |
| Kula da lafiyar kayan masarufi da software | Manufar kula da lafiya | Game da Kula da Lafiya |
| Ajiye bayanai akan kayan aikin ku | Ajiyayyen da mayar | Ajiyayyen kuma Mai da |
| Haɓaka zuwa sabon sigar Wuta | Sabunta tsarin | Cisco Firepower Management Jagoran Haɓaka Cibiyar, Sigar 6.0-7.0 |
| Ƙaddamar da kayan aikin ku na zahiri | Dawo zuwa ma'aikatu na asali (reimage) | The Cisco Firepower Haɓaka Cibiyar Gudanarwa Jagora, Siffar 6.0–7.0, don jerin hanyoyin haɗi zuwa umarni kan yin sabobin shigarwa. |
| Sabunta VDB, sabunta ƙa'idar kutse, ko GeoDB akan na'urar ku | Sabunta Database mai rauni (VDB), sabunta ƙa'idar kutsawa, ko sabunta bayanan GeoDB (GeoDB) | Sabunta tsarin |
| Idan kana so… | Sanya… | Kamar yadda aka bayyana a… |
| Aiwatar da lasisi don ɗaukar advantage na ayyuka masu sarrafa lasisi | Classic ko Smart lasisi | Game da Lasisi na Wuta |
| Tabbatar da ci gaba da ayyukan kayan aiki | Babban wadatar na'urar da/ko babban samuwar Cibiyar Gudanar da Wuta | Kimanin 7000 da 8000 Jerin Na'urar Babban Samuwar Game da Babban Samuwar Tsaron Barazana Wuta Game da Babban Samuwar Cibiyar Gudanar da Wuta |
| Haɗa albarkatun sarrafa na'urori masu yawa na 8000 Series | Tari na na'ura | Game da Tarin Na'ura |
| Saita na'ura don tafiyar da zirga-zirga tsakanin mu'amala biyu ko fiye | Hanyar hanya | Masu amfani da hanyar sadarwa ta zamani Hanyar Hanyaview don Tsaron Barazana na Wuta |
| Sanya fakitin sauyawa tsakanin cibiyoyin sadarwa biyu ko fiye | Canjin na'ura | Maɓallin Maɓalli Saita Mutuwar Rukunin Gada |
| Fassara adiresoshin sirri zuwa adiresoshin jama'a don haɗin intanet | Fassarar Adireshin Yanar Gizo (NAT) | Kanfigareshan Manufofin NAT Fassarar Adireshin Sadarwar Sadarwa (NAT) don Tsaron Barazana na Wuta |
| Ƙirƙiri amintaccen rami tsakanin Tsaron Barazana na Wuta ko 7000/8000 Series na'urorin | Yanar Gizo-zuwa-Site Virtual Private Network (VPN) | VPN Overview don Tsaron Barazana na Wuta |
| Kafa amintattun ramuka tsakanin masu amfani da nesa da Barazana Wuta da aka sarrafa Na'urorin tsaro | VPN mai nisa | VPN Overview don Tsaron Barazana na Wuta |
| Yanki damar mai amfani zuwa na'urorin sarrafawa, daidaitawa, da abubuwan da suka faru | Multitenancy ta amfani da yanki | Gabatarwa zuwa Yawaita Amfani da Domains |
| View da sarrafa kayan aiki daidaitawa ta amfani da abokin ciniki REST API | API ɗin REST da REST API Explorer | REST API Preferences Wuta REST API Jagoran Fara Saurin |
| Matsalar warware matsalar | N/A | Shirya matsala Tsarin |
Babban Samuwar da Siffofin Matsala ta Platform
Haɓaka haɓakawa mai yawa (wani lokaci ana kiransa gazawar) yana tabbatar da ci gaba da ayyuka. Matsaloli masu tarin yawa da tarkace suna haɗa na'urori da yawa tare a matsayin na'ura mai ma'ana guda ɗaya, suna samun ƙarin kayan aiki da sakewa.
| Dandalin | Babban Samuwar | Tari | Tari |
| Cibiyar Gudanar da Wuta | Ee Sai dai MC750 | — | — |
| Cibiyar Gudanar da Wuta Mai Kyau | — | — | — |
| Ee | — | — |
Tsaron Barazana na Wuta:
| Ee | Ee | — |
Tsaron Barazana Mai Wuta:
| Ee | — | — |
Kariyar Barazana Wuta Mai Kyau (girgijen jama'a):
| — | — | — |
| Ee | — | — |
| Ee | — | Ee |
| ASA Firepower | — | — | — |
| NGIPSv | — | — | — |
Maudu'ai masu dangantaka
Kimanin 7000 da 8000 Jerin Na'urar Babban Samuwar
Game da Babban Samuwar Tsaron Barazana Wuta
Game da Babban Samuwar Cibiyar Gudanar da Wuta
Siffofin don Ganewa, Hana, da Sarrafar Matuƙar Barazana
Don gano takaddun da ba a sani ba, duba: http://www.cisco.com/c/en/us/td/docs/security/firepower/roadmap/firepower-roadmap.html
| Idan kana so… | Sanya… | Kamar yadda aka bayyana a… |
| Duba, shiga, da ɗaukar mataki akan zirga-zirgar hanyar sadarwa | Manufar sarrafa shiga, iyayen wasu manufofi da yawa | Gabatarwa zuwa Ikon Samun shiga |
| Toshe ko saka idanu haɗin kai zuwa ko daga adiresoshin IP, URLs, da/ko sunayen yanki | Sirrin Tsaro a cikin manufofin sarrafa damar ku | Game da Sirrin Tsaro |
| Sarrafa da webshafukan da masu amfani akan hanyar sadarwar ku zasu iya shiga | URL tacewa cikin dokokin manufofin ku | URL Tace |
| Saka idanu munanan zirga-zirga da kutse a kan hanyar sadarwar ku | Manufar kutse | Tushen Manufofin Kutse |
| Toshe hanyoyin da aka ɓoye ba tare da dubawa ba Bincika rufaffiyar zirga-zirga ko ɓarna | Manufar SSL | Manufofin SSL sun ƙareview |
| Keɓance zurfin dubawa zuwa cunkoson ababen hawa da haɓaka aiki tare da hanyoyin gaggawa | Manufar prefilter | Game da Prefiltering |
| Ƙimar iyaka zirga-zirgar hanyar sadarwa wanda aka ba da izini ko amintacce ta hanyar sarrafa shiga | manufofin ingancin Sabis (QoS). | Game da Manufofin QoS |
| Bada ko toshe files (gami da malware) akan hanyar sadarwar ku | File/ manufofin malware | File Manufofi da Kariyar Malware |
| Aiwatar da bayanai daga tushen bayanan sirri na barazana | Daraktan Leken asirin Barazana na Cisco (TID) | Barazana Daraktan leken asiri Overview |
| Sanya ingantaccen mai amfani ko mai aiki don aiwatar da wayar da kan mai amfani da sarrafa mai amfani | Sanin mai amfani, ainihin mai amfani, manufofin ainihi | Game da Tushen Bayanan Mai Amfani Game da Manufofin Shaida |
| Tattara mai watsa shiri, aikace-aikace, da bayanan mai amfani daga zirga-zirga akan hanyar sadarwar ku don aiwatar da wayar da kan mai amfani | Manufofin Gano hanyar sadarwa | Ƙarsheview: Manufofin Gano hanyar sadarwa |
| Yi amfani da kayan aikin da ya wuce tsarin Wutar ku don tattarawa da tantance bayanai game da zirga-zirgar hanyar sadarwa da yuwuwar barazanar | Haɗin kai tare da kayan aikin waje | Binciken Abubuwan Tafiya Ta Amfani da Kayan Aikin Waje |
| Yi gano aikace-aikacen da sarrafawa | Abubuwan gano aikace-aikace | Ƙarsheview: Gano Aikace-aikacen |
| Matsalar warware matsalar | N/A | Shirya matsala Tsarin |
Haɗin kai tare da Kayan Aikin Waje
Don gano takaddun da ba a sani ba, duba: http://www.cisco.com/c/en/us/td/docs/security/firepower/roadmap/firepower-roadmap.html
| Idan kana so… | Sanya… | Kamar yadda aka bayyana a… |
| Ƙaddamar da gyara ta atomatik lokacin da yanayi a kan hanyar sadarwar ku ya keta manufar haɗin gwiwa | Gyaran baya | Gabatarwa zuwa Gyarawa Jagorar Gyaran Wuta na Tsarin Wuta |
| Yada bayanan taron daga Cibiyar Gudanar da Wuta zuwa a aikace-aikacen abokin ciniki na al'ada | eStreamer hadewa | eStreamer Server Streaming Jagorar Haɗin kai Tsarin Wuta eStreamer |
| Tambayoyi bayanan bayanai akan Cibiyar Gudanar da Wuta ta amfani da abokin ciniki na ɓangare na uku | Samun damar bayanai na waje | Saitunan Samun Bayanai na Waje Jagoran Shiga Database Database System |
| Haɓaka bayanan ganowa ta hanyar shigo da bayanai daga tushe na ɓangare na uku | Shigar da mai watsa shiri | Bayanan shigar da Mai watsa shiri Jagorar shigar da Mai watsa shiri na Wuta na Wuta |
| Bincika abubuwan da suka faru ta amfani da kayan aikin ajiyar bayanan taron waje da sauran bayanai albarkatun | Haɗin kai tare da kayan aikin bincike na taron waje | Binciken Abubuwan Tafiya Ta Amfani da Kayan Aikin Waje |
| Matsalar warware matsalar | N/A | Shirya matsala Tsarin |
Canja wurin Yankuna akan Cibiyar Gudanar da Wuta
A cikin turawa da yawa, gata rawar mai amfani ta ƙayyade ko wane yanki mai amfani zai iya shiga da kuma waɗanne gatan da mai amfani ke da shi a cikin kowane ɗayan waɗannan wuraren. Kuna iya haɗa asusun mai amfani guda ɗaya tare da yankuna da yawa kuma ku ba da dama daban-daban ga mai amfani a kowane yanki. Domin misaliample, za ka iya sanya mai amfani
gata mai karantawa kawai a cikin Duniyar Duniya, amma gatan Gudanarwa a cikin yanki na zuriya.
Masu amfani da ke da alaƙa da yankuna da yawa na iya canzawa tsakanin yanki a cikin guda ɗaya web zaman dubawa.
A ƙarƙashin sunan mai amfani a cikin kayan aiki, tsarin yana nuna bishiyar da ke akwai. Itace:
- Yana nuna wuraren kakanni, amma yana iya hana samun dama gare su bisa ga abubuwan da aka ba wa asusun mai amfani.
- Yana ɓoye duk wani yanki da asusun mai amfani ba zai iya shiga ba, gami da ƴan uwa da zuriya.
Lokacin da kuka canza zuwa yanki, tsarin yana nuna:
- Bayanan da suka dace da yankin kawai.
- Zaɓuɓɓukan menu sun ƙayyade ta aikin mai amfani da aka ba ku don wannan yanki.
Tsari
Daga jerin zaɓuka a ƙarƙashin sunan mai amfani, zaɓi yankin da kake son shiga.
Menu na Magana
Wasu shafuka a cikin Tsarin Wuta web dubawa yana goyan bayan danna dama (mafi kowa) ko danna mahallin mahallin hagu wanda zaka iya amfani dashi azaman gajeriyar hanya don samun damar wasu fasaloli a cikin Tsarin Wuta. Abubuwan da ke cikin menu na mahallin sun dogara da inda kake samun dama gare shi-ba kawai shafin ba har ma da takamaiman bayanai.
Don misaliampda:
- Wuraren adireshin IP suna ba da bayani game da rundunar da ke da alaƙa da waccan adireshin, gami da duk wani wanda ake samu da kuma mai masaukin bakifile bayani.
- SHA-256 madaidaicin ƙimar hash yana ba ku damar ƙara a file's SHA-256 zanta darajar zuwa ga tsabta jeri ko al'ada ganewa jerin, ko view duk darajar zanta don kwafi. A kan shafuka ko wuraren da ba sa goyan bayan menu na mahallin Tsarin Wuta, menu na mahallin na yau da kullun na mai binciken ku yana bayyana.
Editocin Siyasa
Yawancin masu gyara manufofin sun ƙunshi wurare masu zafi akan kowace doka. Kuna iya saka sabbin dokoki da nau'ikan; yanke, kwafi, da liƙa dokoki; saita tsarin mulki; kuma gyara ka'ida.
Editan Dokokin Kutse
Editan dokokin kutsawa ya ƙunshi wurare masu zafi akan kowace ka'idar kutsawa. Kuna iya gyara ƙa'idar, saita yanayin ƙa'ida, saita zaɓuɓɓukan ƙirƙira da kashewa, kuma view takardun doka. Optionally, bayan danna Dokokin Dokokin a cikin menu na mahallin, zaku iya danna Takardun Dokokin a cikin taga buɗewar takaddun zuwa view cikakkun bayanai na ƙayyadaddun ƙa'ida.
Lamarin Viewer
Shafukan abubuwan da suka faru (shafukan da aka fashe da tebur views samuwa a ƙarƙashin menu na Analysis) sun ƙunshi wurare masu zafi akan kowane taron, adireshin IP, URL, Tambayar DNS, da wasu fileSHA-256 ƙimar hash. Yayin viewA mafi yawan nau'ikan taron, zaku iya:
- View bayanai masu alaƙa a cikin Context Explorer.
- Zazzage bayanan taron a cikin sabuwar taga.
- View cikakken rubutu a wuraren da filin taron ya ƙunshi rubutu mai tsayi da yawa don nunawa a cikin taron view, kamar a file's SHA-256 zanta ƙimar, bayanin rauni, ko a URL.
- Bude a web taga mai lilo tare da cikakkun bayanai game da kashi daga tushen waje zuwa Wuta, ta amfani da fasalin Ƙaddamarwa na Contextual Cross-Launch. Don ƙarin bayani, duba Amfani da Binciken Abubuwan da suka faru Web-Tsarin Albarkatun.
- (Idan ƙungiyar ku ta tura Cisco Security Packet Analyzer) Nemo fakiti masu alaƙa da taron. Don cikakkun bayanai, duba Binciken Abubuwan da suka faru Amfani da Cisco Security Fakitin Analyzer.
Yayin viewA cikin abubuwan da suka faru na haɗin kai, za ku iya ƙara abubuwa zuwa tsohuwar Block Intelligence Block da Kada a Toshe lissafin:
- Adireshin IP, daga wurin hotspot adireshin IP.
- A URL ko domain name, daga a URL hotspot.
- Tambayar DNS, daga wurin tambaya na DNS.
Yayin viewkama files, file abubuwan da suka faru, da abubuwan malware, zaku iya:
- Ƙara a file zuwa ko cire a file daga jeri mai tsabta ko lissafin gano al'ada.
- Zazzage kwafin file.
- View gida files a cikin rumbun adana bayanai file.
- Zazzage gidan tarihin iyaye file don gida file.
- View da file abun da ke ciki.
- Gabatar da file don malware na gida da bincike mai ƙarfi.
Yayin viewA cikin abubuwan da suka faru na kutse, zaku iya yin ayyuka iri ɗaya ga waɗanda ke cikin editan dokokin kutsawa ko manufar kutse:
- Gyara ƙa'idar jawo.
- Saita tsarin mulki, gami da kashe ƙa'idar.
- Sanya zaɓuɓɓukan ƙirƙira da ƙaddamarwa.
- View takardun doka. Optionally, bayan danna Dokokin Dokokin a cikin menu na mahallin, zaku iya danna Takardun Dokokin a cikin taga buɗewar takaddun zuwa view cikakkun bayanai na ƙayyadaddun ƙa'ida.
Kunshin Taron Kutse View
Fakitin taron kutse views yana ƙunshe da wuraren zama na adireshin IP. Fakitin view yana amfani da menu na mahallin danna hagu.
Dashboard
Yawancin widget din dashboard sun ƙunshi wurare masu zafi zuwa view bayanai masu alaƙa a cikin Context Explorer. Dashboard
widget din na iya ƙunsar adireshin IP da SHA-256 hash hotspots.
Context Explorer
Context Explorer yana ƙunshe da wurare masu zafi akan ginshiƙi, tebur, da jadawali. Idan kuna son bincika bayanai daga jadawalai ko jeri dalla-dalla fiye da yadda Context Explorer ya ba da izini, zaku iya gangara zuwa teburin. views na bayanan da suka dace. Hakanan zaka iya view mai alaka, mai amfani, aikace-aikace, file, da kuma bayanan kutse.
Context Explorer yana amfani da menu na mahallin danna-hagu, wanda kuma ya ƙunshi tacewa da wasu zaɓuɓɓuka na musamman ga Context Explorer.
Maudu'ai masu dangantaka
Lissafin Sirrin Tsaro da Ciyarwa
Raba bayanai tare da Cisco
Kuna iya zaɓar raba bayanai tare da Cisco ta amfani da fasalulluka masu zuwa:
- Cisco Success Network
Duba Cisco Success Network - Web nazari
Duba (Na zaɓi) Ficewa daga Web Binciken Bincike
Taimakon Wuta akan Layi, Yadda Ake Yi, da Takaddun bayanai Zaku iya samun taimakon kan layi daga web dubawa:
- Ta danna mahaɗin taimako mai saurin fahimta akan kowane shafi
- Ta zabar Taimako > Kan layi
Yadda Don shine widget din da ke ba da hanyoyin tafiya don kewaya ta ayyuka akan Cibiyar Gudanar da Wuta.
Tattaunawar za ta jagorance ku don aiwatar da matakan da ake buƙata don cimma ɗawainiya ta hanyar ɗaukar ku ta kowane mataki, ɗaya bayan ɗaya ba tare da la'akari da fuskokin UI daban-daban waɗanda za ku iya kewaya ba, don kammala aikin.
Ana kunna yadda ake widget ta tsohuwa. Don musaki widget din, zaɓi Zaɓuɓɓukan Mai amfani daga jerin zaɓuka a ƙarƙashin sunan mai amfani, sannan cire alamar Enable How-Tos akwati a cikin Saitunan Yadda-To.
Gabaɗaya ana samun hanyoyin tafiya don duk shafukan UI, kuma ba su da ra'ayin mai amfani. Koyaya, ya danganta da gata na mai amfani, wasu abubuwan menu ba za su bayyana akan mahallin Cibiyar Gudanar da Wuta ba. Ta haka, hanyoyin ba za su aiwatar da waɗannan shafuka ba.
Lura
Ana samun matakai masu zuwa akan Cibiyar Gudanar da Wuta:
- Yi rijistar FMC tare da Cisco Smart Account: Wannan hanyar za ta jagorance ku don yin rijistar Cibiyar Gudanar da Wuta tare da Asusun Cisco Smart Account.
- Saita Na'ura kuma ƙara ta zuwa FMC: Wannan hanyar tafiya tana jagorantar ku don saita na'ura da ƙara na'urar zuwa Cibiyar Gudanar da Wuta.
- Tsaya Kwanan wata da Lokaci: Wannan hanyar tafiya tana jagorantar ku don saita kwanan wata da lokacin Wutar Wuta
- Na'urorin Tsaron Barazana ta amfani da tsarin saitin dandamali.
- Saita Saitunan Sadarwa: Wannan hanyar tafiya tana jagorantar ku don saita musaya akan na'urorin Tsaro na Barazana na Wuta.
- Ƙirƙirar Manufofin Sarrafa Hannu: Manufar kula da samun dama ta ƙunshi jerin ƙa'idodin da aka ba da umarni, waɗanda aka kimanta daga sama zuwa ƙasa. Wannan hanyar za ta jagorance ku don ƙirƙirar manufar sarrafa shiga. Ƙara Dokokin Gudanar da Samun dama - Tafiya ta Fasalo: Wannan tafiyar tana bayyana abubuwan da ke tattare da su
dokar sarrafa shiga, da kuma yadda zaku iya amfani da su a Cibiyar Gudanar da Wuta. - Saita Saitunan Rarrabawa: Ka'idodin ƙa'ida daban-daban suna samun goyan bayan Tsaron Barazana na Wuta. A tsaye hanya tana bayyana inda za a aika da zirga-zirga don takamaiman cibiyoyin sadarwa. Wannan hanyar za ta jagorance ku don saita tsayayyen tsarin don na'urorin.
- Ƙirƙirar Manufofin NAT - Tafiya mai Fasa: Wannan tafiyar tana jagorantar ku don ƙirƙirar manufofin NAT kuma yana bi da ku ta hanyoyi daban-daban na tsarin NAT.
Kuna iya samun ƙarin takaddun da ke da alaƙa da tsarin Wuta ta amfani da taswirar takarda: http://www.cisco.com/c/en/us/td/docs/security/firepower/roadmap/firepower-roadmap.html
Shafukan Lissafin Takaddun Manyan Mataki don Aiwatar da FMC
Takaddun da ke biyowa na iya zama masu taimako lokacin daidaita ayyukan Cibiyar Gudanar da Wuta, Sigar 6.0+.
Wasu takardun da aka haɗa ba su da amfani ga ƙaddamar da Cibiyar Gudanar da Wuta. Domin misaliampHar ila yau, wasu hanyoyin haɗi akan shafukan Tsaro na Barazana na Wuta sun keɓanta ga turawa da Manajan Na'urar Wuta ke gudanarwa, kuma wasu hanyoyin haɗin yanar gizon kayan aiki ba su da alaƙa da FMC. Don guje wa ruɗani, kula da hankali ga takaddun lakabi. Hakanan, wasu takaddun suna rufe samfura da yawa don haka suna iya bayyana akan shafukan samfura da yawa.
Cibiyar Gudanar da Wuta
- Kayan aikin kayan aikin Cibiyar Gudanar da Wuta: http://www.cisco.com/c/en/us/support/security/defense-center/tsd-products-support-series-home.html
- Kayan aikin Wuta na Wuta: • http://www.cisco.com/c/en/us/support/security/defense-center-virtual-appliance/tsd-products-support-series-home.html • http://www.cisco.com/c/en/us/support/security/defense-center/tsd-products-support-series-home.html
- Tsaron Barazana na Wuta, wanda kuma ake kira na'urorin NGFW (Na gaba Generation Firewall).
- Software na Barazana na Wuta: http://www.cisco.com/c/en/us/support/security/firepower-ngfw/tsd-products-support-series-home.html
- Tsaron Barazana Mai Wuta: http://www.cisco.com/c/en/us/support/security/firepower-ngfw-virtual/tsd-products-support-series-home.html
- Firepower 4100 jerin: https://www.cisco.com/c/en/us/support/security/firepower-4100-series/tsd-products-support-series-home.html
- Wuta 9300: https://www.cisco.com/c/en/us/support/security/firepower-9000-series/tsd-products-support-series-home.html
- ISH 3000: https://www.cisco.com/c/en/us/support/security/industrial-security-appliance-isa/tsd-products-support-series-home.html
Na'urorin gargajiya, wanda kuma ake kira NGIPS (Tsarin Kariyar Kutse na Gaba) Na'urorin
- ASA tare da Ayyukan Wutar Wuta:
- ASA 5500-X tare da Ayyukan Wuta: • https://www.cisco.com/c/en/us/support/security/asa-firepower-services/tsd-products-support-series-home.html https://www.cisco.com/c/en/us/support/security/asa-5500-series-next-generation-firewalls/tsd-products-support-series-home.html
- ISA 3000 tare da Ayyukan Wuta: https://www.cisco.com/c/en/us/support/security/industrial-security-appliance-isa/tsd-products-support-series-home.html
- Firepower 8000 jerin: https://www.cisco.com/c/en/us/support/security/firepower-8000-series-appliances/tsd-products-support-series-home.html
- Firepower 7000 jerin: https://www.cisco.com/c/en/us/support/security/firepower-7000-series-appliances/tsd-products-support-series-home.html
- AMP don hanyoyin sadarwa: https://www.cisco.com/c/en/us/support/security/amp-appliances/tsd-products-support-series-home.html
- NGIPSv (na'urar kama-da-wane): https://www.cisco.com/c/en/us/support/security/ngips-virtual-appliance/tsd-products-support-series-home.html
Bayanin lasisi a cikin Takardun
Bayanin lasisi a farkon sashe yana nuna wanne lasisin Classic ko Smart dole ne ka sanya wa na'urar sarrafawa a cikin Tsarin Wuta don kunna fasalin da aka kwatanta a sashin.
Saboda damar masu lasisi galibi suna da ƙari, bayanin lasisi yana ba da mafi girman lasisin da ake buƙata kawai ga kowane fasali.
Bayanin "ko" a cikin sanarwar lasisi yana nuna cewa dole ne ku sanya takamaiman lasisi ga na'urar da aka sarrafa don kunna fasalin da aka kwatanta a sashin, amma ƙarin lasisi na iya ƙara ayyuka. Domin misaliample, a cikin a file siyasa, wasu file Ayyukan doka suna buƙatar sanya lasisin Kariya ga na'urar yayin da wasu ke buƙatar sanya lasisin Malware.
Don ƙarin bayani game da lasisi, duba Game da Lasisi na Wuta.
Maudu'ai masu dangantaka
Game da Lasisi na Wuta
Bayanin na'urori masu goyan baya a cikin Takardun
Bayanin na'urori masu goyan baya a farkon babi ko jigo na nuna cewa ana samun goyan bayan fasalin akan takamaiman jerin na'urar, dangi, ko samfuri. Don misaliampHakazalika, yawancin fasalulluka ana goyan bayan akan na'urorin Tsaro na Barazana kawai.
Don ƙarin bayani kan dandamali waɗanda wannan sakin ke tallafawa, duba bayanin kula.
Bayanan shiga cikin Takardun
Bayanin Access a farkon kowace hanya a cikin wannan takaddun yana nuna takamaiman matsayin mai amfani da ake buƙata don aiwatar da aikin. Duk wani aikin da aka lissafa zai iya aiwatar da aikin.
Masu amfani da ayyukan al'ada na iya samun saitin izini wanda ya bambanta da na ayyukan da aka riga aka ayyana. Lokacin da aka yi amfani da ƙayyadaddun rawar don nuna buƙatun samun dama ga hanya, rawar al'ada tare da izini iri ɗaya kuma yana da dama. Wasu masu amfani da ayyuka na al'ada na iya amfani da hanyoyin menu daban-daban don isa ga shafukan daidaitawa. Domin misaliample, masu amfani waɗanda ke da rawar al'ada tare da gata na manufofin kutsawa kawai suna samun damar manufofin nazarin hanyar sadarwa ta hanyar manufofin kutse a maimakon daidaitaccen hanya ta hanyar manufofin sarrafa shiga.
Don ƙarin bayani game da matsayin mai amfani, duba Matsayin Mai amfani da Keɓance Matsayin Mai amfani don Web Interface.
Wuta Tsarin IP Address Conventions
Kuna iya amfani da bayanin kula na Inter-Domain Routing (CIDR) maras mara izini na IPv4 da kuma irin wannan bayanin tsayin prefix na IPv6 don ayyana tubalan adireshi a wurare da yawa a cikin Tsarin Wuta.
Lokacin da kake amfani da CIDR ko bayanin tsayin prefix don ƙididdige toshe na adiresoshin IP, Tsarin Wuta yana amfani da ɓangaren adireshin IP na cibiyar sadarwa da aka ƙayyade ta abin rufe fuska ko tsayin prefix. Domin misaliample, idan ka buga 10.1.2.3/8, Firepower System yana amfani da 10.0.0.0/8.
A wasu kalmomi, ko da yake Cisco yana ba da shawarar daidaitaccen hanyar amfani da adireshin IP na cibiyar sadarwa akan iyakar bit lokacin amfani da CIDR ko bayanin tsayin prefix, Tsarin Wuta baya buƙatar sa.
Ƙarin Albarkatu
Community Firewalls ƙwararrun ma'ajiya ce ta kayan tunani wanda ya cika ɗimbin takaddun mu. Wannan ya haɗa da hanyoyin haɗi zuwa nau'ikan 3D na kayan aikin mu, mai zaɓin daidaita kayan masarufi, garantin samfur, daidaitawa examples, bayanan fasaha na warware matsala, bidiyo na horo, dakin gwaje-gwaje da zaman Cisco Live, tashoshin kafofin watsa labarun, Cisco Blogs da duk takaddun da ƙungiyar Fa'idodin Fasaha ta buga.
Wasu daga cikin mutanen da ke aikawa zuwa rukunin yanar gizon al'umma ko wuraren raba bidiyo, gami da masu daidaitawa, suna aiki don Sistocin Cisco. Ra'ayoyin da aka bayyana akan waɗancan rukunin yanar gizon kuma a cikin kowane sharhi masu dacewa ra'ayoyin mawallafa na asali ne, ba na Cisco ba. An ba da abun ciki don dalilai na bayanai kawai kuma ba a nufin ya zama tallafi ko wakilci ta Cisco ko wata ƙungiya ba.
Lura
Wasu daga cikin bidiyon, bayanin kula na fasaha, da abubuwan tunani a cikin Community Firewalls suna nuna tsofaffin nau'ikan FMC. Sigar ku ta FMC da sigar da aka yi magana a cikin bidiyo ko bayanan fasaha na iya samun bambance-bambance a cikin mahaɗin mai amfani wanda ke sa hanyoyin ba su zama iri ɗaya ba.
Farawa Da Wuta
Takardu / Albarkatu
 | CISCO An Fara Da Wuta Yana Yin Saitin Farko [pdf] Jagorar mai amfani An Fara Da Wuta Yana Yin Saita Farko, Wuta Yana Yin Saita Farko, Yin Saitin Farko, Saitin Farko, Saita |
