Cisco Preparative Procedures & Operational User Guide
© 2016 Cisco Systems, Inc. All rights reserved.
Table of Contents
1
Introduction ........................................................................................................................................... 5
1.1
Common Criteria (CC) Evaluated Configuration ......................................................................... 6
1.2
References ..................................................................................................................................... 8
2
Operational Environment .................................................................................................................... 11
2.1
Operational Environment Components ....................................................................................... 11
2.2
Environmental Assumptions ....................................................................................................... 12
3
Before Installation ............................................................................................................................... 13
4
Assurance Activity Configuration ...................................................................................................... 15
4.1
Logging into the Appliance......................................................................................................... 15
4.1.1
Log In or Out of the Firepower Chassis Manager ............................................................... 15
4.1.2
Login to CLI Remotely ....................................................................................................... 16
4.1.3
Login to CLI Locally .......................................................................................................... 16
4.1.4
Logout ................................................................................................................................. 17
4.2
Auditable Events ......................................................................................................................... 18
4.3
Enable FIPS and CC Mode ......................................................................................................... 24
4.3.1
Enable FIPS Mode .............................................................................................................. 24
4.3.2
Enable Common Criteria (CC) Mode ................................................................................. 24
4.3.3
Generate the SSH Host Key ................................................................................................ 25
4.4
Configure Secure Connection with Audit Server and AAA Server ............................................ 26
4.4.1
Configure Syslog via CLI ................................................................................................... 26
4.4.2
Configure Syslog via GUI ................................................................................................... 28
4.4.3
Configure LDAP via CLI .................................................................................................... 31
4.4.4
Configure RADIUS via CLI ............................................................................................... 32
4.4.5
Configure via CLI ............................................................................................ 33
4.4.6
Configure LDAP via GUI ................................................................................................... 34
4.4.7
Configure RADIUS via GUI ............................................................................................... 35
4.4.8
Configure via GUI ........................................................................................... 36
4.4.9
Configure IPsec Secure Channel ......................................................................................... 37
4.4.10
Configure Static CRL for a Trustpoint................................................................................ 40
4.4.11
Set the LDAP Keyring Certificate ...................................................................................... 43
4.5
Management Functions ............................................................................................................... 46
4.5.1
IP Management and Pre-Login Banner ............................................................................... 46