5-10
Firepower 7000 and 8000 Series Installation Guide
Chapter 5 Setting Up Firepower Managed Devices
Next Steps
Individual User Accounts
After you complete the initial setup, the only user on the system is the
admin
user, which has the
Administrator role and access. Users with that role have full menu and configuration access to the
system, including via the shell or CLI. Cisco recommends that you limit the use of the
admin
account
(and the Administrator role) for security and auditing reasons.
Creating a separate account for each person who will use the system allows your organization not only
to audit actions and changes made by each user, but also to limit each person’s associated user access
role or roles. This is especially important on the Firepower Management Center, where you perform
most of your configuration and analysis tasks. For example, an analyst needs access to event data to
analyze the security of your network, but may not require access to administrative functions for the
deployment.
The system includes ten predefined user roles designed for a variety of administrators and analysts. You
can also create custom user roles with specialized access privileges.
Health and System Policies
By default, all appliances have an initial system policy applied. The system policy governs settings that
are likely to be similar for multiple appliances in a deployment, such as mail relay host preferences and
time synchronization settings. Cisco recommends that you use the Firepower Management Center to
apply the same system policy to itself and all the devices it manages.
By default, the Firepower Management Center also has a health policy applied. A health policy, as part
of the health monitoring feature, provides the criteria for the system continuously monitoring the
performance of the appliances in your deployment. Cisco recommends that you use the Firepower
Management Center to apply a health policy to all the devices it manages.
Software and Database Updates
You should update the system software on your appliances before you begin any deployment. Cisco
recommends that all the appliances in your deployment run the most recent version of the Firepower
System. If you are using them in your deployment, you should also install the latest intrusion rule
updates, VDB, and GeoDB.
Caution
Before you update any part of the Firepower System, you
must
read the release notes or advisory text
that accompanies the update. The release notes provide important information, including supported
platforms, compatibility, prerequisites, warnings, and specific installation and uninstallation
instructions.