Initial Installation and Configuration on Cisco ASA with FirePOWER Services and FireSIGHT Defense Center (pt. 1)

security-asa-5525-x-firepower-services

Requirements

First you need to download the boot and system files from Cisco downloads (license required), e.g:

  • asasfr-5500x-boot-5.3.1-152.img
  • asasfr-sys-5.3.1-152.pkg
  • Sourcefire_Defense_Center_Virtual64_VMware-ESXi-5.4.0-763.ovf

Install FirePOWER Services on ASA

# sh module

The ASA can only run a single software module, so if the IPS module is running, shut it down.

# sw-module module ips shutdown
# sw-module module ips uninstall

Do the same for existing SFR module (if any)

# sw-module module sfr uninstall

(Optional) Run a debug to see the installation process.

# debug module-boot
# sw-module module sfr recover configure image disk0:/asasfr-5500x-boot-5.3.1-152.img
# sw-module module sfr recover boot

Wait around 15 minutes until the ASA reboot.

# session sfr console
asasfr login: admin
Password: Admin123

Enter the setup menu and you will be prompted for the device information (hostname, IP, NTP, etc)

> setup

Install the system software

> system install ftp://user:pass@<your-IP>/asasfr-sys-5.3.1-152.pkg

Install the FireSIGHT Defense Center

Deploy the OVF file on your VMware ESXi server. Boot it then login with:

user: admin
pass: Sourcefire

Configure the network and provide the IP address, netmask, etc

$ sudo /usr/local/sf/bin/configure-network

We’ll continue on part 2.

Share on FacebookShare on Google+Share on LinkedInPin on PinterestTweet about this on TwitterShare on TumblrShare on RedditPrint this pageEmail this to someone

1 Comment

  1. […] Initial Installation and Configuration on Cisco ASA with FirePOWER Services and FireSIGHT Defense Ce… […]

Leave a Reply