
Cisco Preparative Procedures & Operational User Guide
© 2016 Cisco Systems, Inc. All rights reserved.
Table of Contents
1Introduction...........................................................................................................................................5
1.1 Common Criteria (CC) Evaluated Configuration.........................................................................6
1.2 References.....................................................................................................................................8
2Operational Environment....................................................................................................................11
2.1 Operational Environment Components.......................................................................................11
2.2 Environmental Assumptions.......................................................................................................12
3Before Installation...............................................................................................................................13
4Assurance Activity Configuration ......................................................................................................15
4.1 Logging into the Appliance.........................................................................................................15
4.1.1 Log In or Out of the Firepower Chassis Manager...............................................................15
4.1.2 Login to CLI Remotely.......................................................................................................16
4.1.3 Login to CLI Locally ..........................................................................................................16
4.1.4 Logout.................................................................................................................................17
4.2 Auditable Events.........................................................................................................................18
4.3 Enable FIPS and CC Mode.........................................................................................................24
4.3.1 Enable FIPS Mode ..............................................................................................................24
4.3.2 Enable Common Criteria (CC) Mode.................................................................................24
4.3.3 Generate the SSH Host Key................................................................................................25
4.4 Configure Secure Connection with Audit Server and AAA Server............................................26
4.4.1 Configure Syslog via CLI...................................................................................................26
4.4.2 Configure Syslog via GUI...................................................................................................28
4.4.3 Configure LDAP via CLI....................................................................................................31
4.4.4 Configure RADIUS via CLI...............................................................................................32
4.4.5 Configure TACACS+ via CLI............................................................................................33
4.4.6 Configure LDAP via GUI...................................................................................................34
4.4.7 Configure RADIUS via GUI...............................................................................................35
4.4.8 Configure TACACS+ via GUI ...........................................................................................36
4.4.9 Configure IPsec Secure Channel.........................................................................................37
4.4.10 Configure Static CRL for a Trustpoint................................................................................40
4.4.11 Set the LDAP Keyring Certificate ......................................................................................43
4.5 Management Functions...............................................................................................................46
4.5.1 IP Management and Pre-Login Banner...............................................................................46