Cisco FirePOWER: Applying Platform Settings to Sensor

For some time I was puzzled why every time I had to add a new sensor to Platform Settings policy it would affect every other device in the same policy and after policy deployment, it would cause them to restart. This did not make any sense until recently I’ve discovered this was not the case. I was getting confused by the deployment logic.

When a new device is added to FMC next step is to assign security zones and policies. Platform Settings policy is assigned under Devices > Platform Settings > pencil button next to policy > Policy Assignment link.

Once on Policy Assignment screen to the left, you will find your new Sensor. Highlight it, select Add to Policy button and Apply. After that policy assignment screen will disappear and you will be tempted to click Save button. Do not do that.

Once the button is pressed any Sensors under this policy will be forced to reapply Platform Settings and rebooted at the next policy deployment task. Apply action is sufficient to associate platform policy with the new device. You still need to Deploy changes for them to take effect.

Leave a reply:

Your email address will not be published.

Site Footer

Sliding Sidebar