How to Configure SFR (Sourcefire)

To configure SFR (Sourcefire) on an ASA firewall, follow the steps below:

Before configuring SFR firewall should be properly configured and accessible :

Step 1:Obtain a license: SFR requires a license to be installed before it can be configured. You can obtain a license by purchasing it from Cisco .

Step 2:Install the SFR module: The SFR module is installed separately from the ASA firmware. You can download the module from the Cisco website and then upload it to the ASA using TFTP or SCP.

Step 3:Enable SFR on the ASA with below command

ASA(config)# module sfr enable

Step 4:Configure the interface: You must configure the interface that will be used to connect to the SFR module.Use below commands to configure interface:

ASA(config)# interface GigabitEthernet 0/1

ASA(config-if)# nameif sfr

ASA(config-if)# security-level 100

ASA(config-if)# ip address 10.168.0.1 255.255.255.252

Step 5: Configure Policy to redirect the traffic from Firewall to SFR.

ASA(config)# service-policy global_policy global

ASA(config)# class-map inspection_default

ASA(config-cmap)# match default-inspection-traffic

ASA(config-cmap)# policy-map global_policy

ASA(config-pmap)# class inspection_default

ASA(config-pmap-c)# sfr fail-open

Step 6:Configure the SFR module

ASA(config)# sfr fail-close

ASA(config)# sfr module sfr recover configure

IP-NETWORK-BASICS

How to Configure SFR (Sourcefire)

Like this:

Related

Leave a Reply Cancel reply

Share this:

Like this:

Related

Leave a Reply Cancel reply