installation of Sourcefire

I want to know the steps to implement the system of firesight (I use integration with LDAP and use nmap to discover the operating system)?

Other than the more details in the User Guide, please see Cisco Live session BRKSEC-2018 to www.ciscolive365.com. It has some very good instructions to configure your FireSIGHT system, including the LDAP integration.

Tags: Cisco Security

Similar Questions

  • Configuration and installation of SourceFire ASA

    Hello team,

    Recently, we have installed the SourceFire ASA-based software but its not in production, but now we intend to get SourceFire ASA production for the management of traffic and URL filtering. Right now, we have the FireSight of installation management system and uploaded image of SFR to ASA. Now ASA will exercise traffic of internet entry/exit point to our network. I have some doubts as follows:

    (1) ASA I see sfr module is in place, but what happens if I console module sfr this will affect my normal Internet traffic while I'm in the console of sfr.

    (2) are there models of basic configuration for the url filtering to make the job easier.

    (3) what are the control list to cross check before get sfr inline module in production.

    Thanks in advance for your help.

    Thank you - Jadesh

    Redirect us traffic to the fire power module using the modular policy framework for something like this:

     policy-map global_policy class class-default sfr fail-open service-policy global_policy global

    Generally, what you do on the console of sfr module do not affect the parent ASA. Until you have the policy to redirect traffic nothing will pass or affect by the module of sfr. As long as you have the 'rescue' the sfr descending module or the reset does not affect production ASA traffic.

    Of course once you run traffic through it and start applying policy, you have the option to block or otherwise affect this traffic.

    Beyond the user and Admin guides, you can take a glance series Lab Minutes that was done recently. They do a good job of walking your through basic tasks.

  • Update failed geolocation

    Hello

    Under the status of the task that I see

    installation of Sourcefire Geolocation Database Update version: GeoDB-2015-07-18-001
    Local installation
     
     
    Need to know why this update fails?
     
    Concerning
     
    Mahesh
    		 Cannot install the update of geolocation. Please contact the support of Sourcefire.

    What do you get if you check the following:

    https://support.sourcefire.com/auto-update/auto-dl.cgi/<> key>/GetCurrent/sf.xml license

    If you go back and do an update initiated by the user now it work?

    If it continues to fail, your best option is probably to contact the TAC. They can quickly break into newspapers in the file system to see exactly what is happening.

  • Sourcefire Defense Center Upgrade version (local installation) failed

    Hi team,

    I had a problem during the upgrade of our CME to 5.4.0.

    Alerts

    Task notification

    Task status of your version upgrade of defense Center S3 task installation Sourcefire 3D: 5.4.0 - 763 (local installation) failed in the sea 25 09:46:02 Nov 2015

    Could not update the State: DB connection has been lost prior: new loading database...

    Hi John,.

    This error appears rarely. It is a known issue: CSCze94563

    Reference: https://tools.cisco.com/bugsearch/bug/CSCze94563/?reffering_site=dumpcr

    I just edited the bug to contain more information. It may take some time to reflect it.

    The task status page can present the error above, however, the help > on of interface user page indicating that the system in question is running version 5.4

    You can also view the logs to confirm this.

    Cat/var/log/sf /<5.4_upgrade_directory>main_upgrade_script.log

    The last line should read "success, removed the upgrade lock.

    Thank you

    Guillaume

  • SourceFire - update Virtual Center of defence 6.0.0 Installation failed

    Hello

    I get the following error when applies the 6.0.0 - Sourcefire_3D_Defense_Center_S3_Upgrade - 1005.sh

    Update Installation Failed: [% 1] Fatal error: error running script 000_start/003_check_DC_memory.pl

    Any resolution will appreciate

    Thank you.

    Hello

    This script verifies the memory available to the centre of defence to use, and 6.0.0 requires a minimum of 6 GB of memory, an increase from 5.x versions.

    -Stop of the DC gracefully from the CLI or WebUI

    -In vSphere, right-click on the domain controller, select change settings.

    -Adjust the Configuration to allow a minimum of 6 GB to the device and save the memory settings

    -Turn on the DC back and resume the update.

    Thank you

    Guillaume

  • Sourcefire upgrade question

    I am after a few tips here.

    I have two management centres sourcefire (devices MC2000) running 5.4.1.7 par HA. They would have been on version 6 but 6 did not support HA.

    Now 6.1 was released, it supports HA for management centres.

    However, the path of 5.4.1.7 upgrade is...

    Version 5.4.1.x > Version 6.0 Pre-Installation Package > Version 6.0 > Version 6.0.1.x > Version 6.1orVersion 5.4.1.x > Version 6.0 Pre-Installation Package > Version 6.0 > Version 6.0.1. > Version 6.1 Pre-Installation Package > Version 6.1
    So this means that I must break the pair HA upgrade devices and then reform the AP. Or would you break the HA pair, upgrade an application and recreate the image on the second application then join the AP. Finally there is an option to reimage the device and restore the database to the new box. I'm trying to find the best method to do this. Giles

    Your first method will work.

    There is an iso image "Sourcefire_Defense_Center_S3 - 6.1.0 - 330 - Restore.iso ' at https://software.cisco.com/download/release.html?mdfid=286290710&flowid=...

    Unfortunately, you cannot restore the backup version prior to the latest version.

  • Update installation failed: [0%] fatal error running script 000_start 001_check_models.pl

    try to upgrade to a fire power (formerly sourcefire) DC750 to 6.0.0.0...

    ram upgrade

    5.4.1.6 running

    Get the following error shortly after the beginning of the upgrade.

    Update installation failed: [0%] fatal error running script 000_start 001_check_models.pl

    Hello

    This indicates that the version of the software that you use may not be for this model.

    If you use any sensor series 2 old on this domain controller, which would need to be removed.

    Can you check software 6.0 again to make sure that its for DC 750 and also go in the repertoire/var/log/sf/6.0. Check the content of /000_start and then the tail 001_check_models.pl.log

    It will erase more log details.

    Rate if helps.

    Yogesh

  • Crashing apps and the slow performance since the installation of macOS Sierra

    Hello

    Im a user of long date Mac but displays the first time that I was pretty happy with everything that on my macbook pro for the past years... until I installed Sierra a day ago.

    Since installing everything works super slow and a lot of my apps hang and crash. Things are not rosy, here is my EtreCheck report - running current version 10.12 on my MacBook Pro (mid 2010) if anyone can help would be much appreciated. Thank you

    EtreCheck version: 3.0.6 (315)

    Report generated 2016-10-07 16:52:11

    Download EtreCheck from https://etrecheck.com

    Time 06:53

    Performance: Below average

    Click the [Support] links to help with non-Apple products.

    Click [details] for more information on this line.

    Problem: Apps are broken

    Hardware Information:

    MacBook Pro Intel Core i5, Intel Core i7 (mid-2010)

    [Data sheet] - [User Guide] - [warranty & Service]

    MacBook Pro - model: MacBookPro6, 2

    1 2.53 GHz Intel Core i5 CPU: 2 strands

    4 GB of RAM expandable - [Instructions]

    BANK 0/DIMM0

    OK 2 GB DDR3 1067 MHz

    BANK 1/DIMM0

    OK 2 GB DDR3 1067 MHz

    Bluetooth: Old - transfer/Airdrop2 not supported

    Wireless: en1: 802.11 a/b/g/n

    Battery: Health = Normal - Cycle count = 371

    Video information:

    Intel HD Graphics

    NVIDIA GeForce GT 330M - VRAM: 256 MB

    Color LCD 1440 x 900

    Software:

    macOS Sierra 10.12 (A 16, 323) - since startup time: less than an hour

    Disc information:

    Hitachi HTS545050B9SA02 disk0: (500,11 GB) (rotation)

    EFI (disk0s1) < not mounted >: 210 MB

    Recovery HD (disk0s3) < not mounted > [recovery]: 650 MB

    BOOTCAMP (disk0s4) / Volumes/BOOTCAMP: 86,37 (Go 31,68 free)

    Macintosh HD (disk 1) / [Startup]: 412,50 (GB 158,46 free)

    Encrypted AES - XTS unlocked

    Storage of carrots: disk0s2 412.88 GB Online

    MATSHITADVD-R UJ-898)

    USB information:

    Logitech USB receiver

    Card reader Apple

    Apple Inc. Apple keyboard / Trackpad

    Apple Inc. BRCM2070 hub.

    Apple Inc. Bluetooth USB host controller.

    Computer, Inc. Apple IR receiver.

    Built-in ISight from Apple Inc..

    Guardian:

    Mac App Store and identified developers

    Kernel extensions:

    / System/Library/Extensions

    com [no charge]. Huawei.driver.HuaweiDataCardDriver (4.0.6 - 2016-10-04) [Support]

    com [loading]. Logitech.Control Center.HID Driver (3.5.1 - SDK 10.0 - 2016-10-04) [Support]

    com [no charge]. Driver Logitech.Unifying.HID (1.2.0 - SDK 10.0 - 2016-10-04) [Support]

    [no charge] com.leapfrog.driver.LfConnectDriver (1.0.6 - SDK 10.0 - 2016-10-04) [Support]

    NET [no charge]. Thomson.iokit.USBLAN_usbpart (1.6.0 - 2016-10-04) [Support]

    Startup items:

    HWNetMgr: Path: / Library/StartupItems/HWNetMgr

    Startup items is no longer function in OS X Yosemite or later

    Launch system officers:

    [no charge] 7 tasks Apple

    tasks of Apple 178 [loading]

    tasks of Apple 86 [performance]

    Launch system demons:

    [no charge] 42 tasks of Apple

    tasks of Apple 167 [loading]

    tasks of Apple 95 [performance]

    Launch officers:

    [performance] com Logitech.Control Center.Daemon.plist (2011-11-05) [Support]

    [loaded] com.adobe.AAM.Updater - 1.0.plist (2015-09-18) [Support]

    [cannot] com.adobe.CS5ServiceManager.plist (2010-07-14) [Support]

    [loading] com.google.keystone.agent.plist (2016-07-13) [Support]

    [cannot] com.teamviewer.teamviewer.plist (08 / 08/2015) [Support]

    [cannot] com.teamviewer.teamviewer_desktop.plist (08 / 08/2015) [Support]

    Launch demons:

    [loading] com.adobe.SwitchBoard.plist (2010-07-14) [Support]

    com.Adobe.agsservice.plist [running] (2016-08-19) [Support]

    [loading] com.adobe.fpsaud.plist (2016-08-30) [Support]

    [loading] com.apple.installer.osmessagetracing.plist (2016-09-14)

    [loading] com.google.keystone.daemon.plist (2016-09-02) [Support]

    [loading] com.teamviewer.Helper.plist (2015-03-03) [Support]

    [cannot] com.teamviewer.teamviewer_service.plist (08 / 08/2015) [Support]

    User launch officers:

    [loading] com.adobe.AAM.Updater - 1.0.plist (2010-07-16) [Support]

    [loading] com.adobe.ARM. [...]. plist (2011-09-13) [Support]

    [loading] com.adobe.ARM. [...]. plist (2010-07-14) [Support]

    com.nero.HSMMonitor.plist [running] (2016-10-07) [Support]

    Plug-ins Internet:

    DirectorShockwave: 12.0.6r147 - SDK 10.6 (2013-11-25) [Support]

    OVSHelper: 1.0 (2010-12-10) [Support]

    OfficeLiveBrowserPlugin: 12.3.6 (2013-03-22) [Support]

    NP_2020Player_WEB: 5.0.7.0 (2011-04-03) [Support]

    AdobeAAMDetect: AdobeAAMDetect 1.0.0.0 - SDK 10.6 (2015-09-18) [Support]

    FlashPlayer - 10.6: 23.0.0.162 - SDK 10.9 (2016-09-29) [Support]

    AdobePDFViewerNPAPI: 11.0.10 - SDK 10.6 (2014-12-03) [Support]

    DivXBrowserPlugin: 2.1 (2010-12-10) [Support]

    QuickTime Plugin: 7.7.3 (2016-09-14)

    Flash Player: 23.0.0.162 - SDK 10.9 (2016-09-29) is unable to contact Adobe

    iPhotoPhotocast: 7.0 (2010-07-14)

    Silverlight: 5.1.30514.0 - SDK 10.6 (2015-01-17) [Support]

    AdobePDFViewer: 11.0.10 - SDK 10.6 (2015-03-29) [Support]

    JavaAppletPlugin: 15.0.1 - 10.12 (2013-10-25) check the version of the SDK

    User Plug-ins internet:

    Picasa: 1.0 (2011-03-29) [Support]

    Safari extensions:

    DivX HiQ - DivX, Inc. - http://www.divx.com/en/software/divx-plus/web-player/ (2010-12-21)

    DivX Plus Web Player HTML5 < video > - DivX, Inc. - http://www.divx.com/en/software/divx-plus/web-player/ (2010-12-21)

    3rd party preference panes:

    DivX (2010-12-10) [Support]

    Flash Player (2016-08-30) [Support]

    Logitech Control Center (2011-11-05) [Support]

    Time Machine:

    Time Machine not configured!

    Top of page process CPU:

    5% kernel_task

    5% WindowServer

    1% com.apple.AmbientDisplayAgent

    1% xpcproxy

    0% fontd

    Top of page process of memory:

    Kernel_task 432 MB

    Mdworker (15) 430 MB

    Airmail beta 283 MB

    152 MB Finder

    Sandboxd 147 MB

    Virtual memory information:

    476 MB free RAM

    3.53 GB used RAM (1.41 GB being cached)

    Used Swap 0 B

    Diagnostic information:

    7 October 2016, 16:39:48 Self test - passed

    7 October 2016, 16:20:48 ~/Library/Logs/DiagnosticReports/Airmail Beta_2016-10-07-162048_ [redacted] .crash

    / Applications/Airmail Beta.app/Contents/MacOS/Airmail Beta

    October 6, 2016, 08:17:31 PM/Library/Logs/DiagnosticReports/App Store_2016-10-06-201731_ [redacted] .hang

    / Applications/App Store Store.app/Contents/MacOS/App

    October 6, 2016, 07:52:21 PM/Library/Logs/DiagnosticReports/station air Beta_2016-10-06-195221_ [redacted] .hang

    October 6, 2016, 14:37:32 /Library/Logs/DiagnosticReports/Preview_2016-10-06-143732_[redacted].hang

    /Applications/preview.app/Contents/MacOS/preview

    October 6, 2016, 02:37:26 PM/Library/Logs/DiagnosticReports/station air Beta_2016-10-06-143726_ [redacted] .hang

    October 6, 2016, 14:37:22 /Library/Logs/DiagnosticReports/firefox_2016-10-06-143722_[redacted].hang

    /Applications/Firefox.app/Contents/MacOS/Firefox

    October 6, 2016, 14:37:18 /Library/Logs/DiagnosticReports/Pages_2016-10-06-143718_[redacted].hang

    /Applications/pages.app/Contents/MacOS/pages

    October 6, 2016, 14:37:12 /Library/Logs/DiagnosticReports/AdobeAcrobat_2016-10-06-143712_[redacted].hang

    / / Applications/Adobe Acrobat 9 Pro/Adobe Acrobat Pro.app/Contents/MacOS/AdobeAcrobat

    October 6, 2016, 14:36:50 /Library/Logs/DiagnosticReports/Preview_2016-10-06-143650_[redacted].hang

    UNKNOWN PATH

    Try this first: what happens if you start in safe mode (hold down the SHIFT key during startup), the problems go away?

    Try this second in normal startup mode: what happens if you create a new user account and log in as that user, the problems go away?

    I'm not sure I'd worry about the plane crashes - it is listed as beta software

  • Installation of the Sierra

    It is essential to backup prior to installation of the operating system Sierra?

    Yes. It is always essential to backup before starting any kind of a major project as an upgrade of the operating system.

    Old saying IT: it is always best to have a backup, no need then to need a backup and not have it.

  • After the installation of Sierra, calendar does not work

    After installation of Sierra, when you open the calendar on my Mac, missing entries and the screen is frozen with the comment 'Moving calendars to the server account.' I signed that I the cloud to see if it would help, but I still have this problem.

    Hello and welcome to Apple support communities, Stanley Star.

    If I understand your message to the right, at the opening of the calendars for the first time after upgrading to Mac OS Sierra, you are missing calendar events and the app is frozen with a message saying "moving to Server account schedules. Calendars, this is one of my apps used on my Mac, so I certainly understand the importance of having the opening and operating as usual. I'm happy to help you to turn it on again!

    Icloud and a signature was an excellent step to try. Here are the steps I recommend to do next:

    1. Check that the date and time are correct in your Mac by following the steps in macOS Sierra: set the date and time on your Mac.
    2. Close the present calendars on your Mac. If you are also reminders, close that as well as reminders and schedules work together. If the calendars close normally, will not force close it by clicking the  in the upper left corner of your screen, select force to close, select the calendars in the list of open applications, and then click the button close Force.
    3. Go to System Preferences > iCloud and uncheck the boxes next to the calendars and reminders.
    4. Restart your Mac.
    5. A times restarted, open again your calendar application, select "Calendar" in the Apple menu bar in the left corner of your screen, select "Add an account", choose iCloud and sign in with your Apple and the password.
    6. Give your calendar some time to sync and charge all your data. Once it is loaded successfully, and you can see all your events, open the reminders and do the same steps for signing in iCloud there are also well.

    Thank you for using communities of Apple Support.

    Take care.

  • What is the installer.app?

    Nobody knows what's 'installer.app '?  It looks like a pig... major on my monitor of activity... I'm trying to diagnose performance problems do I need?

    Hey there Celeste Jones.

    After researching this a little app, looks like it may be an old app that is not supported. I suggest looking up the app in your Applications folder and get rid of it, because it is probably more useful for you.

    Thank you and let us know if you have any other questions.

    See you soon.

  • Installation of MacOS Sierra is not possible (no boot volume)

    Hello everyone

    I have an iMac with the following characteristics:

    and I'm trying to install the new Sierra of MacOS. But everytime I open the installation program, it tells me that I can't use the partition called 'Mac OS X', which is my main Mac partition on my drive of fusion, for the installation of Sierra because it cannot be used as a boot volume. Of course, it's completely absurd because I started 'Mac OS X' volume whenever I boot my Mac!

    This screenshot shows the installer and the associated message:

    Could someone help me please? I really want to do a clean install of all and that spend hours to restore my previous settings! Please...?

    Best regards

    Martin

    Hi mpauli,

    I see that the Sierra of macOS Installer gives you a message saying "this disk cannot be used to start your computer." In order to get this problem solved, I suggest you follow through the troubleshooting steps in the link below.

    Setup notes "OS X can not be installed on your computer" or "this disc cannot be used to start your computer.

    See you soon.

  • installation of Sierra on MacBook - locked system &amp; computer killed hard reboot

    MacBook locked during installation of Sierra. Pressed the power button to a hard reboot and now can not initialize get only a message stating your computer restarted because of a problem of waiting to continue to go, but it keeps looping to the same Message and keeps trying to restart.

    I put the installation disc in a attempted to hold the c key during the restart and the same thing happens

    The installation disk will not help on a Mac running macOS Sierra.

    Start your Mac while pressing the command + R keys.

    From there, you should be able to use the built in utility to check, repair and restore the OS X disc using OS X Recovery.

  • Installation problem - 10.12 sierra Fender fuse and macos

    Hello world!!!

    I can't install the software fender fuse guitar amp on my mac pro with sierra 10.12 book!

    Due security installation authorised download preferences on my mac, in the sierra of new OS it is not "anywhere" button so I can't install fender fuse!

    How can avoid or skip this 'install security preferences' and install the fender fuse software?

    Thank you very much!!!

    http://osxdaily.com/2016/09/27/allow-apps-from-anywhere-MacOS-gatekeeper/

    But don't forget to read the entire article and note the cautions.

  • Assistance required after you download Sierra - locked in a spiral of failure of the Installation

    Hello - I am a student of the University who made the mistake of thinking I had to upgrade my OS system after seeing some updates new flashy in the Sierra. Long story short, that my computer is locked into a cycle where I restarts and the installation process will begin installation but end abruptly and ask me to reboot again.

    I have exams and papers due and seriously want access to my data again. I don't have a back up of my files. As such, I am looking for a method that will allow me access to my files that I need to be able to read notes, print etc.

    Details: I have an old MBPro by the end of 2011. He was on as the primary OS x Lion. I had updated some time later. More recently, I got El Capitan and it worked very well. I downloaded Sierra in the background as I did work at home and after installing it, it asked me to reboot. This was the point that I was able to come back from. Reboot after installation scenario is as follows:

    -A progress bar comes up saying 34 minutes until completion

    -The progress bar goes to 33 minutes until completion

    -Beginning of fans of my computer acting upward and the bar stops and crashes of progression

    -The installation process says he doesn't have and asks me to restart my computer

    Specifically, I get the message 'Mac OS could not be installed on your computer. File system check or repair a failure. Quit the installer to restart your computer and try again. »

    When I quit the installer of the OS, I am taken to the startup disk option and asked to choose a system to reboot my computer with. I see 'Macintosh HD macOS 10.11.4' but when I click on it and try to restart I get the following error message, "you cannot change the disk on the disk selected. Startup disk could not gather enough information on the selected disk. »

    Things I've tried:

    Internet recovery mode: I went here to do a restore of the Mac OS x comes with my computer (Lion). This attempt fails and the computer tells me I can't downgrade because a more recent OSX is already on my computer...

    Recovery mode: I tried to come back just El Capitan from here. When I try to do the process will take literally one second before I get a notification saying: "an error occurred during the preparation of the installation. Try to rerun this application".

    Disk utility: I tried to do first aid and repair on this menu on the big disk image (since some of them pop up... I'm sure that the big one is my computer and the small setup of Sierra is?). I see that I 115Gigs franco 319Gigs departure. When I click on check and repair, the process takes some time and seems as he goes to halfway through before I get errors in the two. Repair error wonder backup my data.

    -some specific stuff; the journal for the repair of first aid says something like: the Macintosh HD volume could not be completely checked. File system check exit code is 8. Update support partition for the volume as required. File system check or repair a failure. Operation failed... »

    Safe mode: I can't start in safe mode. My computer will load the apple logo, progress on 3/4ths of the way start-up and then crash on its own and not restart.

    Things I have tried:

    Constituting a new boot USB of OS Sierra - I read that in so doing I can substitute the installation process that is going on right now on my computer and start a new... I hope one that works. I was not able to do this again, because I need someone to another macbook to make it and none of my friends won't let me touch their computers after the fiasco that happened on mine... Can I get some feedback on this?

    Backup: I don't have an external hard drive... I'm willing to buy one if necessary, but I don't know how to make a backup in a world where I don't have access to the major functional sections of my computer. Also, if my computer is * session here now, I'm worried that a backup will be essentially a * a backup... is this the work of the computer?

    Other thoughts:

    -my computer was working fine before I tried the upgrade... no complaints on my end, it was a real trooper

    -Maybe the download was corrupted?

    -I learned today that the operating system installation process requires internet connection - maybe that my internet connection is bad?

    -on that note, I want to say I tried a lot of different things. Been in different parts of the campus (different parts of my dorm building, IT support across campus, etc.). My University has also 3 options of WIFI, but each requires a separate verification process. Throughout this process, I have been connected to one of these methods. Switching may help? But, if I can't do the verification step (i.e. open a browser and type in the details of my student specific to actually use the web), I do not think that this will help you a lot. In addition, I am sure that I am already using one of the less frequently used options.

    I want to avoid a permanent possible deletion because there are important things on my computer.

    Any advice? Enjoy it!

    Same problem here on my Mac Mini end of 2012. I couldn't find any fix so far. The machine worked perfectly fine before with El Capitan and had about 50 GB of available disk space. I have use any version beta of Sierra, but officially released one that came yesterday. Really disappointing to see the new system operating software with fundamental questions and no good way to solve it.

    Any help really appreciated.

Maybe you are looking for