Details

Sets the SNMP notification recipient or the NMS or SNMP manager that can connect to the Firepower.

Rationale:

Syslog messages are an invaluable tool for accounting, monitoring, and routine troubleshooting. Logging to a central syslog server is a method of collecting messages from devices to a server running a syslog daemon. This helps in aggregation of logs and alerts. This form of logging provides protected long-term storage for logs, since are also useful in incident handling.

Solution

Firepower Device Manager:

Use Objects > Syslog Servers and Device > System Settings > Logging Settings.

or

Firepower Management Center:

Device > Platform Setting > Threat Defense Policy > Syslog > Syslog Settings

Supportive Information

The following resource is also helpful.

• https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Cisco.

References

• 800-53|AU-9(2)

Source

• Tenable.com/audits