Disable the USB Port

By default, the type-A USB port is enabled. You might want to disable USB port access for security purposes. Disabling USB is supported on the following models:

• Firepower 1000 Series

• Secure Firewall 3100

• Secure Firewall 4200

Guidelines

• Enabling or disabling the USB port requires a reboot.

• If the USB port is disabled and you downgrade to a version that does not support this feature, the port will remain disabled, and you cannot re-enable it without erasing the NVRAM (the FXOS local-mgmt erase secure all command).

• If you perform a ROMMON factory-reset or FXOS local-mgmt erase secure , the USB port will be re-enabled.

• For high availability or clustering, you must disable or re-enable the port individually on each unit.

Note	This feature does not affect the USB console port, if present.