Cisco Cisco FirePOWER Appliance 7115
Version 5.3
Sourcefire 3D System User Guide
256
Managing Devices
Configuring Remote Management
Chapter 5
You must configure remote management on the appliance that will be managed,
that is, on the device that you want to manage with a Defense Center. After you
configure remote management, you can use the managing appliance’s web
interface to add the managed appliance to your deployment.
To enable communications between two appliances, you must provide a way for
To enable communications between two appliances, you must provide a way for
the appliances to recognize each other. There are three criteria the Sourcefire 3D
System uses when allowing communications:
•
the host name or IP address of the appliance with which you are trying to
establish communication
In NAT environments, even if the other appliance does not have a routable
In NAT environments, even if the other appliance does not have a routable
address, you must provide a host name or an IP address either when you
are configuring remote management, or when you are adding the managed
appliance.
•
a self-generated alphanumeric registration key up to 37 characters in length
that identifies the connection
•
an optional unique alphanumeric NAT ID that can help the Sourcefire 3D
System establish communications in a NAT environment
The NAT ID must be unique among all NAT IDs used to register managed
The NAT ID must be unique among all NAT IDs used to register managed
appliances. For more information, see
When you register a managed device to a Defense Center, the access control
policy you select applies to the device. In addition, the network discovery policy
on the Defense Center automatically applies to the device. However, if you do not
enable licenses for the device required by features used in the access control
policy you select, the access control policy apply fails, causing the network
discovery policy apply to fail as well. If, for example, you select an access control
policy with an intrusion policy as the default action, and do not enable the
Protection license, both the access control policy and the network discovery
policy apply fail.
To configure remote management of the local appliance:
A
CCESS
: Admin
1. On the web interface for the appliance you want to manage, select System >
Local > Registration.
The Remote Management page appears.
The Remote Management page appears.
WARNING!
Sourcefire strongly recommends that you not change the value
for the management port. If you change it, you must also change it for all
appliances in your deployment that need to communicate with each other.
For more information, see