Cisco Cisco Firepower Management Center 2000 Installationsanleitung
Restoring a Firepower Management Center to Factory Defaults
Firepower Management Center Getting Started Guide
13
Before You Begin
Before you begin restoring your appliances to factory defaults, you should familiarize yourself with the expected
behavior of the system during the restore process.
behavior of the system during the restore process.
Configuration and Event Backup Guidelines
Before you begin the restore process, Cisco recommends that you delete or move any backup files that reside on
your appliance, then back up current event and configuration data to an external location.
your appliance, then back up current event and configuration data to an external location.
Restoring your appliance to factory defaults results in the loss of almost all configuration and event data on the
appliance. Although the restore utility can retain the appliance’s license, network, console, and Lights-Out
Management (LOM) settings, you must perform all other setup tasks after the restore process completes.
appliance. Although the restore utility can retain the appliance’s license, network, console, and Lights-Out
Management (LOM) settings, you must perform all other setup tasks after the restore process completes.
Traffic Flow During the Restore Process
To avoid disruptions in traffic flow on your network, Cisco recommends restoring your appliances during a
maintenance window or at a time when the interruption will have the least impact on your deployment.
maintenance window or at a time when the interruption will have the least impact on your deployment.
Restoring a Firepower device that is deployed inline resets the device to a non-bypass (fail closed) configuration,
disrupting traffic on your network. Traffic is blocked until you configure bypass-enabled inline sets on the device.
For more information about editing your device configuration to configure bypass, see the Managing Devices
chapter of the Firepower Management Center Configuration Guide.
disrupting traffic on your network. Traffic is blocked until you configure bypass-enabled inline sets on the device.
For more information about editing your device configuration to configure bypass, see the Managing Devices
chapter of the Firepower Management Center Configuration Guide.
Understanding the Restore Process
To restore a Firepower device, you boot from the appliance’s internal flash drive and use an interactive menu to
download and install the ISO image on the appliance. For your convenience, you can install system software and
intrusion rule updates as part of the restore process.
download and install the ISO image on the appliance. For your convenience, you can install system software and
intrusion rule updates as part of the restore process.
Only reimage your appliances during a maintenance window. Reimaging resets appliances in bypass mode to a
non-bypass configuration and disrupts traffic on your network until you reconfigure bypass mode. For more
information, see
non-bypass configuration and disrupts traffic on your network until you reconfigure bypass mode. For more
information, see
Note that you cannot restore an appliance using its web interface. To restore an appliance, you must connect to
it in one of the following ways:
it in one of the following ways:
Keyboard and Monitor/KVM
You can connect a USB keyboard and VGA monitor to the appliance, which is useful for rack-mounted
appliances connected to a KVM (keyboard, video, and mouse) switch. If you have a KVM that is
remote-accessible, you can restore appliances without having physical access.
appliances connected to a KVM (keyboard, video, and mouse) switch. If you have a KVM that is
remote-accessible, you can restore appliances without having physical access.
Serial Connection/Laptop
You can use a rollover serial cable (also known as a NULL modem cable or a Cisco console cable) to connect
a computer to the appliance. See the hardware specifications for your appliance to locate the serial port. To
interact with the appliance, use terminal emulation software such as HyperTerminal or XModem.
a computer to the appliance. See the hardware specifications for your appliance to locate the serial port. To
interact with the appliance, use terminal emulation software such as HyperTerminal or XModem.
Lights-Out Management Using Serial over LAN
You can perform a limited set of actions on Management Centers and Firepower devices using Lights-Out
Management (LOM) with a Serial over LAN (SOL) connection. If you do not have physical access to an
appliance, you can use LOM to perform the restore process. After you connect to an appliance using LOM,
you issue commands to the restore utility as if you were using a physical serial connection. Note that you can
Management (LOM) with a Serial over LAN (SOL) connection. If you do not have physical access to an
appliance, you can use LOM to perform the restore process. After you connect to an appliance using LOM,
you issue commands to the restore utility as if you were using a physical serial connection. Note that you can