Cisco Cisco Firepower 4110 Security Appliance Installationsanleitung
2
Cisco Firepower Threat Defense for Firepower 4100 Quick Start Guide
Management/Diagnostic Interface and Network Deployment
The physical management interface is shared between the Management logical interface and the Diagnostic
logical interface.
logical interface.
The Firepower Threat Defense device uses the setup IP address, and associated route to the gateway, for
management by the Firepower Management Center. The management IP address and route are not included on
the Firepower Management Center web interface in the list of interfaces or static routes for the device; they can
only be set by the setup script and at the CLI. After you perform the initial setup, configure the security and access
policies, device settings, and interfaces using the Firepower Management Center.
management by the Firepower Management Center. The management IP address and route are not included on
the Firepower Management Center web interface in the list of interfaces or static routes for the device; they can
only be set by the setup script and at the CLI. After you perform the initial setup, configure the security and access
policies, device settings, and interfaces using the Firepower Management Center.
If you choose to do syslog or SNMP reporting over the physical management port, note that you must configure a
separate IP address and route and external authentication for the Diagnostic 0/0 or Diagnostic 1/1 interface using
the Firepower Management Center web interface. However, Cisco recommends you use a data port for reporting
purposes to simplify deployment.
separate IP address and route and external authentication for the Diagnostic 0/0 or Diagnostic 1/1 interface using
the Firepower Management Center web interface. However, Cisco recommends you use a data port for reporting
purposes to simplify deployment.
See the Firepower Threat Defense Interfaces chapter of the Firepower Management Center Configuration Guide
for more information about the management/diagnostic interface.
for more information about the management/diagnostic interface.
Licensing Requirements for Firepower Threat Defense
Firepower Threat Defense running on the Firepower 4100 requires Smart Software Licensing, configurable from
the Firepower Management Center. See the Firepower Management Center Configuration Guide or the online help
in Firepower Management Center for more information.
the Firepower Management Center. See the Firepower Management Center Configuration Guide or the online help
in Firepower Management Center for more information.
For Firepower Threat Defense running on the Firepower 4100 security module, Smart Software Licensing
configuration is split between the Firepower 4100 supervisor and the security module.
configuration is split between the Firepower 4100 supervisor and the security module.
Firepower 4100 - Configure all Smart Software Licensing infrastructure in the supervisor, including parameters
for communicating with the License Authority. The Firepower 4100 itself does not require any licenses to
operate.
for communicating with the License Authority. The Firepower 4100 itself does not require any licenses to
operate.
Firepower Threat Defense - Configure all license entitlements for the security services from the Firepower
Management Center.
Management Center.
The Firepower 4100 chassis registers as a device, while Firepower Threat Defense on the security module in the
chassis request its own license. See the Cisco FXOS Firepower Chassis Manager Configuration Guide for more
information about license management for the Firepower 4100.
chassis request its own license. See the Cisco FXOS Firepower Chassis Manager Configuration Guide for more
information about license management for the Firepower 4100.
See “Licensing the Firepower System” in the Firepower Management Center Configuration Guide for more
information about how to manage licenses on the Firepower Management Center.
information about how to manage licenses on the Firepower Management Center.
Access the Firepower Chassis Manager Web Interface
You can manage application images, configure hardware interface settings, and other basic operating parameters
on the supervisor using the Firepower Chassis Manager web interface.
on the supervisor using the Firepower Chassis Manager web interface.
Procedure
1.
To log in to the Firepower Chassis Manager Web Interface:
a.
Using a supported browser, enter the following URL in the address bar:
https://<chassis_mgmt_ip_address>
where <chassis_mgmt_ip_address> is the IP address or host name of the Firepower 4100 that you entered
during initial configuration. See
during initial configuration. See
for more information.
b.
Enter your username and password.
c.
Click Login.