Cisco Cisco Firepower Management Center 4000
6-2
FireSIGHT System User Guide
Chapter 6 Managing Devices
Management Concepts
•
explains how to configure interfaces on your managed
devices.
Management Concepts
You can use a Defense Center to manage nearly every aspect of a device’s behavior. You need only one
Defense Center to manage a device, though you can also use a second Defense Center as part of a high
availability pair. The sections that follow explain some of the concepts you need to know as you plan
your FireSIGHT System deployment:
Defense Center to manage a device, though you can also use a second Defense Center as part of a high
availability pair. The sections that follow explain some of the concepts you need to know as you plan
your FireSIGHT System deployment:
•
•
•
What Can Be Managed by a Defense Center?
You can use your Defense Center as a central management point in a FireSIGHT System deployment to
manage the following devices:
manage the following devices:
•
FirePOWER managed devices
•
Cisco ASA with FirePOWER Services devices
•
software-based devices, such as virtual devices and Sourcefire Software for X-Series
Note
Cisco recommends than you manage no more than three devices (including software-based devices) with
the DC500 model Defense Center. For details on DC500 database limitations see the
the DC500 model Defense Center. For details on DC500 database limitations see the
table.
When you manage a device, information is transmitted between the Defense Center and the device over
a secure, SSL-encrypted TCP tunnel.
a secure, SSL-encrypted TCP tunnel.
The following illustration lists what is transmitted between a Defense Center and its managed devices.
Note that the types of events and policies that are sent between the appliances are based on the device
type.
Note that the types of events and policies that are sent between the appliances are based on the device
type.