Cisco Cisco Firepower Management Center 2000
52-4
FireSIGHT System User Guide
Chapter 52 Licensing the FireSIGHT System
Understanding Licensing
RNA Host and RUA User
License:
Custom
In Version 4.10.x of the FireSIGHT System, RNA Host and RUA User feature licenses determined your
monitored host and user limits, respectively. If your Defense Center was previously running Version
4.10.x, you may be able to use your legacy host and user licenses instead of a FireSIGHT license.
monitored host and user limits, respectively. If your Defense Center was previously running Version
4.10.x, you may be able to use your legacy host and user licenses instead of a FireSIGHT license.
Version 5.3.1 Defense Centers using legacy licenses use the RNA Host limit as the FireSIGHT host limit
and the RUA User limit as both the FireSIGHT user and access-controlled user limit. The FireSIGHT
Host License Limit health module alerts appropriately for your licensed limit; see
and the RUA User limit as both the FireSIGHT user and access-controlled user limit. The FireSIGHT
Host License Limit health module alerts appropriately for your licensed limit; see
Note that RNA Host and RUA User limits are cumulative. That is, you can add multiple licenses of each
type to the Defense Center to monitor the total number of hosts or users allowed by the licenses.
type to the Defense Center to monitor the total number of hosts or users allowed by the licenses.
If you later add a FireSIGHT license, the Defense Center uses the higher of the limits. For example, the
FireSIGHT license on the DC1500 supports up to 50,000 hosts and users. If the RNA Host limit on your
Version 4.10.x DC1500 was higher than 50,000, using that legacy host license on the same Defense
Center running Version 5.3.1 gives you the higher limit. For your convenience, the web interface displays
only the licenses that represent the higher limits.
FireSIGHT license on the DC1500 supports up to 50,000 hosts and users. If the RNA Host limit on your
Version 4.10.x DC1500 was higher than 50,000, using that legacy host license on the same Defense
Center running Version 5.3.1 gives you the higher limit. For your convenience, the web interface displays
only the licenses that represent the higher limits.
Note
Because FireSIGHT licensed limits are matched to the hardware capabilities of Defense Centers, Cisco
does not recommend exceeding them. For guidance, contact Support.
does not recommend exceeding them. For guidance, contact Support.
Because there is no update path from Version 4.10.x to Version 5.3.1, you must use an ISO file to
“restore” a physical Defense Center. Similarly, you must install new versions of any virtual Defense
Centers you want to use with legacy licenses. Note that Version 5.3.1 Defense Centers cannot manage
Version 4.10.x devices. You can, however, restore and update Version 4.10.x devices to the latest version.
“restore” a physical Defense Center. Similarly, you must install new versions of any virtual Defense
Centers you want to use with legacy licenses. Note that Version 5.3.1 Defense Centers cannot manage
Version 4.10.x devices. You can, however, restore and update Version 4.10.x devices to the latest version.
During the restore process on a physical Defense Center, you are prompted to delete license and network
settings. Keep these settings, but if you accidentally delete them you can re-add them later. Because you
reinstall rather than restore virtual Defense Centers, you cannot keep these settings.
settings. Keep these settings, but if you accidentally delete them you can re-add them later. Because you
reinstall rather than restore virtual Defense Centers, you cannot keep these settings.
Note that you restore or reinstall appliances to major versions of the FireSIGHT System. After you
complete this process, Cisco recommends you also install any available patches or feature updates. For
detailed information on the restore and reinstall processes, see the FireSIGHT System Installation Guide
and the FireSIGHT System Virtual Installation Guide.
complete this process, Cisco recommends you also install any available patches or feature updates. For
detailed information on the restore and reinstall processes, see the FireSIGHT System Installation Guide
and the FireSIGHT System Virtual Installation Guide.
Caution
Restoring or reinstalling an appliance results in the loss of all configuration and event data on the
appliance. Consider backing up your appliance before you begin the process. Also, you must make sure
the appliance supports the new version. The release notes list supported hardware and hosting
environments.
appliance. Consider backing up your appliance before you begin the process. Also, you must make sure
the appliance supports the new version. The release notes list supported hardware and hosting
environments.
Protection
License:
Protection
Supported Devices:
Series 3, Virtual, X-Series, ASA FirePOWER
A Protection license allows you to perform intrusion detection and prevention, file control, and Security
Intelligence filtering:
Intelligence filtering:
•
Intrusion detection and prevention allows you to analyze network traffic for intrusions and exploits
and, optionally, drop offending packets.
and, optionally, drop offending packets.