Cisco Cisco Firepower Management Center 4000

If you have enabled the NetFlow feature on your NetFlow-enabled devices, you can use the connection 
data exported by these devices to supplement the connection data collected by Cisco devices.

Before you can use them in discovery rules, you must configure the NetFlow-enabled devices you plan 
to use (see 

), then add them to the network discovery 

policy.

For more information on using NetFlow data with the FireSIGHT System, including information on 
additional prerequisites, see 

Admin/Discovery Admin

Select 

. 

The Network Discovery Policy page appears.

Click 

.

The Advanced page appears.

Click the add icon (

) next to NetFlow Devices.

The Add NetFlow Device pop-up window appears.

In the 

 field, enter the IP address of the NetFlow-enabled device you want to use to collect 

connection data.

To add additional NetFlow-enabled devices, repeat steps 

 and 

.

To remove a NetFlow-enabled device, click the delete icon (

) next to the device you want to remove. 

Keep in mind that if you use a NetFlow-enabled device in a discovery rule, you must delete the rule 
before you can delete the device from the Advanced page. For more information, see 

Click 

.

The device appears on the list of NetFlow-enabled devices.

You must apply the network discovery policy for your changes to take effect. For more 
information, see 

FireSIGHT

Data storage settings control the kinds of data stored in the database, and therefore determine the data 
that the FireSIGHT System can use. These settings also control how long data is retained in the network 
map.

The following options comprise the network discovery data storage settings.