Cisco Cisco Firepower Management Center 4000
55-28
FireSIGHT System User Guide
Chapter 55 Using Health Monitoring
Configuring Health Policies
You must apply the health policy to the Defense Center if you want your settings to take effect. See
for more information.
Configuring VPN Status Monitoring
License:
VPN
Supported Defense Centers:
Any except Series 2
Use the VPN Status health module to monitor the current status of your configured Gateway VPN
tunnels; information for each individual tunnel is displayed. This module generates a Critical (red)
health alert when any of your VPN tunnels is not working.
tunnels; information for each individual tunnel is displayed. This module generates a Critical (red)
health alert when any of your VPN tunnels is not working.
To configure VPN Status health module settings:
Access:
Admin/Maint
Step 1
On the Health Policy Configuration page, click
VPN Status
.
The Health Policy Configuration — VPN Status page appears.
Step 2
Select
On
for the
Enabled
option to enable use of the module for health status testing.
Step 3
You have three options:
•
To save your changes to this module and return to the Health Policy page, click
Save Policy and Exit
.
•
To return to the Health Policy page without saving any of your settings for this module, click
Cancel
.
•
To temporarily save your changes to this module and switch to another module’s settings to modify,
select the other module from the list at the left of the page. If you click
select the other module from the list at the left of the page. If you click
Save Policy and Exit
when you
are done, all changes you made will be saved; if you click
Cancel
, you discard all changes.
You must apply the health policy to the appropriate devices if you want your settings to take effect. See
for more information.
Applying Health Policies
License:
Any
When you apply a health policy to an appliance, the health tests for all the modules you enabled in the
policy automatically monitor the health of the processes and hardware on the appliance. Health tests then
continue to run at the intervals you configured in the policy, collecting health data for the appliance and
forwarding that data to the Defense Center.
policy automatically monitor the health of the processes and hardware on the appliance. Health tests then
continue to run at the intervals you configured in the policy, collecting health data for the appliance and
forwarding that data to the Defense Center.
If you enable a module in a health policy and then apply the policy to an appliance that does not require
that health test, the health monitor reports the status for that health module as disabled.
that health test, the health monitor reports the status for that health module as disabled.
If you apply a policy with all modules disabled to an appliance, it removes all applied health policies
from the appliance so no health policy is applied.
from the appliance so no health policy is applied.
When you apply a different policy to an appliance that already has a policy applied, expect some latency
in the display of new data based on the newly applied tests.
in the display of new data based on the newly applied tests.