Cisco Cisco Firepower Management Center 4000
57-2
FireSIGHT System User Guide
Chapter 57 Using Backup and Restore
Creating Backup Files
•
See
backup file to the appliance.
Creating Backup Files
License:
Any
To view and use existing system backups, go to the Backup Management page. You should periodically
save a backup file that contains all of the configuration files required to restore the appliance, in addition
to event and packet data. You may also want to back up the system when testing configuration changes
so that you can revert to a saved configuration if needed. Note that you cannot include captured files in
the backup file. You can choose to save the backup file on the appliance or on your local computer.
save a backup file that contains all of the configuration files required to restore the appliance, in addition
to event and packet data. You may also want to back up the system when testing configuration changes
so that you can revert to a saved configuration if needed. Note that you cannot include captured files in
the backup file. You can choose to save the backup file on the appliance or on your local computer.
Caution
You cannot create a backup file if your appliance does not have enough disk space; backups may fail if
the backup process uses more than 85% of available disk space. If necessary, delete old backup files,
transfer old backup files off the appliance, or use remote storage.
the backup process uses more than 85% of available disk space. If necessary, delete old backup files,
transfer old backup files off the appliance, or use remote storage.
As an alternative, or if your backup file is larger than 4GB, copy it via SCP to a remote host. Uploading
a backup from your local computer does not work on backup files larger than 4GB because web browsers
do not support uploading files that large. On Defense Centers, the backup file can be saved to a remote
location; see
a backup from your local computer does not work on backup files larger than 4GB because web browsers
do not support uploading files that large. On Defense Centers, the backup file can be saved to a remote
location; see
for more information.
Note
While your backup task is collecting discovery events, data correlation is temporarily suspended.
If you perform a backup, then delete reviewed intrusion events, your backup restores the deleted
intrusion events but does not restore their reviewed status. You view those restored intrusion events
under Intrusion Events, not under Reviewed Events. See
intrusion events but does not restore their reviewed status. You view those restored intrusion events
under Intrusion Events, not under Reviewed Events. See
.
If you restore a backup that contains intrusion event data on an appliance that already contains that data,
duplicate events are created. To avoid this, restore intrusion event backups only on appliances without
prior intrusion event data.
duplicate events are created. To avoid this, restore intrusion event backups only on appliances without
prior intrusion event data.
Caution
If you configured any interface associations with security zones, these associations are not backed up.
You must reconfigure them after you restore. For more information, see
You must reconfigure them after you restore. For more information, see
.
When you back up your managed device from the device itself, you back up the configuration only. Use
the Defense Center that manages the physical device to perform a complete backup.
the Defense Center that manages the physical device to perform a complete backup.
To create a backup file:
Access:
Admin/Maint
Step 1
Select
System > Tools > Backup/Restore
.
The Backup Management page appears.
Step 2
Click
Managed Device Backup
or
Defense Center
Backup
.
The Create Backup page appears.