Cisco Cisco Firepower Management Center 4000

Any

In addition to applying policies to devices and receiving events from them, you can also perform other 
device-related tasks on the Defense Center.

If you are storing event data on your device in addition to sending it to the Defense Center, you can use 
the Defense Center’s web interface to back up those events from the device. See 

 for more information.

From time to time, Cisco releases updates to the FireSIGHT System, including:

intrusion rule updates, which may contain new and updated intrusion rules

vulnerability database updates

geolocation updates

software patches and updates

You can use the Defense Center to install an update on the devices it manages.

Any

DC1000, DC1500, DC3000, DC3500

You can set up two Defense Centers as a high availability pair. This ensures redundant functionality in 
case one of the Defense Centers fails. Policies, user accounts, and more are shared between the two 
Defense Centers. Events are automatically sent to both Defense Centers. See 

 for more information.

Control

Network address translation (NAT) is a method of transmitting and receiving network traffic through a 
router that involves reassigning the source or destination IP address as the traffic passes through the 
router. Typical applications using NAT enable multiple hosts on a private network to use a single public 
IP address to access the public network.

When you add a device to a Defense Center, you establish communications between the appliances. The 
information you need to establish communications depends on whether the environment uses NAT:

In an environment without NAT, you need a registration key and the IP addresses or fully qualified 
domain names of both appliances.

In an environment with NAT, you need a registration key and a unique NAT ID.

The NAT ID must be unique among all NAT IDs used to register devices to a Defense 
Center.