Cisco Cisco Firepower Management Center 4000
6-4
FireSIGHT System User Guide
Chapter 6 Managing Devices
Configuring High Availability
The following diagram shows a Defense Center managing two devices in a NAT environment. You can
use the same registration key when adding both devices, because registration keys do not have to be
unique. However, you must use unique NAT IDs when adding the devices to the Defense Center.
use the same registration key when adding both devices, because registration keys do not have to be
unique. However, you must use unique NAT IDs when adding the devices to the Defense Center.
Configuring High Availability
License:
Any
Supported Defense Centers:
DC1000, DC1500, DC3000, DC3500
To ensure the continuity of operations, the high availability feature allows you to designate redundant
Defense Centers to manage devices. Event data streams from managed devices to both Defense Centers
and certain configuration elements are maintained on both Defense Centers. If one Defense Center fails,
you can monitor your network without interruption using the other Defense Center.
Defense Centers to manage devices. Event data streams from managed devices to both Defense Centers
and certain configuration elements are maintained on both Defense Centers. If one Defense Center fails,
you can monitor your network without interruption using the other Defense Center.
Caution
Because the system restricts some functionality to the primary Defense Center, if that appliance fails,
you must promote the secondary Defense Center to Active. See
you must promote the secondary Defense Center to Active. See
See the following sections for more information about setting up high availability:
•
lists the configurations that are and are not shared when you
implement high availability.
•
outlines guidelines you must follow if
you want to implement high availability.
•
explains how to specify primary and secondary Defense
Centers.