Cisco Cisco Firepower Management Center 4000
6-19
FireSIGHT System User Guide
Chapter 6 Managing Devices
Configuring Remote Management
Step 4
Click
Previous
and
Next
to scroll through the differences between the current appliance configuration and
the proposed appliance configuration.
Step 5
Optionally, click
Comparison Report
to produce a PDF version of the report.
Deleting Devices
License:
Any
If you no longer want to manage a device, you can delete it from the Defense Center. Deleting a device
severs all communication between the Defense Center and the device. To manage the device again at a
later date, you must re-add it to the Defense Center.
severs all communication between the Defense Center and the device. To manage the device again at a
later date, you must re-add it to the Defense Center.
Note
If you delete a device from a Defense Center configured in a high availability pair and want to re-add it,
Cisco recommends that you wait at least five minutes before re-adding it. This interval ensures that the
high availability pair resynchronizes so that both Defense Centers recognize the deletion. If you do not
wait five minutes, it may take more than one synchronization cycle to add the device to both Defense
Centers.
Cisco recommends that you wait at least five minutes before re-adding it. This interval ensures that the
high availability pair resynchronizes so that both Defense Centers recognize the deletion. If you do not
wait five minutes, it may take more than one synchronization cycle to add the device to both Defense
Centers.
To delete a device from the Defense Center:
Access:
Admin/Network Admin
Step 1
Select
Devices > Device Management
.
The Device Management page appears.
Step 2
Next to the device you want to delete, click the delete icon (
).
When prompted, confirm that you want to delete the device. Communication between the device and the
Defense Center is discontinued and the device is deleted from the Device Management page. If the
device has a system policy that causes it to receive time from the Defense Center via NTP, the device
reverts to local time management.
Defense Center is discontinued and the device is deleted from the Device Management page. If the
device has a system policy that causes it to receive time from the Defense Center via NTP, the device
reverts to local time management.
Configuring Remote Management
License:
Any
Before you can manage one FireSIGHT System appliance with another, you must set up a two-way,
SSL-encrypted communication channel between the two appliances. The appliances use the channel to
share configuration and event information. High availability peers also use the channel, which is by
default on port 8305/tcp.
SSL-encrypted communication channel between the two appliances. The appliances use the channel to
share configuration and event information. High availability peers also use the channel, which is by
default on port 8305/tcp.
You must configure remote management on the appliance that will be managed, that is, on the device
that you want to manage with a Defense Center. After you configure remote management, you can use
the managing appliance’s web interface to add the managed appliance to your deployment.
that you want to manage with a Defense Center. After you configure remote management, you can use
the managing appliance’s web interface to add the managed appliance to your deployment.
Note that the procedure in this section explains how to configure remote management on FirePOWER
physical appliances. For virtual devices, Sourcefire Software for X-Series, and ASA FirePOWER
devices, you configure remote management using the device’s command line interface (CLI).
physical appliances. For virtual devices, Sourcefire Software for X-Series, and ASA FirePOWER
devices, you configure remote management using the device’s command line interface (CLI).