Cisco Cisco Firepower Management Center 4000

Page of 1844
 
6-27
FireSIGHT System User Guide
 
Chapter 6      Managing Devices
  Clustering Devices
Establishing Device Clusters
License: 
Control
Supported Devices: 
Series 3
Before you establish a device cluster, you must meet the following prerequisites:
  •
Configure interfaces on each device or each primary device in a stack.
  •
Each device or device stack primary member that you include in the cluster must be the same model 
and have identical copper or fiber interfaces.
  •
Both devices or device stacks must have normal health status, run the same software, and have the 
same licenses. See 
 for more information. In particular, the 
devices cannot have hardware failures that would cause them to enter maintenance mode and trigger 
a failover. 
  •
You cannot mismatch devices and stacks in a cluster. You must cluster single devices with single 
devices or device stacks with device stacks that have identical hardware configurations, except for 
the presence of a malware storage pack. For example, you can cluster a 3D8290 with a 3D8290; 
none, one, or all devices in either stack might have an installed malware storage pack. For more 
information on the malware storage pack, see the FireSIGHT System Malware Storage Pack Guide.
Caution
Do not attempt to install a hard drive that was not supplied by Cisco in your device. Installing an 
unsupported hard drive may damage the device. Malware storage pack kits are available for purchase 
only from Cisco, and are for use only with 8000 Series devices running Version 5.3 or later of the 
FireSIGHT System. Contact Support if you require assistance with the malware storage pack. See the 
FireSIGHT System Malware Storage Pack Guide
 for more information.
  •
If the devices are targeted by NAT policies, both peers must have the same NAT policy.
When establishing a device cluster, you designate one of the devices or stacks as active and the other as 
backup. The system applies a merged configuration to the clustered devices. If there is a conflict, the 
system applies the configuration from the device or stack you designated as active.
After you cluster the devices, you cannot change the license options for individual clustered devices, but 
you can change the license for the entire cluster. See 
 for more 
information. If there are interface attributes that need to be set on switched interfaces or routed 
interfaces, the system establishes the cluster, but sets it to a pending status. After you configure the 
necessary attributes, the system completes the device cluster and sets it to a normal status.
After you establish clustered pair, the system treats the peer devices or stacks as a single device on the 
Device Management page. Device clusters display the cluster icon (
) in the appliance list. Any 
configuration changes you make are synchronized between the clustered devices. The Device 
Management page displays which device or stack in the cluster is active, which changes after manual or 
automatic failover. See 
information about manual failover.
Removing registration of a device cluster from a Defense Center removes registration from both devices 
or stacks. You remove a device cluster from the Defense Center as you would an individual managed 
device. Se
You can then register the cluster on another Defense Center. To register clustered single devices, you add 
remote management to the active device in the cluster and then add that device to the Defense Center, 
which adds the entire cluster. To register clustered stacked devices, you add remote management to the 
primary device of the either stack and then add that device to the Defense Center, which adds the entire 
cluster. See 
 for more information.