Cisco Cisco Firepower Management Center 4000
1-3
FireSIGHT System User Guide
Chapter 1 Introduction
FireSIGHT System Appliances
You can also deploy the following software-based appliances:
•
You can deploy 64-bit virtual Defense Centers and virtual managed devices as ESXi hosts using the
VMware vSphere Hypervisor or vCloud Director environment.
VMware vSphere Hypervisor or vCloud Director environment.
•
You can deploy Sourcefire Software for X-Series on the Blue Coat X-Series platform; this functions
as a managed device.
as a managed device.
Either type of Defense Center (physical or virtual) can manage any type of device: physical, virtual,
Cisco ASA with FirePOWER Services, and Sourcefire Software for X-Series. Note, however, that many
FireSIGHT System capabilities are appliance dependent.
Cisco ASA with FirePOWER Services, and Sourcefire Software for X-Series. Note, however, that many
FireSIGHT System capabilities are appliance dependent.
For more information on FireSIGHT System appliances, including the features and capabilities they
support, see:
support, see:
•
•
•
•
•
•
•
•
Series 2 Appliances
Series 2 is the second series of legacy physical appliances. Because of resource and architecture
limitations, Series 2 devices support a restricted set of FireSIGHT System features.
limitations, Series 2 devices support a restricted set of FireSIGHT System features.
Although Cisco no longer ships new Series 2 appliances, you can update or reimage Series 2 Defense
Centers running earlier versions of the system to Version 5.3.1. You cannot update or reimage Series 2
devices to Version 5.3.1, but a 5.3.1 Defense Center can manage a 5.2 or 5.3 device. Note that reimaging
results in the loss of almost all configuration and event data on the appliance. For more information, see
the FireSIGHT System Installation Guide.
Centers running earlier versions of the system to Version 5.3.1. You cannot update or reimage Series 2
devices to Version 5.3.1, but a 5.3.1 Defense Center can manage a 5.2 or 5.3 device. Note that reimaging
results in the loss of almost all configuration and event data on the appliance. For more information, see
the FireSIGHT System Installation Guide.
Tip
You can migrate specific configuration and event data from a Version 4.10.3 deployment to a Version 5.2
deployment, which you can then update to Version 5.3.1. For more information, see the FireSIGHT
System Migration Guide for Version 5.2.
deployment, which you can then update to Version 5.3.1. For more information, see the FireSIGHT
System Migration Guide for Version 5.2.
Series 2 devices automatically have most of the capabilities associated with a Protection license:
intrusion detection and prevention, file control, and basic access control. However, Series 2 devices
cannot perform Security Intelligence filtering, advanced access control, or advanced malware protection.
You also cannot enable other licensed capabilities on a Series 2 device. With the exception of the
3D9900, which supports fast-path rules, stacking, and tap mode, Series 2 devices do not support any of
the hardware-based features associated with Series 3 devices: switching, routing, NAT, and so on.
intrusion detection and prevention, file control, and basic access control. However, Series 2 devices
cannot perform Security Intelligence filtering, advanced access control, or advanced malware protection.
You also cannot enable other licensed capabilities on a Series 2 device. With the exception of the
3D9900, which supports fast-path rules, stacking, and tap mode, Series 2 devices do not support any of
the hardware-based features associated with Series 3 devices: switching, routing, NAT, and so on.
When running Version 5.3.1, DC1000 and DC3000 Series 2 Defense Centers support all the features of
the FireSIGHT System; the DC500 has more limited capabilities.
the FireSIGHT System; the DC500 has more limited capabilities.