Cisco Cisco FirePOWER Appliance 8250
6-27
FireSIGHT System User Guide
Chapter 6 Managing Devices
Clustering Devices
Establishing Device Clusters
License:
Control
Supported Devices:
Series 3
Before you establish a device cluster, you must meet the following prerequisites:
•
Configure interfaces on each device or each primary device in a stack.
•
Each device or device stack primary member that you include in the cluster must be the same model
and have identical copper or fiber interfaces.
and have identical copper or fiber interfaces.
•
Both devices or device stacks must have normal health status, run the same software, and have the
same licenses. See
same licenses. See
for more information. In particular, the
devices cannot have hardware failures that would cause them to enter maintenance mode and trigger
a failover.
a failover.
•
You cannot mismatch devices and stacks in a cluster. You must cluster single devices with single
devices or device stacks with device stacks that have identical hardware configurations, except for
the presence of a malware storage pack. For example, you can cluster a 3D8290 with a 3D8290;
none, one, or all devices in either stack might have an installed malware storage pack. For more
information on the malware storage pack, see the FireSIGHT System Malware Storage Pack Guide.
devices or device stacks with device stacks that have identical hardware configurations, except for
the presence of a malware storage pack. For example, you can cluster a 3D8290 with a 3D8290;
none, one, or all devices in either stack might have an installed malware storage pack. For more
information on the malware storage pack, see the FireSIGHT System Malware Storage Pack Guide.
Caution
Do not attempt to install a hard drive that was not supplied by Cisco in your device. Installing an
unsupported hard drive may damage the device. Malware storage pack kits are available for purchase
only from Cisco, and are for use only with 8000 Series devices running Version 5.3 or later of the
FireSIGHT System. Contact Support if you require assistance with the malware storage pack. See the
FireSIGHT System Malware Storage Pack Guide for more information.
unsupported hard drive may damage the device. Malware storage pack kits are available for purchase
only from Cisco, and are for use only with 8000 Series devices running Version 5.3 or later of the
FireSIGHT System. Contact Support if you require assistance with the malware storage pack. See the
FireSIGHT System Malware Storage Pack Guide for more information.
•
If the devices are targeted by NAT policies, both peers must have the same NAT policy.
When establishing a device cluster, you designate one of the devices or stacks as active and the other as
backup. The system applies a merged configuration to the clustered devices. If there is a conflict, the
system applies the configuration from the device or stack you designated as active.
backup. The system applies a merged configuration to the clustered devices. If there is a conflict, the
system applies the configuration from the device or stack you designated as active.
After you cluster the devices, you cannot change the license options for individual clustered devices, but
you can change the license for the entire cluster. See
you can change the license for the entire cluster. See
for more
information. If there are interface attributes that need to be set on switched interfaces or routed
interfaces, the system establishes the cluster, but sets it to a pending status. After you configure the
necessary attributes, the system completes the device cluster and sets it to a normal status.
interfaces, the system establishes the cluster, but sets it to a pending status. After you configure the
necessary attributes, the system completes the device cluster and sets it to a normal status.
After you establish clustered pair, the system treats the peer devices or stacks as a single device on the
Device Management page. Device clusters display the cluster icon (
Device Management page. Device clusters display the cluster icon (
) in the appliance list. Any
configuration changes you make are synchronized between the clustered devices. The Device
Management page displays which device or stack in the cluster is active, which changes after manual or
automatic failover. See
Management page displays which device or stack in the cluster is active, which changes after manual or
automatic failover. See
information about manual failover.
Removing registration of a device cluster from a Defense Center removes registration from both devices
or stacks. You remove a device cluster from the Defense Center as you would an individual managed
device. See
or stacks. You remove a device cluster from the Defense Center as you would an individual managed
device. See
You can then register the cluster on another Defense Center. To register clustered single devices, you add
remote management to the active device in the cluster and then add that device to the Defense Center,
which adds the entire cluster. To register clustered stacked devices, you add remote management to the
primary device of the either stack and then add that device to the Defense Center, which adds the entire
cluster. See
remote management to the active device in the cluster and then add that device to the Defense Center,
which adds the entire cluster. To register clustered stacked devices, you add remote management to the
primary device of the either stack and then add that device to the Defense Center, which adds the entire
cluster. See
for more information.