Cisco Cisco FirePOWER Appliance 7020
6-12
FireSIGHT System User Guide
Chapter 6 Managing Devices
Configuring High Availability
•
the software version
•
the operating system
•
the length of time since the last contact between the two Defense Centers
•
the local role (Active & Primary, Inactive & Primary, Inactive & Secondary, or Active & Secondary)
•
the time the Defense Centers last synchronized
•
the option to switch roles between the two Defense Centers
Step 5
The two Defense Centers automatically synchronize within ten minutes (five minutes for each Defense
Center) after any action that affects a shared feature. For example, if you create a new policy on one
Defense Center, it is automatically shared with the other Defense Center within 5 minutes. However, if
you want to synchronize the policy immediately, click
Center) after any action that affects a shared feature. For example, if you create a new policy on one
Defense Center, it is automatically shared with the other Defense Center within 5 minutes. However, if
you want to synchronize the policy immediately, click
Synchronize
.
Note
If you delete a device from a Defense Center configured in a high availability pair and intend to
re-add it, Cisco recommends that you wait at least five minutes before adding the device back.
This interval ensures that the high availability pair resynchronizes first. If you do not wait five
minutes, it may take more than one synchronization cycle to add the device to both Defense
Centers.
re-add it, Cisco recommends that you wait at least five minutes before adding the device back.
This interval ensures that the high availability pair resynchronizes first. If you do not wait five
minutes, it may take more than one synchronization cycle to add the device to both Defense
Centers.
Step 6
Click
Switch Roles
to change the local role from Active to Inactive, or Inactive to Active.
With the Primary or Secondary designation unchanged, the roles are switched between the two peers.
Step 7
Click
Peer Manager
in the toolbar.
The Peer Manager page appears.
You can view the following information:
•
the IP address of the other Defense Center in the high availability pair
•
the status, registered or unregistered, of the communications link
•
the state, enabled or disabled, of the high availability pair
For information about editing the remote management communications between the two appliances, see
.
Disabling High Availability and Unregistering Devices
License:
Any
Supported Defense Centers:
DC1000, DC1500, DC3000, DC3500
If you want to remove one of the Defense Centers from a high availability pair, you must first disable
the high availability link between them.
the high availability link between them.
To disable a high availability pair:
Access:
Admin
Step 1
Log into one of the Defense Centers in the high availability pair.
Step 2
Select
System > Local > Registration
.
The Registration page appears.