Cisco Cisco FirePOWER Appliance 8360
35-35
FireSIGHT System User Guide
Chapter 35 Introduction to Network Discovery
Creating a Network Discovery Policy
If you have enabled the NetFlow feature on your NetFlow-enabled devices, you can use the connection
data exported by these devices to supplement the connection data collected by Cisco devices.
data exported by these devices to supplement the connection data collected by Cisco devices.
Before you can use them in discovery rules, you must configure the NetFlow-enabled devices you plan
to use (see
to use (see
), then add them to the network discovery
policy.
For more information on using NetFlow data with the FireSIGHT System, including information on
additional prerequisites, see
additional prerequisites, see
To add NetFlow-enabled devices for connection data collection:
Access:
Admin/Discovery Admin
Step 1
Select
Policies > Network Discovery
.
The Network Discovery Policy page appears.
Step 2
Click
Advanced
.
The Advanced page appears.
Step 3
Click the add icon (
) next to NetFlow Devices.
The Add NetFlow Device pop-up window appears.
Step 4
In the
IP Address
field, enter the IP address of the NetFlow-enabled device you want to use to collect
connection data.
Step 5
To add additional NetFlow-enabled devices, repeat steps
and
.
Tip
To remove a NetFlow-enabled device, click the delete icon (
) next to the device you want to remove.
Keep in mind that if you use a NetFlow-enabled device in a discovery rule, you must delete the rule
before you can delete the device from the Advanced page. For more information, see
before you can delete the device from the Advanced page. For more information, see
Step 6
Click
Save
.
The device appears on the list of NetFlow-enabled devices.
Note
You must apply the network discovery policy for your changes to take effect. For more
information, see
information, see
Configuring Data Storage
License:
FireSIGHT
Data storage settings control the kinds of data stored in the database, and therefore determine the data
that the FireSIGHT System can use. These settings also control how long data is retained in the network
map.
that the FireSIGHT System can use. These settings also control how long data is retained in the network
map.
The following options comprise the network discovery data storage settings.