Deploying On A Management Network; Management Deployment Considerations - Cisco 7010 Installation Manual

Firepower 7000 series; firepower 8000 series

Hide thumbs Also See for 7010:

Product user manual (151 pages)

Help manual (132 pages)

Replacement instructions manual (23 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

page of 204

/ 204
Contents
Table of Contents
Bookmarks

Table of Contents

Deploying on a Management Network

The Firepower System can be deployed to accommodate the needs of each unique network architecture.

The Management Center provides a centralized management console and database repository for the

Firepower System. Devices are installed on network segments to collect traffic connections for analysis.

Management Centers use a management interface to connect to a trusted management network (that is,

a secure internal network not exposed external traffic). Devices connect to a Management Center using

a management interface.

Devices then connect to an external network using sensing interfaces to monitor traffic. For more

information on how to use sensing interfaces in your deployment, see

Devices, page

Note

See the ASA documentation for more information on deployment scenarios for ASA FirePOWER

devices.

Management Deployment Considerations

Your management deployment decisions are based on a variety of factors. Answering these questions

can help you understand your deployment options to configure the most efficient and effective system:

•

3-1.

Will you use the default single management interface to connect your device to your Management

Center? Will you enable additional management interfaces to improve performance, or to isolate

traffic received on the Management Center from different networks? See

Management Interfaces, page 2-2

Do you want to enable traffic channels to create two connections between the Management Center

and the managed device to improve performance? Do you want to use multiple management

interfaces to further increase throughput capacity between the Management Center and the managed

device? See

Deploying with Traffic Channels, page 2-3

Do you want to use one Management Center to manage and isolate traffic from devices on different

networks? See

Deploying with Network Routes, page 2-4

Are you deploying your management interfaces in a protected environment? Is appliance access

restricted to specific workstation IP addresses?

considerations for deploying your management interfaces securely.

Are you deploying 8000 Series devices? See

page 2-5

for more information.

C H A P T E R

for more information.

Security Considerations, page 2-5

Special Case: Connecting 8000 Series Devices,

Firepower 7000 and 8000 Series Installation Guide

Deploying Firepower Managed

Understanding

describes

2-1

Table of Contents

Show Quick Links

Hide quick links:

Chapters

Table of Contents

This manual is also suitable for:

7120 7115 7125 Amp7150 7020 7030 ... Show all

Deploying On A Management Network; Management Deployment Considerations - Cisco 7010 Installation Manual

Deploying on a Management Network

Management Deployment Considerations

Hide quick links:

Chapters

Related Manuals for Cisco 7010

Related Content for Cisco 7010

This manual is also suitable for:

Table of Contents