cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

292
Views
0
Helpful
2
Replies
Beginner

Multi-Domain | Multi-Site Cisco Firepower Management Center

Team,

 

We currently have about 40 sites, with each one of those sites they each have their own domain and are split between 5 different FMCs. Each site has either 1 or 2 "Internet" connections, with at minimum one of those connections is back to the "main" campus which could be 10 miles, or 60 miles away.

 

We currently have about half of these sites migrated from their old ASA's to the new 2120's, but want to standardize them globally and then have the ability to modify each site as needed for ACL's etc. Our issue, is the deployments can take between 15-30 minutes to fully deploy which is not conducive for our time sensitive sites.

 

Is their a chart, or flow structure or best practices we could look at to streamline our deployments, logging, filtering and other features? Running 5 FMC's is fine, but I feel like we are missing something that we could be taking advantage of to allow this to run more smooth.

 

Tech

2 REPLIES 2
Highlighted
Enthusiast

Re: Multi-Domain | Multi-Site Cisco Firepower Management Center

Hi,
Whats the version of FMC you are running..?
The deployment time is not because of the design or best practice issue. Its a common issue facing all the current versions firepower. It also depends upon the number of rules or polices you have configured. May be in the future releases cisco will improve the deployment time.

Hope This Helps
Abheesh
Beginner

Re: Multi-Domain | Multi-Site Cisco Firepower Management Center

Kumar,

 

We are using the latest version of FMC, we have between 10-15 FTD's on each FMC including each of their own domains.

 

Tim