cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
872
Views
0
Helpful
2
Replies

Multi-Domain | Multi-Site Cisco Firepower Management Center

NYS_MSP_Guy
Level 1
Level 1

Team,

 

We currently have about 40 sites, with each one of those sites they each have their own domain and are split between 5 different FMCs. Each site has either 1 or 2 "Internet" connections, with at minimum one of those connections is back to the "main" campus which could be 10 miles, or 60 miles away.

 

We currently have about half of these sites migrated from their old ASA's to the new 2120's, but want to standardize them globally and then have the ability to modify each site as needed for ACL's etc. Our issue, is the deployments can take between 15-30 minutes to fully deploy which is not conducive for our time sensitive sites.

 

Is their a chart, or flow structure or best practices we could look at to streamline our deployments, logging, filtering and other features? Running 5 FMC's is fine, but I feel like we are missing something that we could be taking advantage of to allow this to run more smooth.

 

Tech

2 Replies 2

Abheesh Kumar
VIP Alumni
VIP Alumni
Hi,
Whats the version of FMC you are running..?
The deployment time is not because of the design or best practice issue. Its a common issue facing all the current versions firepower. It also depends upon the number of rules or polices you have configured. May be in the future releases cisco will improve the deployment time.

Hope This Helps
Abheesh

Kumar,

 

We are using the latest version of FMC, we have between 10-15 FTD's on each FMC including each of their own domains.

 

Tim

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: