Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1378
Views
5
Helpful
4
Replies

Firepower Management Center

Go to solution
admins0011111
Level 1
Level 1

‎10-07-2019 03:57 AM - edited ‎02-21-2020 09:33 AM

Hi,

Can i safely shut down the FMC server? I have two Firepower devices connected to this server. Is there a description of what data they exchange other than policies upon request?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to admins0011111

‎10-07-2019 07:09 PM

It depends on what features you are using.

The managed devices will continue to pass traffic but some things (like URL lookups for non-cached URLs and sending files to the AMP cloud for dynamic analysis) happen via FMC. Also, the periodic (every hour or so) Security Intelligence updates are being pushed from FMC to the managed devices.

Of course the FMC is also the most common destination for any logged connection and intrusion events so it being offline will mean they cannot be synced from the managed devices. Some will be queued on the managed devices pending synchronization but that's limited.

I would not normally recommend shutting down the FMC in a production environment without an approved maintenance window. I would certainly never take it offline and leave it that way.

View solution in original post

4 Replies 4

Go to solution
harmesh88
Level 1
Level 1

‎10-07-2019 10:40 AM

Hi,

 

You can simply login in fmc and go to  system configuration and click on process  you will get option to shutdown FMC 

0 Helpful

Go to solution
admins0011111
Level 1
Level 1
In response to harmesh88

‎10-07-2019 10:44 AM

I know how do this. I need to know how safe it is to do on prod.
0 Helpful

Go to solution
Firepowered
Level 1
Level 1
In response to admins0011111

‎10-07-2019 12:17 PM

You need to elaborate, what do you mean by 'is it safe'?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to admins0011111

‎10-07-2019 07:09 PM

It depends on what features you are using.

The managed devices will continue to pass traffic but some things (like URL lookups for non-cached URLs and sending files to the AMP cloud for dynamic analysis) happen via FMC. Also, the periodic (every hour or so) Security Intelligence updates are being pushed from FMC to the managed devices.

Of course the FMC is also the most common destination for any logged connection and intrusion events so it being offline will mean they cannot be synced from the managed devices. Some will be queued on the managed devices pending synchronization but that's limited.

I would not normally recommend shutting down the FMC in a production environment without an approved maintenance window. I would certainly never take it offline and leave it that way.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card