Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1106
Views
0
Helpful
0
Replies

Firepower Network Discovery Questions

ChristopherCraddock66504
Level 1
Level 1

‎06-22-2021 11:24 AM

Dear Community,

 

I would like to implement Host Discovery as part of the Network Discovery Policy. However, I had a few questions:

 

1) The Config guide states: "Rules in your network discovery policy are evaluated sequentially. You can create rules with overlapping monitoring criteria, but doing so may affect your system performance."

-Does this mean I should put any exclusion rules above any Discover rules? For instance, if I want to Discover all devices in 192.168.1.0/24 but I want to exclude devices 192.168.1.10 and .11, should I put the exclusion rule before the discover rule?

 

2) What does it mean by "overlapping monitoring criteria"? Specifically when it comes to host discovery. 

 

3) The guide states: "Cisco recommends that you exclude load balancers (or specific ports on load balancers) and NAT devices from monitoring."

-Does this mean I should add an exclusion rule excluding the virtual server IP addresses on my load balancer? 

 

4) The guide states: "Cisco also recommends that you not monitor the same network segment with NetFlow exporters and Firepower System managed devices. Although ideally, you should configure your network discovery policy with non-overlapping rules, the system does drop duplicate connection logs generated by managed devices."

-Does this mean I should exclude the subnet that my Firepower devices and FMC management IPs are on? Again, it mentions "non-overlapping" rules, I am not sure what it means by this.

 

Any help you can provide is appreciated. 

 

Thank you. 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card