Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1425
Views
0
Helpful
1
Replies

The effect of a single-instance FMC failure

Go to solution
alandean
Beginner
Beginner

‎04-22-2020 11:22 AM

I hvae a new FMC 6.6 VM and 2 new 4115 NGFWs. In determining whether to use high availability for FMC, what is the effect of a failed single instance FMC?

 

The 6.6 FMC documentation only mentions you lose event data if you only have one FMC and it fails.

Event data streams from managed devices to both Firepower Management Centers in the high availability pair. If one Firepower Management Center fails, you can monitor your network without interruption using the other Firepower Management Center.

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/firepower_management_center_high_availability.html?bookSearch=true

 

An older thread mentions the same thing.

https://community.cisco.com/t5/network-security/fmc-6-0-down-what-happens-with-the-logging/m-p/2857651

 

Will my inspection and decryption on the 4115s still work normally if a single-instance FMC goes down? 

And is there an issue with just restoring a FMC VM from a snapshot?

Thanks in advance.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎04-22-2020 12:55 PM

Hi,
If you only have 1 FMC you won't get central logging whilst the FMC is down, you won't be able to perform cloud lookups (AMP) and if you using user identity integration you will not receive updated ip/username bindings.

VM snapshots are not supported, nor is HA on virtual appliances.

HTH

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎04-22-2020 12:55 PM

Hi,
If you only have 1 FMC you won't get central logging whilst the FMC is down, you won't be able to perform cloud lookups (AMP) and if you using user identity integration you will not receive updated ip/username bindings.

VM snapshots are not supported, nor is HA on virtual appliances.

HTH
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents