cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1247
Views
0
Helpful
3
Replies

Monitoring Cisco Virtual Firepower Threat Defense

Mohammadekrami
Level 1
Level 1

We have an instance of a VFTD firewall on our infrastructure and we would like to monitor it's sessions that are coming to our network via snmp but we couldn't find any OIDs related to that . 

3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

what kind of sessions?  VPN?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

We have a webserver and all of our traffics goes through our edge firewall which is a VFTD appliance ..

just like google analytics that provides you with a graph below , we want to monitor how many connections do we have and where are these connections come from ! currently we don't have a parameter (such the picture blow) in our NSM.. and we also have a Firepower management center that provides us connection stats which is exactly what we want but it seems there is no OIDs related to that . 

Screenshot 2020-12-19 225231.png

Marvin Rhoads
Hall of Fame
Hall of Fame

Cisco doesn't expose that connection information via SNMP. You can export connection events to a SIEM in addition to (or instead of) FMC if you have one that supports such functionality but that would be a lot of work just to duplicate what's available in FMC. You could also export Netflow data (from your firewall) to something like StealthWatch which has similar functionality.