Deploying Firepower Threat Defense:





















The above diagram explains the best deployment practice for Firepower Devices:

inside --> outside traffic flow

the outside IP address from DHCP

DHCP for clients on the inside

Management 1/1 is used to set up and register the Firepower Threat Defense to the Firepower Management Center.

Firepower Management Center access on the inside interface.

Note: The above diagram only illustrates the default IP schema which can use in your setup.





The default configuration considers that certain interfaces are used for the inside and outside networks. The initial configuration will be easier to complete if you connect network cables to the interfaces based on these expectations. To cable, the above scenario on the Firepower 2100 series, refer below network diagram:













Procedure





1. Cable the following to a Layer 2 switch:

Ethernet 1/2 interface (inside)

Management 1/1 interface (for the Firepower Management Center)

A local management computer

A Firepower Management Center

Note: We can connect inside and management on the same network because the management interface acts like a separate device that belongs only to Firepower Management.





2. Connect the Ethernet 1/1 interface to your WAN device, for example, cable modem.





Power on the Firepower 2100 Security Appliance





The power switch is implemented as a soft notification switch that supports the graceful shutdown of the system to reduce the risk of system software and data corruption.





Procedure