Threat Defense Deployment with the Management Center
Review the Network Deployment
Figure 1: Suggested Network Deployment
6.4 Deployment
The dedicated Management 1/1 interface is a special interface with its own network settings. By default, only
the Management 1/1 interface is enabled and configured with an IP address (192.168.45.45). This interface
also runs a DHCP server initially; after you select the management center as the manager during initial setup,
the DHCP server is disabled. You can configure other interfaces after you connect the threat defense to the
management center.
The following figure shows the recommended network deployment for the Firepower 1010.
The management center can only communicate with the threat defense on the Management interface. Moreover,
both the management center and the threat defense require internet access from management for licensing
and updates.
In the following diagram, the Firepower 1010 acts as the internet gateway for the Management interface and
the management center by connecting Management 1/1 to an inside interface through a Layer 2 switch, and
by connecting the management center and management computer to the switch. (This direct connection is
allowed because the Management interface is separate from the other interfaces on the threat defense.)
Cisco Firepower 1010 Getting Started Guide
9