nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Native support for Cisco Firepower 4120, 9300 and FMC4000

cstenager

Looking for the ability to monitor Cisco Firepower devices, and hardware internals (Fans, PSU etc) within NPM.

The current hardware status is: Could not poll

Find more posts tagged with

Status: None

Comments

rschroeder

Our VAR, and Cisco, tell us LOTS of customers are using FirePower/FireSight now for firewalling/IPS/IDS and more.

Even my sites have migrated to it, and getting it fully monitored & managed via NPM and NCM is critical. What's the current support status for this security solution with Solarwinds Orion products?

ecklerwr1

I would think more people would be concerned about this???

rschroeder

My guess is that most companies who have FTD are aware that its configuration files are not running & startup configs that can be accessed by SSH and managed by downloading them to NCM.

FTD does have its own internal backup solution, but it's never going to be as useful for change management and compliance as NCM makes other IOS config files.

I'll be SW is looking into this, trying to find ways to better understand the product and determine if NCM can manage it in any way.

Similarly, I'd hope that SW is looking into ways for NPM to discover & monitor FTD solutions.

But the fact that they're security items makes it more challenging to open them up (even via SSH and snmp-v3) for NPM to access & report on.

I'm still waiting to hear Cisco has bought out the old Nortel Device Manager GUIs and put them on all Cisco boxes (instead of the html files), and that CiscoWorks has been dumped and Cisco partnered with Solarwinds (without taking a controlling share of SW), and made SW the de facto management/monitoring solution for all their products.

Although I can dream, I'll be retired LONG before either of those scenarios will happen.

I notice Cisco's been touting a new GUI, recently. Skeptical Cat remains skeptical, though.

enderaz

I too would like to see native Solarwinds support for this product. You'd think with as big as SW is they'd have quicker support for adding new devices. I know companies like AKiPS garuntee 2 week turn-around time to add new device support.

rschroeder

I've spoke with Cisco TAC about supporting the Firepower 4110's in my environment, and they provided MIB and OID information for polling. Feel free to use this and let the group know your satisfaction. I understand this isn't Solarwinds natively supporting the products, but at least it's something we can use for better monitoring Firepower devices.

If your network management system requires a management information base (MIB) file you can obtain it from the Defense Center or the 3D managed devices at:

etc/sf/DCEALERT.MIB

Also in order to perform health monitoring and Threshold Crossover Alarms (network performance monitoring) for FirePower products, below Mentioned OIDs should be polled:

1. CPU
percentage of user CPU time:    .1.3.6.1.4.1.2021.11.9.0
raw user cpu time:                  .1.3.6.1.4.1.2021.11.50.0
percentages of system CPU time: .1.3.6.1.4.1.2021.11.10.0
raw system cpu time:              .1.3.6.1.4.1.2021.11.52.0

percentages of idle CPU time: .1.3.6.1.4.1.2021.11.11.0

raw idle cpu time: .1.3.6.1.4.1.2021.11.53.0

raw nice cpu time: .1.3.6.1.4.1.2021.11.51.0

2. Memory

Total Swap Size:                .1.3.6.1.4.1.2021.4.3.0
Available Swap Space:      .1.3.6.1.4.1.2021.4.4.0
Total RAM in machine:         .1.3.6.1.4.1.2021.4.5.0
Total RAM used:                 .1.3.6.1.4.1.2021.4.6.0

Total RAM Free:                  .1.3.6.1.4.1.2021.4.11.0
Total RAM Shared:               .1.3.6.1.4.1.2021.4.13.0
Total RAM Buffered:             .1.3.6.1.4.1.2021.4.14.0
Total Cached Memory:           .1.3.6.1.4.1.2021.4.15.

3. Interfaces :

fAdminStatus .1.3.6.1.2.1.2.7
ifOperStatus .1.3.6.1.2.1.2.8

fInDiscards .1.3.6.1.2.1.2.13
ifInErrors .1.3.6.1.2.1.2.14

fOutDiscards .1.3.6.1.2.1.2.19
ifOutErrors .1.3.6.1.2.1.2.20

CourtesyIT

If we have the MIBs for the FirePowers can we add them into Solarwinds if we are not using the 12.2? If so, where? I have not had to add MIBs to Solarwinds in years and lots has changed!

cmatrask

Thank you for sharing this!

enderaz

Currently for my 9300's, I have it sending all system logs to Solarwinds. I then built syslog based alarms via *firepower* to trigger an email to our group. The only downside of this is that I'll get occasional emails about a single CPU at high utilization, but its not a ton of messages or anything so I deal with it.

surnaihai899

I have this issue to and need the device template.