Monitoring the Cisco Firepower Thread Defense

eG Enterprise provides a specialized Cisco Firepower Thread Defense (FTD) monitoring model (see Figure 1), which periodically polls the SNMP MIB of the target device to measure its operating conditions of power supply unit, CPU processor, fan modules, and storage controller.

Figure 1 : The layer model of the Cisco Firepower Thread Defense

Using the metrics reported, administrators can find quick and accurate answers for the following performance questions:

• Is the chassis in FTD device in degraded state?
• Is the connection status of the chassis in FTD device in standby mode?
• How well the CPU was utilized by each processor in FTD device?
• Is there a resource contention on the FTD device? Which resource is bottleneck-ed – CPU or memory?

• Were any abnormalities detected in the operations of fan module?

• Are all fans operating well in FTD device?

• Is the temperature of power supply unit in FTD device high?

• Is the storage controller in FTD device idle?

The Network layer of the Cisco Firepower Threat Defense model is similar to that of a Windows Generic server model. Therefore, you can refer to the Unix and Windows Serverschapter in which the tests mapped to the Network layer have been discussed briefly.