Cisco Firepower 1600, Firepower 2600, Firepower 4600 Hardware Installation Manual
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
First Published: 2019-06-26
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH
THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,
CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of
the UNIX operating system. All rights reserved. Copyright©1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.
CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT
LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network
topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional
and coincidental.
All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.
Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com
go trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any
other company. (1721R)
©
2019 Cisco Systems, Inc. All rights reserved.
CONTENTS
CHAPTER 1
CHAPTER 2
Overview 1
Features 1
Package Contents 3
Serial Number Locations 4
Front Panel 5
Front Panel LEDs 7
Rear Panel 10
Rear Panel LEDs 11
Power Supply 12
Hardware Specifications 13
Product ID Numbers 14
Power Cord Specifications 14
Installation Preparation 23
Installation Warnings 23
Safety Recommendations 25
CHAPTER 3
Maintain Safety with Electricity 25
Prevent ESD Damage 26
Site Environment 26
Power Supply Considerations 26
Rack Configuration Considerations 27
Mount and Connect 29
Unpack and Inspect the Chassis 29
Rack-Mount the Chassis 29
Connect Cables, Turn on Power, and Verify Connectivity 32
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
iii
Contents
CHAPTER 4
Maintenance and Upgrade 35
Power Button Shutdown 35
Remove and Replace a Drive 36
Remove and Replace a Power Supply 38
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
iv
Features
CHAPTER 1
Overview
• Features, on page 1
• Package Contents, on page 3
• Serial Number Locations, on page 4
• Front Panel, on page 5
• Front Panel LEDs, on page 7
• Rear Panel, on page 10
• Rear Panel LEDs, on page 11
• Power Supply, on page 12
• Hardware Specifications, on page 13
• Product ID Numbers, on page 14
• Power Cord Specifications, on page 14
The Cisco Firepower Management Center (FMC) 1600, 2600, and 4600 management appliances run software
that provides extensive intelligence about the users, applications, devices, threats, and vulnerabilities that exist
in your network. It also uses this information to analyze your network’s vulnerabilities. It then provides tailored
recommendations on what security policies to put in place and what security events you should investigate.
See Product ID Numbers, on page 14 for a list of the field-replaceable product IDs (PIDs) associated with
the FMC 1600, 2600, and 4600. You can remove and replace drives and power supplies. For all other internal
component failures, you must send your chassis for RMA.
The FMC management appliances support Cisco Firepower Threat Defense software. See the Cisco Firepower
Compatibility Guide, which provides Cisco Firepower software and hardware compatibility, including operating
system and hosting environment requirements, for each supported Firepower version.
Note
The FMC 1600, 2600, and 4600 are certified for Federal Information Processing Standards (FIPS) 140-2
beginning in Cisco Firepower version 6.4.1. See the "Security Certifications Compliance" topic in the
"Appliance Platform Settings" chapter in the Firepower Management Center Configuration Guide for the
instructions on how to enable security certifications compliance.
The following table lists the features of the FMC 1600, 2600, and 4600.
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
1
Features
Overview
Table 1: FMC 1600, 2600, and 4600 Features
460026001600Feature
1 RUForm factor
Rack mount
Airflow
Pullout asset card
Flex flash card
Grounding hole
Processor
Yes
Standard 19-in. (48.3 cm) 4-post EIA rack
Front to rear
Cold aisle to hot aisle
Displays the serial number and the MAC address for the two built-in management
ports.
32 GB (for vMedia)
Internal component only; not field-replaceable
Yes
Two threaded holes for dual-hole grounding lug
Use is optional; the supported AC power supplies have internal grounding, so
no additional chassis grounding is required.
YesLocator beacon
YesPower switch
One Intel Xeon 4110
processor
Two Intel Xeon 4110
processors
Two Intel Xeon 4116
processors
RDIMMs
Internal component only;
not field-replaceable
Management ports
USB ports
VGA port
128-GB RAM64-GB RAM32-GB RAMMemory
Two 16-GB
DDR4-2400-MHz
DIMMs
Four 16-GB
DDR4-2400-MHz
DIMMs
Eight 16-GB
DDR4-2400-MHz
DIMMs
Two built-in RJ-45 SFP+ ports
Support for 1000 Mbps, 1 Gbps, and 10 Gbps
The primary management port is eth0. You can use eth1, eth2, and eth3 as
secondary management or event ports.
Two
USB 3.0 Type A
One 3-row 15-pin DB-15 connector
Enabled by default
Two fixed SFP+ portsSFP ports
SFP-10G-SR (10 GB)Supported SFP+
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
2
Overview
Package Contents
460026001600Feature
Serial console port
System power
Fans
Storage
RAID controller
Package Contents
One
RJ-45 serial port running RS-232 (RS-232D TIA-561)
Two 770-W AC power supplies
Hot-swappable and redundant as 1+1
2626 BTU/hrPower consumption
Six fans for front-to-rear cooling
Internal component only; not field-replaceable
Two 1.2-TB 10-K SAS
HDDs
RAID 1, hot-swappable
One
The chassis has a dedicated internal riser for a PCIe-style Cisco modular RAID
controller card.
Internal component only; not field-replaceable
Four 600-GB 10-K SAS
HDDs
RAID 5, hot-swappable
Ten 1.2-TB SAS SSDs
RAID 6, hot-swappable
The following figure shows the package contents for the FMC 1600, 2600, and 4600. Note that the contents
are subject to change and your exact contents might contain additional or fewer items.
Figure 1: Package Contents
2Chassis1
RJ-45 to DP9-RS232 console cable (Cisco
part number 72-3383-XX)
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
3
Serial Number Locations
Overview
3
800-43376-02)
5
Useful Links Cisco Firepower Management
Center 1600, 2600, and 4600
The steps in the Useful Links document
send you to the documentation you need
to install, set up, and configure your FMC.
Serial Number Locations
The serial number (SN) for the FMC 1600, 2600, and 4600 is printed on the pullout asset card located on the
front panel as shown in the following figure of the FMC 1600.
Figure 2: Serial Number on Pullout Asset Card
4Cisco rail kit (Cisco part number
6
RJ-45 to RJ-45 Cat 5 Ethernet cable,
yellow six feet long (Cisco part number
72-1482-XX)
Two 10-Gb SFP transceivers with cables
Optional; in package if ordered.
4
The serial number is also on the label on the cover of the chassis as shown in the following figure.
Caution
The cover latch on the top of the chassis cover is not supported. There are no internal field-replaceable parts
in the FMC 1600, 2600, and 4600.
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
Overview
Front Panel
Figure 3: Serial Number Location on Cover
Front Panel
2Serial number label1
Cover latch
Not supported
The following figure shows the front panel features and disk-drive configuration for the FMC 1600. See Front
Panel LEDs, on page 7 for a description of the LEDs.
Figure 4: FMC 1600 Front Panel
1
Power button/power status LED2Drive bays
Supports two SAS HDDs in slots 1 and
2
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
5
Front Panel
Overview
System status LED4Unit identification button/LED3
Fan status LED6Power supply status LED5
Temperature status LED8Network link activity LED7
10Pullout asset card9
Keyboard, video, and mouse (KVM)
port
Not supported; use the VGA and USB
keyboard ports instead.
The following figure shows the front panel features and disk-drive configuration for the FMC 2600. See Front
Panel LEDs, on page 7 for a description of the LEDs.
Figure 5: FMC 2600 Front Panel
1
Power button/power status LED2Drive bays
Supports four SAS HDDs in slots 1
through 4
System status LED4Unit identification button/LED3
Fan status LED6Power supply status LED5
Temperature status LED8Network link activity LED7
10Pullout asset card9
KVM port
Not supported; use the VGA and USB
keyboard ports instead.
The following figure shows the front panel features and disk-drive configuration for the FMC 4600. See Front
Panel LEDs, on page 7 for a description of the LEDs.
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
6
Overview
Front Panel LEDs
Figure 6: FMC 4600 Front Panel
1
Front Panel LEDs
The following figure shows the front panel LEDs and describes their states.
Supports ten SAS SSDs in slots 1
through 6
Power button/power status LED2Drive bays
System status LED4Unit identification button/LED3
Fan status LED6Power supply status LED5
Temperature status LED8Network link activity LED7
10Pullout asset card9
KVM port
Not supported; use the VGA and USB
keyboard ports instead.
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
7
Front Panel LEDs
Overview
Figure 7: Front Panel LEDs and Their States
1
2Drive fault LED:
• Off—The drive is operating
properly.
• Amber—Drive fault detected.
• Amber, flashing—The drive is
rebuilding.
Drive activity LED:
• Off—There is no drive in the
drive tray (no access, no fault).
• Green—The drive is ready.
• Green, flashing—The drive is
reading or writing data.
• Amber, flashing with 1-second
interval—Drive locate function
activated in the software.
3
4Power LED:
• Off—There is no AC power to
the chassis.
• Amber—The chassis is in standby
mode.
• Green—The chassis is in main
Unit identification LED:
• Off—The unit identification
function is not in use.
• Blue, flashing—The unit
identification function is
activated.
power mode. Power is supplied
to all components.
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
8
Overview
Front Panel LEDs
5
6System status LED:
• Green—The chassis is running in
normal operating condition.
• Green, flashing—The chassis is
performing system initialization
and memory check.
• Amber—The chassis is in a
degraded operational state (minor
fault).
Power supply status LED:
• Green—All power supplies are
operating normally.
• Amber—One or more power
supplies are in a degraded
operational state.
• Amber, flashing—One or more
power supplies are in a critical
fault state.
• Power supply redundancy is
lost.
• CPUs are mismatched.
• At least one CPU is faulty.
• At least one DIMM is faulty.
• At least one drive in a RAID
configuration failed.
• Amber, two flashes—There is a
major fault with the system board.
• Amber, three flashes—There is a
major fault with the DIMMs.
• Amber, four flashes—There is a
major fault with the CPUs.
7
8Fan status LED:
• Green—All fans are operating
properly.
• Amber, flashing—One or more
fans breached the unrecoverable
threshold.
Network link activity LED:
• Off—The Ethernet port link is
idle.
• Green—One or more Ethernet
ports are link-active, but there is
no activity.
• Green, flashing—One or more
Ethernet ports are link-active with
activity.
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
9
Rear Panel
Overview
Rear Panel
Note
9
Although the Cisco Integrated Management Controller (CIMC) is not supported on the FMC, you can use
Lights-Out-Management (LOM) on the default management interface (eth0) on a Serial Over LAN (SOL)
connection to remotely monitor or manage the FMC system. For information about using LOM and SOL, see
the Cisco Firepower Management Center Getting Started Guide for Models 1600, 2600, and 4600 for more
information.
Temperature status LED:
• Green—The chassis is operating
at normal temperature.
• Amber—One or more
temperature sensors breached the
critical threshold.
• Amber, flashing—One or more
temperature sensors breached the
unrecoverable threshold.
The following figure shows the rear panel of the FMC 1600, 2600, and 4600.
Figure 8: Rear Panel
1
You can connect a keyboard, and along
with a monitor on the VGA port, you
can access the console.
3
Supports 100/1000/10000 Mbps
depending on link partner capability.
2USB 3.0 Type A (USB 1)
4eth0 management interface (labeled 1)
6VGA video port (DB-15 connector)5
USB 3.0 Type A (USB 2)
You can connect a keyboard, and along
with a monitor on the VGA port, you
can access the console.
eth1 management interface (labeled 2)
Gigabit Ethernet 100/1000/10000
Mbps interface, RJ-45, LAN2
CIMC interface (labeled M)
Not supported
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
10
Loading...