Preview Tool

Cisco Bug: CSCvs84670 - DOC: FTD HA configuration guide needs to mention snort and disk status as a failover trigger

Last Modified

Jun 15, 2020

Products (1)

  • Cisco Firepower Management Center

Known Affected Releases

6.2.3 6.3.0 6.4.0 6.5.0

Description (partial)

Snort down and disk full conditions are triggering failover event. But as of now it is not documented in FMC configuration guides:

ASA monitors the state of the SW and the interfaces. FTD also monitors Snort and Disk space.
FTD monitors the following components:
- Snort status (50%): meaning that half of the device's snort instances has to be down at a time in order to trigger a failover event. For example, if device has 6 snort instances and only one instance has crashed at a time - failover is not occuring (but traffic interruption is observed; it depends on the traffic that was handled by that snort instance)
- Disk full (~90% of /ngfw/)
- Interfaces (except subinterfaces by default)
- Software status

Missing failover triggering events in documentation added.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.