The Cisco Firepower 4100/9300 chassis is a next-generation platform for network and content security solutions. The Firepower 4100/9300 chassis is part of the Cisco Application Centric Infrastructure (ACI) Security Solution and provides an agile, open, secure platform that is built for scalability, consistent control, and simplified management.

The Firepower 4100/9300 chassis provides the following features:

• Modular chassis-based security system—provides high performance, flexible input/output configurations, and scalability.

• Secure Firewall chassis manager—graphical user interface provides streamlined, visual representation of current chassis status and simplified configuration of chassis features.

• Secure Firewall eXtensible Operating System (FXOS) CLI—provides command-based interface for configuring features, monitoring chassis status, and accessing advanced troubleshooting features.

• FXOS REST API—allows users to programmatically configure and manage their chassis.

The FXOS provides a web interface that makes it easy to configure platform settings and interfaces, provision devices, and monitor system status. The navigation bar at the top of the user interface provides access to the following:

• Overview—From the Overview page you can easily monitor the status of the chassis. For more information, see Monitoring the Chassis Status.

• Interfaces—From the Interfaces page, you can view the status of the installed interfaces on the chassis, edit interface properties, enable or disable an interface, and create port channels. For more information, see Interface Management.

• Logical Devices—From the Logical Devices page, you can create, edit, and delete logical devices. You can also view the current status of existing logical devices. For more information, see Logical Devices.

• Security Modules/Security Engine—From the Security Modules/Security Engine page, you can view the status of and can perform various functions on a security module/engine, such as power cycling, reinitializing, acknowledging, and decommissioning. For more information, see Security Module/Engine Management.

• Platform Settings—From the Platform Settings page, you can configure chassis settings for the following: date and time, SSH, SNMP, HTTPS, AAA, Syslog, and DNS. For more information, see Platform Settings.

• System Settings—From the System menu, you can manage the following settings:

  • Licensing—From the Licensing page, you can configure Smart Call Home settings and register your chassis with the Licensing Authority. For more information, see License Management for the ASA.

  • Updates—From the Updates page, you can upload Platform Bundle and Application images to the chassis. For more information, see Image Management.

  • User Management—From the User Management page you can configure user settings and define user accounts for the Firepower 4100/9300 chassis. For more information, see User Management.

From the Overview page you can easily monitor the status of the Firepower 4100/9300 chassis. The Overview page provides the following elements:

• Device Information—The top of the Overview page contains the following information about the Firepower 4100/9300 chassis:

  • Chassis name—shows the name assigned to the chassis during initial configuration.

  • IP address—shows the management IP address assigned to the chassis during initial configuration.

  • Model—shows the Firepower 4100/9300 chassis model.

  • Version—shows the FXOS version running on the chassis.

  • Operational State—shows the operable status for the chassis.

  • Chassis uptime—shows the elapsed time since the system was last restarted.

  • Shutdown button—gracefully shuts down the Firepower 4100/9300 chassis (see Powering Off the Firepower 4100/9300 Chassis).

    Note	You can power off/on a security module/engine from the Security Modules/Security Engine page (see Power-Cycling a Security Module/Engine).

  • Reboot button—gracefully shuts down the Firepower 4100/9300 chassis (see Rebooting the Firepower 4100/9300 Chassis).

  • Uptime Information Icon—hover over the icon to see uptime for the chassis and for any installed security module/engine.

• Visual Status Display—Below the Device Information section is a visual representation of the chassis that shows the components that are installed in the chassis and provides a general status for those components. You can hover over the ports that are shown in the Visual Status Display to get additional information such as interface name, speed, type, admin state, and operational state. For models with multiple security modules, you can hover over the security modules that are shown in the Visual Status Display to get additional information such as device name, template type, admin state, and operational state. If a logical device is installed on that security module, you can also see the management IP address, software version, and logical device mode.

• Detailed Status Information—Below the Visual Status Display is a table containing detailed status information for the chassis. The status information is broken up into five sections: Faults, Interfaces, Devices, License, and Inventory. You can see a summary for each of those sections above the table and you can see additional details for each of those sections by clicking on the summary area for the information you want to view.

  The system provides the following detailed status information for the chassis:

  • Faults—Lists the faults that have been generated in the system. The faults are sorted by severity: Critical, Major, Minor, Warning, and Info. For each fault that is listed, you can see the severity, a description of the fault, the cause, the number of occurrences, and the time of the most recent occurrence. You can also see whether the fault has been acknowledged or not.

    You can click on any of the faults to see additional details for the fault or to acknowledge the fault. To acknowledge multiple faults, click the check box next to each fault you want to acknowledge and then click Acknowledge. You can use the Select All Faults and Cancel Selected Faults buttons to quickly select or deselect multiple faults.

    Note

    Once the underlying cause of the fault has been addressed, the fault will automatically be cleared from the listing during the next polling interval. If a user is working on a resolution for a specific fault, they can acknowledge the fault to let other users know that the fault is currently being addressed.

  • Interfaces—Lists the interfaces installed in the system. The All Interfaces tab shows the interface name, operational status, administrative status, number of received bytes, and number of transmitted bytes. The Hardware Bypass tab shows only interface pairs that are supported for the Hardware Bypass feature on the threat defense application. For each pair, the operational state is shown: disabled (Hardware Bypass is not configured for the pair), standby (Hardware Bypass is configured, but not currently active), and bypass (actively in Hardware Bypass).

  • Instances—Lists the logical devices configured in the system and provides the following details for each logical device (hover your cursor over the bar): device name, status, image version, management IP address, and number of cores. You can also view the Ingress VLAN Group Entry Utilisation and Switch Forwarding Path Entry Utilisation at the bottom of the page.

  • License—(For ASA logical devices) Shows whether smart licensing is enabled, provides the current registration status of your license, and shows license authorization information for the chassis.

  • Inventory—Lists the components installed in the chassis and provides relevant details for those components, such as: component name, number of cores, installation location, operational status, operability, capacity, power, thermal, serial number, model number, part number, and vendor.

Note	If power redundancy is implemented, do not change any settings related to power redundancy in FXOS.