Version Compatibility
The following tables provide a high-level overview of the solution components required to use Secure Network Analytics to store Firewall event data in a Security Analytics and Logging (OnPrem) deployment.
Firewall Appliances
You must deploy the following Firewall appliances:
Solution Component |
Required Version |
Licensing for Security Analytics and Logging (OnPrem) |
Notes |
---|---|---|---|
Secure Firewall Management Center (hardware or virtual) |
v7.2+ For the management center running earlier versions, see https://cisco.com/go/sal-on-prem-docs. |
none |
|
Secure Firewall managed devices |
v7.0+ using the wizard Threat Defense v6.4 or later using syslog NGIPS v6.4 using syslog |
none |
|
ASA devices |
v9.12+ |
none |
Secure Network Analytics Appliances
You have the following options for deploying Secure Network Analytics:
-
Manager only - Deploy only a Manager to ingest and store events, and review and query events
-
Data Store - Deploy Flow Collector(s) to ingest events, Data Store to store events, and Manager to review and query events
Solution Component |
Required Version |
Licensing for Security Analytics and Logging (OnPrem) |
Notes |
---|---|---|---|
Manager |
Secure Network Analytics v7.4.2 |
none |
|
Security Analytics and Logging (OnPrem) app |
Security Analytics and Logging (OnPrem) app v3.2.0 |
Logging and Troubleshooting Smart License, based on GB/day |
|
Solution Component |
Required Version |
Licensing for Security Analytics and Logging (OnPrem) |
Notes |
---|---|---|---|
Manager |
Secure Network Analytics v7.4.2 |
none |
|
Flow Collector |
Secure Network Analytics v7.4.2 |
none |
|
Data Store |
Secure Network Analytics v7.4.2 |
none |
|
Security Analytics and Logging (OnPrem) app |
Security Analytics and Logging (OnPrem) app v3.2.0 |
Logging and Troubleshooting Smart License, based on GB/day |
|
In addition to these components, you must make sure that all of the appliances can synchronize time using NTP.
If you want to remotely access the Secure Firewall or Secure Network Analytics appliances' consoles, you can enable access over SSH.