Understand FMC-x700 Platforms
Available Languages
Contents
Introduction
This document describes the Cisco Secure Firepower Management Center(FMC)-x 700 Platforms.
Requirements
FMC 4600/2600/1600 (M5 FMC) based on UCS hardware UCS C220-M5 is reaching end-of-sale around the end of 2023. So, we are required to migrate to the newer UCS C225-M6 hardware.M6 FMC platforms (BullsEye project) would be supported only with 7.4.0 and later releases.
Components Used
The information in this document is based on these software and hardware versions:
Cisco Firewall Management Center (FMC) 4600/2600/1600 running 7.4
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Solution
Thegoal of M6 FMC platforms is to have transparent/seamless transition from old M5-based FMC models to new M6-based FMC models.You would not notice any difference in usage of the M6-based FMC models, except for improved performance for FMC4700.M6-based FMC models use the same ISO file which is used for installation of M5-based FMC models.
Transition from M4 and M5 to M6-Based FMC Models
Difference Between M5 and M6 Based FMC
M6 FMC Chassis Front View
M6 FMC Chassis Rear View
Recovery Drives for M6-Based FMC
On M5-based FMC models, a single SD card used for recovery was corrupted in some cases.To address this problem, the M6-based FMCs support two M2 drives and RAID1 would be pre-configured before shipping the units.Two drives are used to support redundancy, even if one drive is corrupted, data must be intact in another drive.Effectively, 240GB would be available after configuring with RAID1.
SFPs Supported
The 10G SFPs which were qualified for M5 FMC would be supported for M6 FMC as well.
This list of SFPs can be used on eth2 & eth3 across all models.
- SFP-10G-SR
- SFP-10G-LR
These SFPs are qualified for 25G speed on eth2 and eth3 for FMC4700.FEC must be configured with RS-IEEE on peer side switch for 25G.
- SFP-25G-SR-S
- SFP-10/25G-LR-S
- SFP-10/25G-CSR-S
NIC Cards Supported: M5 and M6 Compared
Model Migration Support
Configuration File
cat /etc/sf/ims.conf (this is not the full content of ims.conf file)
CSMVERSION=7.4.0
MODELNUMBER=66
MODEL="Secure Firewall Management Center 4700"
MODELID=U
PRODUCT_ID=FMC4700-K9
Firmware Version, PID, CPU Used from dmidecode
dmidecode : This utility can be used to get the hardware information and firmware running on the device.
Note: dmidecode command must be run as a root user.
root@firepower:~# dmidecode --type 0 -> command to get the BIOS firmware version
BIOS Information
Vendor: Cisco Systems, Inc. M6 FMC
Version: C225M6.4.2-2c.0.0731220910 -> BIOS firmware version
Release Date: 07/31/2022
root@firepower:~# dmidecode --type 1 -> command to get the product id
Product Name: FMC4700-K9
Serial Number: WZP254500YD
root@firepower:~# dmidecode | grep -i processor -> command to get CPU information
Type: Central Processor
Version: AMD EPYC 7352 24-Core Processor
Q&As
Q: Would M6 also support CIMC?
No, as of now model migration is supported within M6 FMC models, model migration support from M5 to M6 is forthcoming in future releases.
Q: Please confirm that for the IFT software, we can only load a backup from other M6 FMCs and not from an M5 FMC.
There is a plan to support migration from M4 and M5 FMCs to M6 FMCs.
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
29-Jul-2024 |
Initial Release |
Feedback