Release Notes
Supported Features
This release enables you to quarantine offending endpoints that are detected by the Cisco Firepower Management Center Remediation Module for ACI, using APIC version 5.1(1h). For version 2.0.1 of the remediation module, the supported behavior when endpoints are quarantined is described in the following table:
VMware Distributed Virtual Switch (DVS) |
Bare metal |
|
---|---|---|
Verified in IPS inline mode |
Yes |
Yes |
EPG bridge mode |
Yes |
Yes |
EPG routed mode |
No |
No |
Multiple IP to one MAC checking |
Yes |
Yes |
Create only an IP address filter uSeg attribute |
No |
No |
Create both an IP address filter and a MAC address filter uSeg attribute |
Yes |
Yes |
Quarantine source and destination endpoints |
Yes |
Yes |
Apply a predefined management contract to source and destination endpoints |
Yes |
Yes |
Always allow traffic to critical servers |
Yes |
Yes |
Download and Install the Cisco Firepower Management Center Remediation Module for ACI
Before you begin
Make sure you're using compatible versions as shown in the following table.
Remediation module version compatible with.... |
Management Center version |
APIC version |
---|---|---|
2.0.1 |
6.7 and later |
5.1(1h) |
Procedure
Step 1 |
Download the Cisco Firepower Management Center Remediation Module for ACI (link to download) to a machine on which you'll connect to the management center. |
Step 2 |
If you haven't done so already, log in to the management center. |
Step 3 |
Click . |
Step 4 |
In the Install a New Module section, click Browse. |
Step 5 |
Follow the prompts to upload the remediation module. |
Step 6 |
Click Install. |
Step 7 |
When successfully installed, the Cisco Firepower Management Center Remediation Module for ACI is displayed in the list of installed remediation modules: |
Resolved Caveats
Version 2.0.1
There are no resolved caveats in the Cisco Firepower Management Center Remediation Module for ACI version 2.0.1.
Open Caveats
Version 2.0.1
There are no open caveats in the Cisco Firepower Management Center Remediation Module for ACI version 2.0.1.
Resolved Enhancement Requests
Version 2.0.1
Link to issue |
Description |
---|---|
Add quarantine destination type in APIC/FMC Remediation Module for FMC 6.7 or earlier |
|
Avoid quarantine critical servers in APIC/FMC Remediation Module for FMC 6.7 or earlier |
|
Apply predefined contract on APIC through remediation module on FMC 6.7 |
|
Rebranding the ACI/FirePOPWER Remediation Module |
Open Enhancement Requests
Version 2.0.1
There are no open enhancement requests in the Cisco Firepower Management Center Remediation Module for ACI version 2.0.1.
Related Documentation
For additional information about the Cisco Cisco Firepower Management Center Remediation Module for ACI, see the appropriate guide.
For additional information about the Cisco APIC and ACI, see APIC Documentation.
For information on using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see the Support Case Manager.