Cloud-delivered Firewall Management Center Host Limit
The Cloud-delivered Firewall Management Center adds a host to the network map when it detects activity associated with an IP address in your monitored network (as defined in your network discovery policy).
Cloud-delivered Firewall Management Center can store a maximum of 600,0000 hosts in its host database but we recommend the following.
|
Number of devices managed by CDO |
Recommended number of hosts |
|---|---|
|
1-50 |
100,000 |
|
51-300 |
300,000 |
|
301-1000 |
600,000 |
You cannot view contextual data for hosts not in the network map. However, you can perform access control. For example, you can perform application control on traffic to and from a host not in the network map, even though you cannot use a compliance allow list to monitor the host's network compliance.
Note | The system counts MAC-only hosts separately from hosts identified by both IP addresses and MAC addresses. All IP addresses associated with a host are counted together as one host. |
Reaching the Host Limit and Deleting Hosts
The network discovery policy controls what happens when you detect a new host after you reach the host limit; you can drop the new host, or replace the host that has been inactive for the longest time. You can also set the period after which the system removes a host from the network map due to inactivity. Although you can manually delete a host, an entire subnet, or all of your hosts from the network map, if the system detects activity associated with a deleted host, it re-adds the host.