Q: I rebooted the Defense Center and now it's off the network. What happened?

A:

You may find, as I did, that after rebooting your Defense Center there is no longer a link between the DC and the switch. I had the switch and DC both hardcoded at 1000/full. I called Sourcefire tech support and they had me try everything: patching to a different switchport, a different switch, etc. I had to hook up a console and keyboard to the DC and checked ifconfig, ethtool, etc. Sourcefire even sent IBM in to swap out the motherboard (which contains the ethernet adapter). After at least six hours of work time, and a week's clock time, the ethernet was still not linking up, regardless of the speed setting at the switch. Tech support could not think of a fix. It started working when at the command line I set eth0 to autonegotiate speed and duplex: ethtool -s eth0 autoneg on (btw, after the motherboard swap I had to redo the license file, and when I finally got the licensing donw I was greeted with lots of "correlator not running" in the DC log. I started the correlator manually and am hoping for the best.) Saving grace during all this was that I was still able to log into each IS separately over the www interface and check for events. Make sure you have an account on each IS ready to go in case you too lose your DC.