Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
118
Views
1
Helpful
3
Replies

Provisioning Cisco FTD via API

mdusman
Level 1
Level 1

‎03-04-2025 09:32 AM

Hello 

We previously used ASAv firewall provisioning/cloning for the Nutanix platform via the Nutanix REST API. Now, we are planning to provision and deploy Cisco Firepower Threat Defense (FTD) on Nutanix using an API-based approach, and later manage it through FMC API.

Cisco provides an outlining the interface process for deploying FTD on Nutanix.

Deploy the Threat Defense Virtual on Nutanix 

Question:

Can this provisioning and deployment process be fully automated using the Nutanix API or does it require Cisco API for deployment?

 

Looking forward to insights from the community. Thanks!

Labels:
0 Helpful
3 Replies 3

bigevilbeard
VIP
VIP

‎03-05-2025 01:39 AM

By no means an expert on this, from what i read with the link you provided, above the provisioning / deployment process for Cisco F FTD on nutanix could be partially automated using the nutanix API, but it will also require you to use of Cisco APIs (maybe or other tools too) to then fully automate the deployment and configuration of the FTD virtual appliance.

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
0 Helpful

Torbjørn
VIP
VIP

‎03-05-2025 02:01 AM

As long as you provide a day0 config with necessary config(IP, DNS, Auth & not locally managed) when deploying the FTD you should only need to add it to FMC with the FMC API after the initial FTD deployment to get to a managed state. At which point you can complete FTD configuration through FMC APIs

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

mdusman
Level 1
Level 1
In response to Torbjørn

‎03-05-2025 08:49 AM

Thank you @Torbjørn  for your insights!

My main concern is whether Nutanix API alone can fully provision FTD, considering the following:

Image Upload – Since FTD requires a QCOW2 image, it must first be uploaded to Nutanix Image Service before deployment.

Day-0 Configuration – During VM creation, a Day-0 file needs to be passed to preconfigure networking (IP, DNS, Auth) and FMC registration.

From what I understand:

  • Nutanix API can handle image upload and VM creation.
  • Nutanix API v3 supports cloud-init, which can automate Day-0 configuration.
  • Nutanix API v2 does not support cloud-init, meaning the setup may require manual steps after deployment.

I now need to validate it and once its confirm I will move to FMC API for registration part. 

0 Helpful
Customers Also Viewed These Support Documents