Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1766
Views
0
Helpful
3
Replies

FMC to manage ASA 5506-X FTD and NGFW 1010

Go to solution
Travis-Fleming
Level 1
Level 1

‎09-10-2019 08:46 AM - edited ‎02-21-2020 09:28 AM

We are purchasing a FirePower 1010 NGFW. We currently use FMC version 6.2.3. From reading the below release notes on FMC, we will need to upgrade our FMC to version 6.4.0+ in order to manage the new 1010 device. However we have four FTD ASA 5506-x devices currently being managed by our FMC. From the below release notes what I am gathering is that version 6.3.0 is the last version of FMC you can use to manage the 5506.

 

Does this mean we have to get Defense Orchistrator to manage the new 1010 NGFW if we want to keep our FMC to manage the 5506-x device, or we would need to upgrade our 5506-x devices to 1010's if we want to keep FMC?

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/relnotes/firepower-release-notes-640/features.html#id_110361

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-10-2019 11:15 AM

An FMC 6.4 can manage devices at version 6.1 or later.

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/relnotes/firepower-release-notes-640/compatibility.html#id_88316

So you are fine keeping your FMC to manage both the ASA 5506's with FTD as well as new Firepower 1100 series devices with FTD.

If you want to use CDO then you will not be able to manage your 5506-X devices from it as it requires FTD 6.4 or later.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-10-2019 11:15 AM

An FMC 6.4 can manage devices at version 6.1 or later.

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/relnotes/firepower-release-notes-640/compatibility.html#id_88316

So you are fine keeping your FMC to manage both the ASA 5506's with FTD as well as new Firepower 1100 series devices with FTD.

If you want to use CDO then you will not be able to manage your 5506-X devices from it as it requires FTD 6.4 or later.

0 Helpful

Go to solution
Travis-Fleming
Level 1
Level 1
In response to Marvin Rhoads

‎09-10-2019 12:06 PM

Thank you. So even though the link you provided does not state the ASA 5506-X device is compatible, as long as the software on that FTD is 6.1 or newer it's okay?
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Travis-Fleming

‎09-10-2019 09:00 PM

@Travis-Fleming wrote:
Thank you. So even though the link you provided does not state the ASA 5506-X device is compatible, as long as the software on that FTD is 6.1 or newer it's okay?

That's correct.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card