I'm in the process of acquiring some new FTD's with FMC. But can't find a definitive answer as to whether the FMC can manage ASA configs & logging too ?
The company has a large estate of 5525-X without FirePower & a few 5545-X's with.
I'm trying to improve the management & getting some resistance to migrating everything to FTD.
Anyone got hands on experience that can answer this please ?
You can manage configs of ASA and Firepower appliances with either ASA or FTD software using Cisco Defense Orchestrator (CDO). Logging (SAL) would be supported for FTD only.
As @RJI noted, FMC cannot manage ASA software (including logs) at all.
Thanks for the replies, appreciate you confirming my fears.
Seems strange with Cisco advertising "single pain of glass" but not supporting the ASA product line with their new management engine. I guess FTD is their planned future, but not having a single management console is a real PIA compared to the other vendor products I work with.
Onwards & upwards.
Actually Firepower Management Center isn't a new management engine. It's the latest version of the product that started as Sourcefire Defense Center back over 10 years ago.
CDO is a new management engine. It supports FTD, ASA and Meraki security appliances.
there's always budget and technical/person resource constraint in any IT environment.
you don't have to forklift all your ASA to FTD appliance. you can do it by phases: either buy/add FP module on ASA-x series or convert to FTD to manage them via FMC.
see helpful links: