Hi, I have a Cisco Firepower 4110 and am going to run ASA code on it. If I'm running ASA code on the Firepower can I also use Threat Defense (I know I need the license for this) ? Can you let me know if I require any other components to enable me to run Threat Defense and how this can be achieved in terms of config set up?
I don't think you can since there is no SSD to hold the Firepower OS. On an ASA with FPS like an ASA5516X there is a SSD for the Firepower. not the case for the 4100. its an either or situation. unless you are talking about contexts that is on the road map.then you might be able to have a context only running ASA code and another running FTD code
@Marvin Rhoads CL 2020 Andrew Ossipov mentioned mix of FTD and ASA instance plan for future release. therefore i assume there is a possibility to run/mix them together in future?
Correct - it will show up in some later release. I'm not sure if it will be 6.7 (this year) or something after that. It may be only on 9300 series as the 4100 series only supports a single logical device type - multi instance is only for FTD.
Sheraz already mentioned that there is multi-instance mode (basically slicing hardware resources and enabling you to run multiple virtual FTD instances on your FPR4110, but as of today mixing ASA and FTD on a single FPR4100 is not supported)
a.d. licensing: You would need a license to use Intrusion Prevention, Malware Protection and URL Filtering. Base functionality does not require an additional license
a.d. other components: You could use Firepower Device Manager (FDM) for onboard management of FTD, but generally I would recommend using Firepower Management Center (FMC), which is a central mgmt appliance that exposes more features in contrast to FDM. That one is available as virtual or physical appliance. The smallest virtual instance supports 2x FTD appliances and requires a license
a.d. configuration setup: The Getting Started Guide will walk you through step by step