05-07-2020 12:58 AM
Hi, I have a Cisco Firepower 4110 and am going to run ASA code on it. If I'm running ASA code on the Firepower can I also use Threat Defense (I know I need the license for this) ? Can you let me know if I require any other components to enable me to run Threat Defense and how this can be achieved in terms of config set up?
thanks
05-07-2020 05:48 AM - edited 05-07-2020 10:14 AM
05-07-2020 07:31 AM
I don't think you can since there is no SSD to hold the Firepower OS. On an ASA with FPS like an ASA5516X there is a SSD for the Firepower. not the case for the 4100. its an either or situation. unless you are talking about contexts that is on the road map.then you might be able to have a context only running ASA code and another running FTD code
05-08-2020 12:28 AM
05-08-2020 11:14 PM
You cannot currently mix ASA and FTD logical devices on a single appliance.
It will be a very fast ASA, just without any Firepower features at all.
05-09-2020 01:37 AM - edited 05-09-2020 01:38 AM
@Marvin Rhoads CL 2020 Andrew Ossipov mentioned mix of FTD and ASA instance plan for future release. therefore i assume there is a possibility to run/mix them together in future?
05-09-2020 05:02 AM
Correct - it will show up in some later release. I'm not sure if it will be 6.7 (this year) or something after that. It may be only on 9300 series as the 4100 series only supports a single logical device type - multi instance is only for FTD.
05-11-2020 11:15 AM
05-09-2020 02:46 AM
Sheraz already mentioned that there is multi-instance mode (basically slicing hardware resources and enabling you to run multiple virtual FTD instances on your FPR4110, but as of today mixing ASA and FTD on a single FPR4100 is not supported)
a.d. licensing: You would need a license to use Intrusion Prevention, Malware Protection and URL Filtering. Base functionality does not require an additional license
a.d. other components: You could use Firepower Device Manager (FDM) for onboard management of FTD, but generally I would recommend using Firepower Management Center (FMC), which is a central mgmt appliance that exposes more features in contrast to FDM. That one is available as virtual or physical appliance. The smallest virtual instance supports 2x FTD appliances and requires a license
a.d. configuration setup: The Getting Started Guide will walk you through step by step
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide