Sorry for resuscitating an old thread, but I have a similar question.

I'm looking at getting an ASA-5555-X with FP services and am trying to determine the necessity for the management product.

I know this thread concludes that it is required, but I saw this statement in the Cisco ASA with FirePOWER Services Data Sheet:

For local, on-device management including deployments for small and midsized businesses, Cisco Adaptive Security Device Manager (ASDM) 7.3.x provides, access control and advanced threat defense management. ASDM V 7.3.x provides an enhanced user interface that provides quick views on trends and the ability to drill down for further analysis.

So I wondered if I can do without it and just use ASDM. If not, do I have to use VMware to run it? Can I use HyperV or a physical box?

Thanks for any insight you can offer.

No, you cannot use "just ASDM". The key phrase "for small and midsized businesses" alludes to the models I mentioned earlier.

Only those models' FirePOWER modules can be managed directly from ASDM.

FireSIGHT Management Center  (aka Defense Center) for all other models requires either VMware for smaller VM-based deployments or a physical FireSIGHT appliance for larger installations or those unable or choosing not to run VMware..

Hyper-V is not a supported option and I have yet to see anyone running it. Theoretically you should be able to - the management center is a Linux box under the covers - but you'd be on your own as far as support.

Seeing as the product is useless without the software you'd think they would include it with the firewall when purchased that way. It also seems strange that they force you to use VMware. I wonder why they chose that of all things.

Thanks for the reply though, I appreciate it.

Do you still need FMC to manage Firepower URL filtering on a single ASA5512X?

Yes. It's required for all models except the new 5506, 5508 and 5516.

Those (and ONLY those - at this time) can use FireSIGHT capability embedded in ASDM 7.3(3).