Thank you Marvin,

sifathmirza · ‎03-23-2016

Hello All,

Is it require firepower management center (FS750-K9) to manage ASAfirepower(ASA5525-FPWR-K9) & L-ASA5525-TAC- (IPS&URL) , can we manage single FirePower through ASDM 7.3 or higher ..?

Karsten Iwen · ‎03-24-2016

You can manage a single ASA with FirePOWER through ASDM. You need a newer ASA image, a newer ASDM and your FP module has to be at least v6.

If you have the choice between management with ASDM and through FPMC (which can also run virtually on ESXi), choose FPMC as that is much more powerful then the management through ASDM.

sifathmirza · ‎03-26-2016

ASA Firepower software module managed via ASDM and FPMC , but we have ASA with FirePower Services (5525) single device, for this can we access through ASDM ?

Thank You.

Karsten Iwen · ‎03-26-2016

FP is managed through ASDM *or* FPMC. You have to decide how you want to manage it. For ASDM, you have to upgrade the software, ASDM-management for 5525-X was introduced with FP6.

sifathmirza · ‎04-13-2016

Thanks Karsten ,

What about Firepower 8130 appliance ,, can we manage single appliance without FPMC.

Marvin Rhoads · ‎04-13-2016

The dedicated FirePOWER appliances, such as the 8130, require FirePOWER Management Center (previously known as FireSIGHT Management Center and Defense Center).

There is no "on-box" management or ASDM equivalent for them at this time.

sifathmirza · ‎04-14-2016

Thank you Marvin,

1) For updating ASA with FirePOWER Services 5.4.0 to 6.0.0 , what about ASA with FirePOWER Services Boot Image , is it update automatic or we need to do any thing.

2) Is it possible to install ASA with FirePOWER Services (6.0.0) directly without updating, how, In cisco software services it showing 5506-X boot image only .

3) I have ASA with FirePOWER Services 5.4.0 , can i upgrade to 6.0.0 without management center (FPMC) . can you please tell me what is the best process to upgrade FP and use ASDM.

Marvin Rhoads · ‎04-14-2016

The boot image is only necessary when building a FirePOWER module for the first time or when re-imaging it. Think of it as like formatting the disk on a PC and installing an OS from bare disk.

Upgrades do not requiring use of the boot image if you are starting with a functioning ASA FirePOWER module. The only exception is if you have a 5512/15/25/45/55 model running FirePOWER 5.3 and do NOT have a management center. In those cases where you want to move to 6.0 you have to reimage the module and start with the boot image and then add the system image after the initial bootstrapping. In that case, you can follow the process described here: http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html

To use ASDM to upgrade an ASA 5506/08/16 you need to download the new system image(s) and use the FirePOWER configuration tab in ASDM to upload it onto the module and perform the upgrade.

The ASA 5506 upgrade image, for example, would be "Cisco_Network_Sensor_Upgrade-6.0.0-1005.sh" and can be found here:

https://software.cisco.com/download/release.html?mdfid=286283326&flowid=77251&softwareid=286277393&release=6.0.1&relind=AVAILABLE&rellifecycle=&reltype=latest

(for users with a valid service contract who are entitled to upgrade).

Note you should first run the pre-install script found on the same page and then later patch it to the latest version (currently 6.0.1-29).

All of that you would do via ASDM.

Peter Koltl · ‎03-26-2016

The FirePOWER software package on the SSD is called an (SFR) module even if it's a 5525 single device.

Firepower management center is mandatory for