Solved: Firepower management center

Ricky Sandhu · ‎03-05-2020

Hi all, I am planning on deploying FTDs in all my branch offices. I also have a number of ASA-x deployed and I currently manage them individually via ASDM. Reason I am leaning towards FTDs and not more ASAs in the environment is simply because ASAs are slowly going EOL and frankly the idea of FTD seems better aligned with my experience with ZBFWs. I have a much better understanding of ZBFW than the ASAs. Now my question, I understand I will need FMC to manage the FTDs. Can the FMC also manage my existing ASA-x? I am not talking about just the FIREPOWER services but also the main Firewall similar to ASDM.

Francesco Molino · ‎03-05-2020

Hi

Unfortunately, FMC won't be able to manage ASA configs. You'll need to convert these ASAs to FTD unified image to be able to manage them through FMC.

The other solution could be to have all devices in FTD locally managed (FDM) and use CDO (Cisco Defense Orchestrator on cloud or on premise) instead of FMC. With CDO you'll be able to manage both FTD and ASA devices

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Francesco Molino · ‎03-05-2020

Hi

Unfortunately, FMC won't be able to manage ASA configs. You'll need to convert these ASAs to FTD unified image to be able to manage them through FMC.

The other solution could be to have all devices in FTD locally managed (FDM) and use CDO (Cisco Defense Orchestrator on cloud or on premise) instead of FMC. With CDO you'll be able to manage both FTD and ASA devices

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Marvin Rhoads · ‎03-05-2020

+1 for CDO as the management solution. It's much easier to manage a mix of FTD and ASA that way.

Rob Ingram · ‎03-06-2020

__