If you want to manage your firewalls through CLI then the option would be to spin up ASA code on those appliances, however, I wouldn't recommend it as as @Rob Ingram said, the ASA firewalls do not support the next gen firewalls features, but tbh it all depends on what you want to do with those firewalls and if you have additional next gen core firewalls in your network.
The FTD CLI is very limited, it is true that there are a few commands you can use from the CLI, but there is nothing such as you go and configure things in the ASA way. With FTD there are two CLI modes, one is called CLISH which is the default landing mode where you see the ">" sign, and another which is the "expert" mode where you see the "#" sign. To go into the expert mode you type "expert" from the CLISH and it takes you to the Linux based operating system on the FTD which is called FXOS (Firepower eXtensible Operating System). If you want to get to the ASA looks and feel CLI (Lina engine), then one way to do that is from the CLISH mode, you type "system support diagnostic-cli", however, that will not allow you to go into the configure terminal mode. From there you can still run some troubleshooting commands such as packet capture, packet-tracer, show commands and debugs, so only for troubleshooting purpose and obv if you want to parse some of the device configuration.
Take a look at this list just to give you a rough idea of what you can get when you connect to the FTD CLISH in terms of commands:
>
aaa-server Specify a AAA server
activate-tunnel-group-scripts Reload ASDM generated scripts for username-from-certificate
app-agent Configure appagent features
asp Configure ASP parameters
attribute Modify a monitored attribute
blocks Set block diagnostic parameters
capture Capture inbound and outbound packets on one or more interfaces
capture-traffic Display traffic or save to specified file
clear Reset functions
cluster Cluster exec mode commands
configure Change to Configuration mode
conn Connection
connect Connect to another component.
copy Copy from one file to another
cpu general CPU stats collection tools
crypto Execute crypto Commands
debug Debugging functions (see also 'undebug')
delete Delete a file
dir List files on a filesystem
dns List files on a filesystem
dynamic-access-policy-config Activates the DAP selection configuration file.
eotool Change to Enterprise Object Tool Mode
exit Exit this CLI session
expert Invoke a shell
failover Perform failover operation in Exec mode
file Change to File Mode
fips Execute FIPS tests
fsck Filesystem check
help Interactive help for commands
history Display the current session's command line history
ldapsearch Test LDAP configuration
logging Configure flash file name to save logging buffer
logout Logout of the current CLI session
memory Memory tools
more Display the contents of a file
no Negate a command or set its defaults
nslookup Look up an IP address or host name with the DNS servers
packet-tracer trace packets in F1 data path
perfmon Change or view performance monitoring options
pigtail Tail log files for debugging (pigtail)
ping Test connectivity from specified interface to an IP address
pmtool Change to PMTool Mode
reboot Reboot the sensor
redundant-interface Redundant interface
restore This command is used to restore FTD from sfr prompt
sftunnel-status Show sftunnel status
sftunnel-status-brief Show sftunnel status brief
show Show running system information
shun Manages the filtering of packets from undesired hosts
shutdown Shutdown the sensor
system Change to System Mode
tail-logs Tails the logs selected by the user
test Test subsystems, memory, interfaces, and configurations
traceroute Find route to remote network
undebug Disable debugging functions (see also 'debug')
upgrade Install Upgrade Package
verify Verify a file
vpn-sessiondb Configure the VPN Session Manager
webvpn-cache Remove cached object
>
> configure
audit_cert Change to Audit_cert Configuration Mode
CGroups-logging-timer Set CGroups logging time in minutes
coredump Change to Coredump Configuration Mode
crl Add a CRL URL
disable-https-access Disable https access
disable-ssh-access Disable ssh access
firewall Change to Firewall Configuration Mode
flow-offload Configure dynamic flow offload
high-availability Change to Configure High-Availability Mode
https-access-list Configure the https access list
identity-subnet-filter Modify subnet filters
inspection Configure default inspection for firewall
log-events-to-ramdisk Configure Logging of Events to disk
manager Change to Manager Configuration Mode
mini-coredump mini-coredump generation enable/disable
network Change to Network Configuration Mode
password Change password
periodic-memstats-dump Enable/disable periodic dumping of preprocessors memory stats
policy Change to policy rollback Mode
policy-deploy-debug Enable or Disable debug log for policy deploy
snort Configure Snort options
ssh-access-list Configure the ssh access list
ssl-protocol Configure SSL protocols for https web access.
syslog_server Change to Syslog Server config Mode
tcp-randomization Configure tcp connection randomization
unlock_time Set unlock time for a locked out user (CC/UCAPL mode only)
user Change to User Configuration Mode
user-time-zone set user time zone
