Solved: FMC Domain Management

benolyndav · ‎01-31-2024

HI

x4 FTD manged by vFMC only x2 in production presently, I want to creat a seperate Domain for The Internet facing FTDs

so if I creat a domain called Internet and place the Internet facing FTDs in the domain, I get a warning saying there are deivces assigned to non leaf domains if I dont create a new leaf domain and keep unassigned for these devices will they stay in global domain and be ok.? also if I do create a new leaf domain and call it Inside and add thes 2 FTDs to the domain beacuse these 2 FTDs are in production does this caus any inetruptions . ??
Is it best practice to have seperate domains for seperate Devices e.g Internet facing, Inside FTDs, Data Centre FTDs?

Thanks

Marvin Rhoads · ‎01-31-2024

Domains are not commonly used in single organization enterprises.

The concept is intended more for managing an FMC that accommodates multitenancy - for instance a managed service provider owns the FMC (global level) and assigns customers to domains (second and/or third level) so that they can manage their assigned devices.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/admin/740/management-center-admin-74/system-domains.html

View solution in original post

Marvin Rhoads · ‎01-31-2024

Domains are not commonly used in single organization enterprises.

The concept is intended more for managing an FMC that accommodates multitenancy - for instance a managed service provider owns the FMC (global level) and assigns customers to domains (second and/or third level) so that they can manage their assigned devices.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/admin/740/management-center-admin-74/system-domains.html