FP 2100 on box mgmt

Wise_Man_1 · ‎02-22-2017

Hi,

with the launch of the new FP2100 family, it states that it has FDM for on box mgmt, is this a full fledged mgmt platform , i.e. if I use it I don't need to use FMC at all, or is it just a cut down version like the ASA5500X on box mgmt for basic functionality

Thanks

Wise

Dennis Perto · ‎02-22-2017

It is the same Firepower Device Manager that you can use on the ASA5500-X series.

https://www.youtube.com/watch?v=PW8EnCBafXw

Marvin Rhoads · ‎02-22-2017

Think of it (FDM) like ASDM without Java.

FMC remains the management platform of choice and has full capabilities that FDM does not (local database, ability to configure FlexConfig, etc.).

Bart Jan Menkveld · ‎02-23-2017

Hello Wise Man,

the FMC is more than just a device manager: it stores your logs, it helps you investigate incidents, it connects to AMP and threathgrid etc. It is the first tool a security analist will look at.

If your use case is just "drop a firewall and forget about it" I would first say: Maybe some education is in order, but if that use case is valid: no you won't need the FMC. But all the extra functionality FMC brings you is also missing.

Hope this helps!

Regards,

Bart Jan

Wise_Man_1 · ‎02-24-2017

Thank you all for your response, usually when responding to RFP's, I have to add the FMC to fulfill the mgmt requirements for the FP appliances, FDC has a limited set of features, I just wanted to know if there is a document that compares between both, the only thing I found on CCO is this http://www.cisco.com/c/en/us/products/security/security-management/firepower-device-manager.html

but it does not include what the real feature set is

Best Regards

Wise

Dennis Perto · ‎02-24-2017

You should watch this video :)

Site to site VPN is supported in FTD 6.2 with onbox management though.

https://www.youtube.com/watch?v=K6QYCLLOfDc