cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
560
Views
3
Helpful
5
Replies

Is it possible to have independent firewall management?

The client has managed through an FMC Virtual 2 firepower 1120 and 1010 respectively, it
requires independent management of Firewall 1120 with respect to 1010, for example, user A can enter FMC 1120 but cannot see anything from 1010, he can use a single Firepower management center to manage network security and vice versa

5 Replies 5

@gabriel_moctezuma I've not personally tried it but you can use "domains"

The Firepower System allows you to implement multitenancy using domains. Domains segment user access to managed devices, configurations, and events. https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/domain_management.html?bookSearch=true

One FMCv 

Two FPR 

Two Admin

Each Admin controle one FPR?

That is case ?

Yes is the case, The idea is that Admin A can access the FMC and make changes to a specific FPR but not be able to make changes to the other FPR team within the same FMC.

You can achieve that by using domains on the FMC as pointed out by @Rob Ingram .

as @Rob Ingram mention the only way is via config two domain, one for each ADMIN 

Review Cisco Networking for a $25 gift card