Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1712
Views
1
Helpful
7
Replies

Is there a way to migrate from FMC to cdFMC?

Go to solution
SIMMN
Spotlight
Spotlight

‎09-26-2023 10:33 AM - edited ‎09-26-2023 10:34 AM

Say I have a FMCv (running in VMware) managing about 20 FTD firewalls (1k and 2k models) currently. I want to plan to move my existing FMCv to cdFMC within CDO. Is there a way to migrate the existing FMC configuration, such as the policies and objects, into the cdFMC? I have not found a potential option yet...

Assuming there is no such migration path yet, does it mean cdFMC is really just for greenfield?

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-26-2023 11:52 AM

It's supported. See https://docs.defenseorchestrator.com/#!g-about-the-cloud-delivered-firewall-management-center-in-cdo.html

"A migration wizard is available to help you migrate your Secure Firewall Threat Defense devices from your on-premises Secure Firewall Management Center to the cloud-delivered Firewall Management Center. The devices must have Threat Defense software Version 7.0.3 or a later 7.0.x release, or Version 7.2 or later installed to be migrated. Threat Defense 7.1 releases are not supported."

View solution in original post

0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Marvin Rhoads

‎09-29-2023 05:59 AM

Confirmed verbally with Cisco: "CDO will onboard the devices and import all shared policies and associated objects, device-specific policies, and device configuration from the management center to CDO".

View solution in original post

7 Replies 7

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-26-2023 11:52 AM

It's supported. See https://docs.defenseorchestrator.com/#!g-about-the-cloud-delivered-firewall-management-center-in-cdo.html

"A migration wizard is available to help you migrate your Secure Firewall Threat Defense devices from your on-premises Secure Firewall Management Center to the cloud-delivered Firewall Management Center. The devices must have Threat Defense software Version 7.0.3 or a later 7.0.x release, or Version 7.2 or later installed to be migrated. Threat Defense 7.1 releases are not supported."

0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Marvin Rhoads

‎09-26-2023 12:27 PM

Thanks, Marvin. But thats not really what I am looking for... Apologize if I was not clear on the question...

I am aware of the option to migrate FTD from on-prem to cdFMC, once the on-prem FMC is onboarded in CDO...But I am looking for the option to migrate FMC configuration from on-prem to cdFMC, such as the policies, VPN, objects etc...

Unless the migration wizard mentioned in your link does those as well when migrating existing FTDs to cdFMC???

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to SIMMN

‎09-26-2023 08:00 PM

I don't have access to a cdFMC at the moment, but I believe the wizard mentioned actually migrates the devices' management. It's not just onboarding an on-prem FMC to the cloud.

0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Marvin Rhoads

‎09-27-2023 05:18 AM - edited ‎09-27-2023 05:20 AM

You referring to this migration wizard (screenshot below), right? I do not have a viable lab to try it out but I think the wizard would migrate FTD registration and FTD local configuration (Interface, routing etc.). But will it also migrate the configuration within on-prem FMC for the FTD, such as the ACP, NAT, Objects and VPN, to cdFMC? 

Screenshot 2023-09-27 092034.png

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to SIMMN

‎09-27-2023 05:36 AM

Yes, it's my understanding that everything needed to manage the selected devices will be migrated from the OnPrem FMC to the cdFMC using this wizard.

0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Marvin Rhoads

‎09-29-2023 05:59 AM

Confirmed verbally with Cisco: "CDO will onboard the devices and import all shared policies and associated objects, device-specific policies, and device configuration from the management center to CDO".

Go to solution
SIMMN
Spotlight
Spotlight

‎09-27-2023 05:44 AM

Okey, will see if I would be able to find more specific doc or get a temp lab to give this migration wizard a try...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card