05-13-2020 07:58 AM
HI,
We bought two ASA 5525-X with url filtering. I would like to manage them with FDM if possible. We don't want to buy FMC console.
Every documentation talk about fdm to manage cisco with FTD image .... I'm a bit confuse.
Is there any documentation or config guide to follow for this kind of setup ?
Thanks,
05-13-2020 10:47 AM
Did you purchase the ASA with Firepower Threat Defense (FTD) image? If so then, yes - you can manage them with Firepower Device Manager (FDM). The FDM configuration guides are all linked on this page:
If you have ASAs running the ASA software image and Firepower service module then you would use ASDM. In that case you have to first setup the module:
https://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/sfr/firepower-qsg.html#pgfId-152956
05-13-2020 10:58 AM
We purchase ASA without the FTD image.
We only purchase ASA software image and firepower service module (url filtering only perhap) .
So Would it be possible to manage firewall rule and firepower module with ASDM completely ? Will certain function will have to be configure with a separate console like FMC ?
Thanks,
05-13-2020 11:14 AM
Yes you can configure and manage it all via ASDM.
Some of the more advanced IPS setup can only be done in FMC but the URL Filtering setup can all be done in ASDM.
Historical reporting of Firepower events is not available with ASDM.
Also, you have to manually configure each module separately - even if they are in ASAs that are otherwise an HA pair. ASA HA isn't aware of nor does it sync the service module configurations.
FMC addresses all of those issues and more but does require an ESXi (or KVM or AWS) server to run it on and a license.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide