Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Does anyone have experience using the Threat Defense Model Migration? We are migrating from a 2110 in HA to a 3105 in HA. We are debating whether to do this manually or is it less error prone to use the migration utility built into FMC?
Thanks, I have the guide. I just have not tried this yet. If it works well, it looks like it would be a time saver. If it tends too be buggy, I think I'd rather manually do the migration to avoid delays with opening TAC cases.
@davparker if the FTD is managed by an FMC you can just configure the basic to establish network connectivity and then apply the same policies already in use on the existing firewall.
Thanks, it is. I'm leaning this way. Seems like the outcome might be more predictable. I've stood up enough of these lately. Also I can't find much of anything on user's experience using the Migrate tool. If it could migrate certificates I'd take a crack at it, but it looks like we'll need to re-enroll those no matter which way we go.
@davparker it's simple enough to export/import the certificates - or better create new if internally signed certificate. Most of the time I prefer manual migrations (any vendor) as it's a good chance to get tweak the implementation and not migrate poor configuration.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
