a) Under System Settings, click Cloud Services.
b) Click Get Started in the Cisco Defense Orchestrator group.
c) In the Region field, choose the Cisco cloud region to which your tenant is assigned:
• Choose US if you log in to defenseorchestrator.com.
• Choose EU if you log in to defenseorchestrator.eu (Version 6.5).
• Choose APJ if you log in to apj.cdo.cisco.com (Version 6.5).
d) In the Registration Key field, paste the registration key that you generated in CDO.
e) Click Register and then Accept the Cisco Disclosure. FDM sends the registration request to CDO.
Step 9 Return to CDO. In the Smart License area, apply your Smart License to the FTD device and click Next.
For more information, see Configure Licensing, on page 49. Click Skip to continue the onboarding with a
90-day evaluation license.
Step 10 In the Done area, click Go to devices to view the onboarded device.
Step 11 On Devices & Services, observe that the device status progresses from "Unprovisioned" to "Locating" to
"Syncing" to "Synced".
Onboard an FTD Using Credentials and IP Address
You can onboard an FTD using login credentials (username and password) and the IP address or FQDN.
However, we recommend that you onboard your device with a registration key because it is not dependent
on a static IP address and does not require an on-premises SDC; see Onboard the FTD with a Registration
Key (Recommended), on page 42.
Before you begin
• You can use this method to onboard your device to the US, EU, or APJ regions.
• Your device MUST be managed by Firepower Device Manager (FDM). Make sure that there are no
pending changes waiting on the device.
• Your device can use either a 90-day evaluation license or it can be smart-licensed. You will not need to
unregister licenses installed on the device from the Cisco Smart Software Manager.
• We recommend that you deploy an on-premises Secure Device Connector (SDC) connected to the inside
interface. Alternatively, if you want to use a cloud SDC through the outside interface, you need to allow
HTTPS access on outside (FDM System Settings > Management Access), which is not recommended
for security reasons. For more information about the SDC, see How Cisco Defense Orchestrator Works
with Firepower Threat Defense, on page 26.
• Configure the interface used for CDO management/SDC communication with a static IP address, or use
Dynamic DNS (DDNS) to maintain a consistent FQDN. You can configure DDNS in FDM.
Cisco Firepower 1100 Getting Started Guide
47
Firepower Threat Defense Deployment with CDO
Onboard an FTD Using Credentials and IP Address
To Next Page
Loading...
Need help?
General