Onboard an On-Premises Management Center to Security Cloud Control

Security Cloud Control provides the following methods to onboard on-premises management centers:

Note

Security Cloud Control complements FMC by allowing you to:

Drive consistent policy through shared object management with FMCs.

For more information, see the Objects section on Managing On-Prem Firewall Management Center with Cisco Security Cloud Control.
Enable zero-touch provisioning of Threat Defense devices.

For more information, see Onboard a Device to On-Premises Management Center with Zero-Touch Provisioning.
Get a centralised view of Inventory.

For more information, see Device and Service Management.
Leverage cloud CSDC and cdFMC.

For more information, see Cisco Secure Dynamic Attributes Connector.

Limitations and Guidelines

These are the limitations applicable to onboarding an on-premises management center:

Onboarding an on-premises management center also onboards all of the devices registered to the on-premises management center. Be aware that if a managed device is disabled, or unreachable, Security Cloud Control may display the device in the Inventory page, but cannot successfully send requests or view device information.
We recommend creating a new user on the on-premises management center specifically for Security Cloud Control communication that has administrator-level permissions. If you onboard an on-premises management center and then simultaneously log into that on-premises management center with the same login credentials, onboarding fails.
If you create a new user on the on-premises management center for Security Cloud Control communication, the Maximum Number of Failed Logins for the user configuration must be set to "0".
For On-Premises Management Centers running version 7.4 and older, if you experience a switchover and the FMC is no longer connected to the cloud, try disabling SecureX and then re-enabling it.