Onboard an FDM-Managed Device Running Software Version 6.6+ Using a Registration Key

This procedure describes how to onboard an FDM-managed device running Version 6.6+ using a registration key. This method is the recommended way of onboarding the FDM-managed device to Security Cloud Control and is beneficial if your FDM-managed device is assigned an IP address using DHCP. If that IP address changes for some reason, your FDM-managed device remains connected to Security Cloud Control. Additionally, your FDM-managed device can have an address on your local area network, and as long as it can access the outside network, it can be onboarded to Security Cloud Control using this method.

Warning

If you already have a SecureX or Cisco Threat Response (CTR) account, you will need to merge your Security Cloud Control tenant and SecureX/CTR account in order for your devices to be registered with SecureX. Until your accounts are merged, you will not be able to see your device's events in SecureX or benefit from other SecureX features. We strongly recommend merging your accounts before you create a Security Cloud Control module in SecureX. Your accounts can be merged through the SecureX portal. See Merge Accounts for instructions.

If you want to onboard an FDM-managed device running version 6.4 or 6.5, see Onboard an FDM-Managed Device Running Software Version 6.4 or 6.5 Using a Registration Key.

Before Onboarding

  • This method of onboarding is currently available for version 6.6+ and to customers connecting to https://us.manage.security.cisco.com, https://eu.manage.security.cisco.com, or https://apj.manage.security.cisco.com.

  • Review Connect Security Cloud Control to your Managed Devices for the networking requirements needed to connect Security Cloud Control to your FDM-managed device.

  • Make sure your device is managed by Secure Firewall device manager, not Secure Firewall Management Center.

  • The device can be using a 90-day evaluation license or it can be smart-licensed. Devices running version 6.6+ can be onboarded to Security Cloud Control using a registration key without unregistering any installed smart licenses.

  • The device cannot already be registered with Cisco Cloud Services. See "Unregistering an FDM-Managed Device from Cisco Cloud Services" below before onboarding.

  • Log in to the device's Secure Firewall device manager UI and make sure that there are no pending changes waiting on the device.

  • Make sure DNS is configured properly on your FDM-managed device.

  • Make sure the time services are configured on the FDM-managed device.

  • Make sure the FDM-managed device shows the correct date and time otherwise the onboarding will fail.

What to do next:

Do one of these things: