Onboard an FDM-Managed Device Using Username, Password, and IP Address

Use this procedure to onboard an FDM-managed device using only the device credentials and the device's Management IP address. This is the simplest method of onboarding an FDM-managed device. However, the recommended way of onboarding an FDM-managed device to CDO is by using a registration key.

Before you begin

Important

Before you onboard an FDM-managed device to Cisco Defense Orchestrator, read Onboard an FDM-Managed Device and Connect Cisco Defense Orchestrator to your Managed Devices. They provide the general device requirements and onboarding prerequisites needed to onboard a device.

You need the following information to onboard an FDM-managed device using the credentials method:
- The device credentials CDO will use to connect to the device.
- The device's IP address of the interface you are using to manage the device. This may be the Management interface, an inside interface, or the outside interface depending on how you have configured your network.
- The device must be managed by Secure Firewall device manager and configured for local management in order for you to onboard it to CDO. It cannot be managed by Secure Firewall Management Center.

Note	If you connect to https://www.defenseorchestrator.eu and your FDM-managed device is running software version 6.4, you must use this method. You can only onboard an FDM-managed device running software version 6.5+.

Procedure

Step 1

Step 2

In the navigation pane, click Inventory and click the blue plus button to Onboard a device.

Step 3

Click FTD.

Important

When you attempt to onboard an FDM-managed device, CDO prompts you to read and accept the Secure Firewall Threat Defense End User License Agreement (EULA), which is a one-time activity for your tenant. Once you accept the EULA, CDO won't prompt you again to accept it unless the EULA changes.

Step 4

In the onboarding wizard, click Use Credentials.

Step 5

In the Device Details step:

Click the Secure Device Connector button and select a Secure Device Connector (SDC) installed in your network. If you would rather not use an SDC, CDO can connect to your FDM-managed device using the Cloud Connector. Your choice depends on how you connect CDO to your managed devices.
Enter the device name in the Device Name field. This could be the hostname of the device or any other name you choose.
In theLocation field, enter the IP address of the interface you are using to manage the device, hostname, or fully qualified domain name of the device. The default port is 443.

Important

If you already have a SecureX or Cisco Threat Response (CTR) account, you will need to merge your CDO tenant and SecureX/CTR account in order for your devices to be registered with SecureX. Your accounts can be merged through the SecureX portal. See Merge Your CDO and SecureX Accounts for instructions. Until your accounts are merged, you will not be able to see your device’s events in SecureX or benefit from other SecureX features.

Step 6

In the Database Updates area, the Immediately perform security updates, and enable recurring updates is enabled by default. This option immediately triggers a security update as well as automatically schedules the device to check for additional updates every Monday at 2AM. See Update FTD Security Databases and Schedule a Security Database Update for more information.

Disabling this option does not affect any previously scheduled updates you may have configured through FDM.

Click Next.

Step 7

Enter the device administrator's username and password and click Next.

Step 8

If there are pending changes on the device's Secure Firewall device manager, you will be notified and you can revert the changes or log in to the manager and deploy the pending changes. If there are no pending changes on Secure Firewall device manager, you will not see a prompt.

Step 9

(Optional) Add a label the device. See Labels and Label Groups for more information.