Skip to main content



Cisco Defense Orchestrator

Software and Hardware Supported by CDO

This article describes the software and hardware versions that CDO supports.

Device Support Summary

Hardware Support Software Support Notes


  • ASA 5500-X Series
  • Firepower 2100 series
  • Firepower 4100 series
  • Firepower 9300 
  • ISA 3000
  • ASAv

ASA Version 8.4+

See the Cisco ASA Compatibility Matrix for a complete list of supported ASA hardware and software combinations. See ASA Hardware and Software Support Specifics for more information.

Firepower Threat Defense

  • ASA 5508-x, ASA 5515-x, ASA 5516-x, ASA 5525-x, ASA 5545-x, ASA 5555-x
  • Firepower 2100 Series
  • Firepower 1000 series
  • FTDv

Firepower 6.4.0

Firepower 6.4.0.x

All CDO FTD PIDs are orderable in CCW, including for the Firepower 1000 series and Virtual FTD. The PIDs are platform specific, but common for ASA and FTD. Please consult our ordering guide in Salesconnect for more details.

To review the features we support in this initial release, review Managing Firepower Threat Defense with Cisco Defense Orchestrator.

See Onboard Firepower Threat Defense Devices for a full discussion of onboarding prerequisites and requirements.

Meraki Security Appliance

  • MX Series
  • Meraki Templates

Meraki MX devices and the Meraki dashboard receive regular software updates through the Meraki cloud.

CDO works with the latest version of the Meraki dashboard to manage layer 3 network rules enforced by Meraki MX devices. See Managing Meraki MX with Cisco Defense Orchestrator for more information. 

You must register an MX device to, or create a template in, the Meraki dashboard before onboarding it to CDO. 

ASA Hardware and Software Support Specifics

See the Cisco ASA Compatibility Matrix for a complete list of supported ASA hardware and software combinations. CDO manages any supported ASA hardware and software combination with these caveats: 

  • CDO can manage an ASA running ASA 8.4 software or greater on whatever hardware it is installed.
  • CDO can onboard an ASA running ASA 8.3 but cannot deploy changes to it or manage it in any other way. Support is "read-only."

Note: There may be a CDO feature that does not support all versions of ASA, such as ASA Upgrade. In those cases, the documentation will list any version exceptions with the prerequisites for that feature. 

Firepower Threat Defense Support Specifics

Firepower Threat Defense is Cisco's next generation firewall software image. It strives to combine the best of Sourcefire's next generation firewall services and the ASA platform. It can be installed on a number of different ASA and Firepower hardware devices or virtual machines. This is not the same as an ASA FirePOWER module. 

See the Cisco Firepower Compatibility Guide for explanations of what Cisco hardware supports what versions of Firepower software.

Unsupported Devices 

The CDO documentation describes software and devices it supports. It does not point out software and devices that CDO does not support. If we do not explicitly claim support for a software version or a device type, then we don’t support it.  

Specifically, however, we do not support the ASA Service Module (ASASM) at this time.