Starting with Firepower Threat Defense (FTD) 6.5, you can send connection events, intrusion, file, and malware events directly from your FTD device to the Cisco cloud. Once in the Cisco cloud, you can monitor them with Cisco Defense Orchestrator (CDO) and analyze them with Cisco Stealthwatch Cloud (SWC). This method does not require installing a Secure Event Connector (SEC) container on the Secure Device Connector (SDC) virtual machine.
Before you Begin
Review these topics:
- Log on to the Firepower Device Manager (FDM) for the FTD from which you want to send events to the Cisco cloud.
- Select Device > System Settings > Cloud Services.
- In the Send Events to the Cisco Cloud pane, click Enable.