Skip to main content



Cisco Defense Orchestrator

Onboard an FTD Using Username, Password, and IP Address

This is the simplest method of onboarding a Firepower Threat Defense (FTD) Device. However, the recommended way of onboarding an FTD to CDO is by using a registration key. 

Before Onboarding

Important: Before you onboard an FTD device to CDO, read Onboard an FTD. It lists the general device requirements and onboarding prerequisites needed to onboard a device.

You need the following information to onbaord an FTD using this method:  

  • The device's administrator username and password.
  • The device's IP address of the interface you are using to manage the device. This may be the MGMT interface, an inside interface, or the outside interface depending on how you have configured your network.
  • The FTD must be managed by Firepower Device Manager (FDM) and configured for local management in order for you to onboard it to CDO. It cannot be managed by Firepower Management Center (FMC). 

Note: If you connect to and your FTD is running software version 6.4, you must use this method. You can only onboard an FTD device running software version 6.5+.

Onboarding Procedure

Use this procedure to onboard an FTD device using only the administrator username and password and the device's Management IP address:

  1. Log in to CDO.
  2. In the navigation pane, click Devices & Services and click the blue plus button blue_cross_button.png to Onboard a device.
  3. Click on FTD.

Important: When you attempt to onboard an FTD device, CDO prompts you to read and accept the Firepower Threat Defense End User License Agreement (EULA), which is a one-time activity in your tenant. Once you accept this agreement, CDO doesn't prompt it again in subsequent FTD onboarding. If the EULA agreement changes in the future, you must accept it again when prompted.

  1. On the Onboard FTD Device screen, click Use Credentials.
  2. Provide a name for your device.
  3. In the Device Location field, enter the IP address of the interface you are using to manage the device, hostname, or fully qualified device name of the device. The default port is 443. 
  4. Click Go.
  5. Once the location of the device is verified, you're prompted to enter the device administrator's username and password. 
  6. In the Database Updates area, the Immediately perform security updates, and enable recurring updates is enabled by default.
    This option immediately triggers a security update as well as automatically schedules the device to check for additional updates every Monday at 2AM. See Update FTD Security Databases and Schedule a Security Database Update for more information.
    Note: Disabling this option does not affect any previously scheduled updates you may have configured through FDM.
  1. Click Connect.
  2. (Optional) Once the credentials are verified, you're prompted to label the device. See Labels and Label Groups for more information.
  3. (Optional) Label your device and click Finish.
  4. Once the device is onboarded, CDO shows it on the Devices & Services page with a "Synced" status.

Related Topics