About Auto-Onboarding an On-Prem Firewall Management Center to CDO

Note

The Discover From SecureX Account method for onboarding an on-prem Secure Firewall Management Center to CDO is not supported in the Australia region. You must use the Use Credentials method to onboard the management center in this region instead.

As a Super Admin or Admin user on CDO, you can use the platform's auto-onboarding of on-prem management centers functionality. This feature automatically initiates the onboarding process for all on-prem management centers that are running Version 7.2 or later and are linked to your SecureX tenant or registered to the Cisco Security Cloud. Additionally, it also onboards the threat defense devices that are connected to those on-prem management center.

This feature is enabled by default in CDO, so you can expect all on-prem management centers and threat defense devices to be automatically onboarded, which can significantly enhance efficiency. CDO polls SecureX for new on-prem management centers every hour. It onboards the active on-prem management center high availability (HA) pair.

Note that a new CDO tenant also comes with this feature enabled by default. This feature holds good for you if you have an on-prem management center running Version 7.2 and later and if you fit into one of the following categories:

Register your on-prem management center through SecureX for the first time and you do not have a CDO tenant

If you have an on-prem management center that is not registered through SecureX, you can register it to the Cisco Security Cloud through CDO. See Cisco Secure Firewall Management Center (Version 7.2 and later) and SecureX Integration Guide for instructions on how to do this. If you do not have a CDO account already, you will be prompted to create one for yourself during the registration process, which your on-prem management center then uses to connect to the Cisco Security Cloud.

Auto-onboard an already registered on-prem management center to a new CDO tenant

If you have an on-prem management center that is already registered through SecureX and when you create a new CDO tenant, because CDO comes with the auto-onboarding of on-prem management centers feature enabled by default, you can expect your on-prem management center to get onboarded to CDO right away. See Create a CDO Tenant for more information.

Auto-onboard an already registered on-prem management center to an existing CDO tenant

If you already have a CDO tenant and an on-prem management center registered with SecureX, and you want to onboard your on-prem management center to CDO for the first time, enable the Auto onboard On-Prem FMCs using SecureX tenant toggle.

If you do not see your on-prem management center getting onboarded even after enabling the toggle, make sure again that your CDO and SecureX or Cisco XDR tenant accounts are merged. See Merge Accounts for instructions. After merging, log out and log in back to your CDO tenant and try disabling and enabling the Auto onboard On-Prem FMCs using SecureX tenant toggle.