View Threat Defense Migration Jobs

You can see the status of all migration jobs that are initiated from CDO. You can expand a job to see the status of individual devices associated with the management center.

If you have configured to receive alerts for device workflows, click the notifications icon to view the alerts that have occurred during migration. You will also receive an email notification if you have subscribed to get email notifications from CDO.

Once a migration job is successful, you have 14 days to evaluate your devices using CDO. During this period, you can modify or change specific actions or change the management of these devices back to the management center.

We recommend committing the devices manually if you are convinced with the migration changes. CDO auto-commits the changes after the evaluation period expires without requiring further action from you. The commit action applies the changes to devices. See Commit Manager Changes Manually.

Once the changes are committed, you can't revoke the actions that are specified in the window.


Changes can be made and deployed to the device using CDO in the evaluation period. If you choose to revert the device management back to the management center, the CDO-specific changes that are made during the evaluation period will not be retained on the device after reverting its manager. You must deploy the changes from the on premise management center to the device after reverting its manager.

  • Name: Represents the job name which shows the management center name and the date and time when the job was initiated.

  • Number of FTDs: This shows the total number of devices that are being migrated to the cloud.

  • Status: Displays the status of the job. Expand the job to see the status of individual devices.

    When a job is completed successfully, the FTD Migration job is successful message appears in the Status column. You can click the tooltip to see the number of days remaining for evaluating the manager.

    You can click Commit manage changes to commit the changes manually before the 14 days evaluation period ends.

  • Last Update: The date and time are updated only when a change is made to the device.

  • Actions:

    • Workflows: Provides a link that directs you to the workflows page for monitoring the job. See Workflows Page.

    • Download Report: Allows you to generate and download a report of every job that is completed successfully. See Generate Threat Defense Migration Report.

    • Commit Manager Changes: Allows you to apply the changes manually to devices before the evaluation period ends. See Commit Manager Changes Manually.

    • Remove Migration Job: Allows you to remove a completed job. The link is available only for completed jobs.

After a successful migration, CDO deploys the configuration to the device. If the system identifies errors or warnings in the changes to be deployed, it displays them in the Validation Messages window. To view complete details, click the arrow icon before the warnings or errors. If the deployment fails, see the Best Practices for Deploying Configuration Changes section of Firepower Management Center Device Configuration Guide X.Y.


During the 14-day evaluation period, you cannot delete a device or an OnPrem FMC from CDO. Do one of the following and then delete the device or OnPrem FMC:

Configure Relam Sequence for Identity Policy

If the device contains an identity policy with a Realm or ISE configuration, configure your device as a proxy for CDO to communicate with the identity source. The identity policies don't function if CDO fails to connect to the Identity Realms.

A tooltip appears in the Status column for a device that requires additional configuration.

  1. Click the tooltip icon and then click Learn more.

  2. In the Configure Proxy window, click Configure my realms.

    To add a proxy sequence, see the Create a Proxy Sequence section in the Firepower Management Center Device Configuration Guide, 7.2.

Analytics Only Threat Defense Device Example

CDO creates two instances of the same device that is configured to retain on the management center for analytics.

The device instance with FMC FTD and Analytics Only labels shows that the management center handles the analytics. The device instance with the FTD label indicates that CDO manages its configuration.

You can manage the configuration of the device using CDO. To see the device in the Cloud-delivered Firewall Management Center, do the following:

Select the device having FTD label and in the Management pane on the right, click Device Summary.

You can view the events from the device in the management center. To see the events, do the following:

  1. Select the device having FMC FTD and Analytics Only labels and on the right, click the Manage Devices link.

  2. Log on to the on premise management center.

  3. Click Device > Device Management.

You can't select this device as CDO manages the configuration. The management center shows the CDO Managed label for this device.

To see the live events in the management center, click Analysis > Events.