Auto-Onboard an On-Prem Firewall Management Center with SecureX

Before you begin

Ensure that the following requirements are met:

  • The on-prem management center must be running at least Version 7.2.

  • SecureX must be enabled on the on-prem management center. See Cisco Secure Firewall Management Center (Version 7.2 and later) and SecureX Integration Guide for steps and more information.

  • You must allow outbound traffic from port 443 on the on-prem management center.

  • The on-prem management center must have a configured module.

  • Merge your CDO tenant and SecureX/CTR or Cisco XDR account prior to onboarding your device. See Merge Accounts for instructions.

  • After merging your CDO tenant and SecureX/CTR or Cisco XDR, ensure that you log out of your CDO tenant and log in again.

Procedure

Step 1

Click Tools & Services > Firewall Management Center > and choose FMC.

Step 2

Click Discover From SecureX Account as the method.

The Auto onboard On-Prem FMCs using SecureX feature is enabled by default. You can go to Tools & Services > Firewall Management Center to see the newly onboarded on-prem management centers associated with the SecureX tenant linked to your CDO tenant.

Step 3

You can click the available link to disable this functionality.

Step 4

In the General Settings screen, navigate to the Tenant Settings section, and disable Auto onboard On-Prem FMCs using SecureX tenant.

Note

When you disable this functionality, CDO stops further onboarding of the on-prem management center associated with the SecureX tenant. It doesn't remove the already onboarded on-prem management centers. You must manually remove them after disabling the functionality.