Onboard a Device with a Serial Number

Only the Firepower 1000, Firepower 2100, and Secure Firewall 3100 devices can be onboarded with the serial number onboarding method.

Before you begin

Be sure the following is completed prior to onboarding:


Step 1

In the Firepower Device Manager UI, navigate to System Settings > Cloud Services and select the Auto-enroll with Tenancy from Cisco Defense Orchestrator option and click Register.

Step 2

Log in to CDO.

Step 3

In the navigation pane, click Inventory and click the blue plus button.

Step 4

Select the FTD tile.

Step 5

Under Management Mode, be sure FTD is selected.

By selecting FTD under Management Mode, you will not be able to manage the device using the previous managing platform. All existing policy configurations except for interface configurations will be reset. You must re-configure policies after you onboard the device.

If you want the device to maintain mangaement from the Firepower Device Manager, select FDM and see Onboard the Serial Number of a FDM-Managed Device for Low-Touch Provisioning for more information.

Step 6

Enter the Device Serial Number and the Device Name. Click Next.

Step 7

Password Reset. Select No, this device has been logged into and configured for a manager. This implies that the device has already been registered to a FDM and the default password was changed as part of that configuration.

If your device is brand new and has never been configured for a manager, see Onboard a Device with Low-Touch Provisioning.
Step 8

Click Next.

Step 9

In the Policy Assignment step, use the drop-down menu to select an access control policy to deploy once the device is onboarded. If you have no policies configured, select the Default Access Control Policy.

Step 10

Select all licenses you want applied to the device. Click Next.

What to do next

From the Inventory page, select the device you just onboarded and select any of the options listed under the Management pane located to the right. We strongly recommend the following actions:
  • Create a custom access control policy to customize the security for your environment. See the Access Control Policies chapter for more information.

  • Enable Cisco Security Analytics and Logging (SAL) to view events in the CDO dashboard or register the device to an Firepower Management Center for security analytics. See the Cisco Security Analytics and Logging chapter for more information.