Procedure to Onboard an FDM-Managed Device Running Software Version 6.4 or 6.5 Using a Registration Key

To onboard an FDM-managed using a registration key, follow this procedure:

Before you begin

Review the prerequisites discussed in Onboard an FDM-Managed Device Running Software Version 6.4 or 6.5 Using a Registration Key.

Procedure

Step 1

Log in to CDO.

Step 2

In the navigation pane, click Inventory and click the blue plus button to Onboard a device.

Step 3

Click FTD.

Important

When you attempt to onboard an FDM-managed device, Cisco Defense Orchestrator prompts you to read and accept the Firepower Threat Defense End User License Agreement (EULA), which is a one-time activity in your tenant. Once you accept this agreement, CDO doesn't prompt it again in subsequent FDM-managed onboarding. If the EULA agreement changes in the future, you must accept it again when prompted.

Step 4

On the Onboard FTD Device screen, click Use Registration Key.

Step 5

Enter the device name in the Device Name field. This could be the hostname of the device or any other name you choose.

Step 6

In the Database Updates area, the Immediately perform security updates, and enable recurring updates option is enabled by default. This option immediately triggers a security update as well as automatically schedules the device to check for additional updates every Monday at 2AM. See Update FTD Security Databases and Schedule a Security Database Update for more information.

Note

Disabling this option does not affect any previously scheduled updates you may have configured through Secure Firewall device manager.

Step 7

In the Create Registration Key area, CDO generates a registration key.

Note

If you move away from the onboarding screen after the key is generated and before the device is fully onboarded, you will not be able to return to the onboarding screen; however, CDO creates a placeholder for that device on the Inventory page. When you select the device's placeholder, you will be able to see the key for that device in an action pane located to the right.

Step 8

Click the Copy icon to copy the registration key.

Note

You can skip copying the registration key and click Next to complete the place holder entry for the device and later, register the device. This option is useful when you're attempting to create the device first and later register it or if you're a Cisco partner installing a Proof of Value (POV) device in a customer network.

On the Inventory page, you will see that the device is now in the connectivity state, "Unprovisioned". Copy the registration key appearing under Unprovisioned to Firewall device manager to complete the onboarding process.

Step 9

Log into the Secure Firewall device manager of the device you want to onboard to CDO.

Step 10

In System Settings, click Cloud Services.

Step 11

In the CDO tile, click Get Started.

Step 12

In the Region field, select the Cisco cloud region that your tenant is assigned to:

  • If you log in to defenseorchestrator.com, choose US.

  • If you log in to defenseorchestrator.eu, choose EU.

  • If you log in to apj.cdo.cisco.com, choose APJ.

Note

This step is not applicable FDM-managed devices running version 6.4.

Step 13

In the Registration Key field, paste the registration key that you generated in CDO.

Step 14

Click Register and then Accept the Cisco Disclosure.

Step 15

Return to CDO. Select all the licenses you want to apply to the device.

For more information, see Applying or Updating a Smart License. You can also click Skip to continue the onboarding with a 90-day evaluation license.

Step 16

Return to CDO, open the Inventory page and see that the device status progresses from "Unprovisioned" to "Locating" to "Syncing" to "Synced."