About Cloud-delivered Firewall Management Center

Cisco Defense Orchestrator (CDO) is the platform for the cloud-delivered Firewall Management Center.

The cloud-delivered Firewall Management Center is a software-as-a-service (SaaS) product that manages Secure Firewall Threat Defense devices. It offers many of the same functions as an on-premises Secure Firewall Management Center, it has the same appearance and behavior as an on-premises Secure Firewall Management Center, and uses the same FMC REST API.

This product is designed for Secure Firewall Management Center customers who want to move from an on-premises version of the Secure Firewall Management Center to a SaaS version.

The CDO operations team is responsible for maintaining the SaaS product. As new features are introduced, the CDO operations team updates CDO and the cloud-delivered Firewall Mangement Center for you.

A migration wizard is available to help you migrate your Secure Firewall Threat Defense devices registered to your on-premises Secure Firewall Management Center to the cloud-delivered Firewall Management Center.

Are these release notes for you?

These release notes are for existing Cisco Security Cloud Control (Security Cloud Control) users who have a cloud-delivered Firewall Management Center deployed on their tenant.

Cisco Secure Threat Defense Terminology

Table 1.

Product Name

Description

Cisco Secure Firewall Threat Defense

Cisco's next-generation firewall. The name is often shortened to "Secure Firewall Threat Defense" or "threat defense" in documentation. It can be configured and managed by these device managers:

  • A cloud-delivered Firewall Management Center.

  • An on-premises Secure Firewall Management Center.

  • The local device manager included with the threat defense image.

Cloud-delivered Firewall Management Center

This refers to the version of the Secure Firewall Management Center that is deployed with Security Cloud Control.

The cloud-delivered Firewall Management Center manages one or more Secure Firewall Threat Defense firewalls.

You may see the cloud-delivered Firewall Management Center referred to as "management center" in product documentation.

These release notes provide information about this manager.

On-premises Cisco Secure Firewall Management Center

This manages one or more Cisco Secure Firewall Threat Defense devices.

You may see these devices referred to as "Secure Firewall Management Center," or simply "management center" in product documentation.

The on-premises Secure Firewall Management Center is managed by the customer. Some images are designed for installation on a physical Firepower appliance, others are virtual images that are installed and managed in the customer's private cloud. The customer performs installation and upgrade tasks.

Cisco Secure Firewall Threat Defense device manager

This manager is delivered with the Secure Threat Defense software image and only manages the single Secure Threat Defense device it was delivered with.

CDO can manage threat defense devices that are managed by the device manager and are configured for local management.

Management tasks for the threat defense device can be performed by CDO or by the device manager and CDO keeps track of which manager performed which task and alerts the CDO user where changes are coming from.

Threat defense devices managed by the device manager by CDO cannot be managed by the cloud-delivered Firewall Management Center.

In the documentation for Cisco Defense Orchestrator, we refer to a threat defense device managed by the device manager as "an FDM-managed device" or an "FDM."