Navigating the Cisco Secure Firewall Threat Defense Documentation
About Cisco Secure Firewall Threat Defense Documentation
This roadmap provides links to currently available documentation for Cisco Secure Firewall Threat Defense (including Secure Firewall Management Center and Secure Firewall device manager).
To view all available documentation for a specific release, see the following documentation landing pages:
Related Roadmaps
License Documentation
-
Feature license information:
-
The Licensing chapter in the Cisco Secure Firewall Management Center Administration Guide for your version.
-
Open source license information:
-
Open source license information for all Cisco products is available at https://www.cisco.com/go/opensource.
-
Each product has its own open source licensing document, available from the Licensing Information link on the top-level documentation listing page for the product. See Top-Level Documentation Listing Pages for Management Center Deployments.
-
Top-Level Documentation Listing Pages for Management Center Deployments
The following documents may be helpful when configuring Secure Firewall Management Center deployments, Version 6.0+.
Note |
Some of the linked documents are not applicable to Secure Firewall Management Center deployments. For example, some links on Secure Firewall Threat Defense pages are specific to deployments managed by Secure Firewall device manager, and some links on hardware pages are unrelated to management center. To avoid confusion, pay careful attention to document titles. Also, some documents cover multiple products and therefore may appear on multiple product pages. |
Secure Firewall Management Center
-
Secure Firewall Management Center hardware appliances:
http://www.cisco.com/c/en/us/support/security/defense-center/tsd-products-support-series-home.html
-
Secure Firewall Management Center Virtual appliances:
Secure Firewall Threat Defense, also called NGFW (Next Generation Firewall) devices
-
Secure Firewall Threat Defense software:
http://www.cisco.com/c/en/us/support/security/firepower-ngfw/tsd-products-support-series-home.html
-
Secure Firewall Threat Defense Virtual:
-
Firepower 1000 series:
-
Secure Firewall 3100:
https://www.cisco.com/c/en/us/support/security/secure-firewall-3100-series/series.html
-
Firepower 4100 series:
-
Secure Firewall 4200:
https://www.cisco.com/c/en/us/support/security/secure-firewall-4200-series/series.html
-
Firepower 9300:
-
ISA 3000:
Compatibility Guide
The Cisco Secure Firewall Threat Defense Compatibility Guide lists the system software and hardware compatibility and requirements.
Release Notes
Release notes provide critical and release-specific information.
Note |
For ASA release notes, see the ASA documentation roadmap. For FXOS release notes, see the FXOS documentation roadmap. For Firepower hotfix release notes, see the Firepower Hotfix Release Notes. |
Release |
Guide |
---|---|
Version 7.6.0 |
Cisco Secure Firewall Threat Defense Release Notes, Version 7.6.0 |
Version 7.4.1 |
Cisco Secure Firewall Threat Defense Release Notes, Version 7.4.x |
Version 7.4.0 |
Cisco Secure Firewall Threat Defense Release Notes, Version 7.4.x |
Version 7.3.0 |
Cisco Secure Firewall Threat Defense Release Notes, Version 7.3.x |
Version 7.2.0 |
Cisco Secure Firewall Threat Defense Release Notes, Version 7.2.x |
Version 7.1.0 |
|
Version 7.0.0 |
|
Version 6.7.0 |
|
Version 6.6.0 |
|
Version 6.5.0 |
|
Version 6.4.0.x |
|
Version 6.3.0.x |
|
Version 6.2.3.x |
|
Version 6.2.2.x |
|
Version 6.2.1 |
Cisco Firepower Version 6.2.1 has been replaced by Cisco Firepower Version 6.2.2, which offers the same functionality and supports the full set of Firepower platforms; we strongly recommend updating to Version 6.2.2 in place of Version 6.2.1. |
Version 6.2.0.x |
|
Version 6.1.x |
|
Version 6.0.1.x |
|
Version 6.0.0.x |
Migration Guides
Secure Firewall migration tool
You can use the Secure Firewall migration tool to migrate supported configurations to supported Secure Firewall Threat Defense confgurations for releases 6.2.3 and later.
-
Migrating ASA Firewall to Threat Defense with the Firewall Migration Tool
-
Migrating ASA to Firepower Threat Defense Using Cisco Defense Orchestrator
-
Migrating Check Point Firewall to Threat Defense with the Firewall Migration Tool
-
Migrating Palo Alto Networks Firewall to Firepower Threat Defense with the Firepower Migration Tool
-
Migrating Fortinet Firewall to Threat Defense with the Firewall Migration Tool
For other related ASA to Threat Defense documents, see:
ASA-to-Firepower Threat Defense Migration Tool Image
The Cisco ASA to Firepower Threat Defense Migration Guide describes how to use Cisco’s migration tool to convert ASA configurations to Firepower Threat Defense configurations.
Note |
This migration tool is deprecated and cannot migrate your ASA images to the latest Firepower Threat Defense releases. |
Upgrade Guides
-
Cisco Secure Firewall Threat Defense Upgrade Guide for Management Center, Version 7.6
-
Cisco Secure Firewall Threat Defense Upgrade Guide for Device Manager, Version 7.4.x–7.6.x
-
Cisco Secure Firewall Threat Defense Upgrade Guide for Management Center, Version 7.4.1
-
Cisco Secure Firewall Threat Defense Upgrade Guide for Management Center, Version 7.3—Upgrade Threat Defense with Management Center to Version 7.3.0.
-
Cisco Secure Firewall Threat Defense Upgrade Guide for Device Manager, Version 7.3—Upgrade Threat Defense with device manager to Version 7.3.0.
-
Cisco Secure Firewall Threat Defense Upgrade Guide for Management Center, Version 7.2—Upgrade Threat Defense with Management Center to Version 7.2.0.
-
Cisco Secure Firewall Threat Defense Upgrade Guide for Device Manager, Version 7.2—Upgrade Threat Defense with device manager to Version 7.2.0.
-
Cisco Firepower Threat Defense Upgrade Guide for Firepower Management Center, Version 7.1.0—Upgrade Firepower Threat Defense with Firepower Management Center to Version 7.1.0.
-
Cisco Firepower Management Center Upgrade Guide, Version 6.0–7.0—Upgrade a Firepower Management Center deployment to Version 7.0.0 or earlier.
-
Cisco ASA Upgrade Guide—Upgrade an ASA device with an ASA FirePOWER module managed by ASDM.
Configuration Guides
This section lists configuration guides by management device:
Note |
For ASA configuration guides, see the ASA documentation roadmap. For FXOS configuration guides, see the FXOS documentation roadmap. |
Management Center
The management center configuration guides include detailed information on configuration using the management center web interface.
Release | Guide |
---|---|
All Versions |
Threat Defense on 4100 or 9300 hardware, managed by Management Center: Deploy a Cluster for Threat Defense on the Firepower 4100/9300. |
Version 7.4/7.4.1 |
|
Version 7.4/7.4.1 |
|
Version 7.3 |
|
Version 7.2 |
|
Version 7.1 |
|
Version 7.0 |
|
Version 6.7.0 |
|
Version 6.6.0 |
|
Version 6.5.0 |
|
Version 6.4.0 |
|
Version 6.3.0 |
|
Version 6.2.3 |
|
Version 6.2.2 |
|
Version 6.2.1 |
|
Version 6.2.0.x |
|
Version 6.1.x |
|
Version 6.0.1.x |
|
Version 6.0.0.x |
ASA with FirePOWER Services Local Management via ASDM
On an ASA device running version 6.0+ of the ASA FirePOWER module, you can configure ASA FirePOWER module functionality via ASDM. The ASA with FirePOWER Services Local Management Configuration Guide provides information on configuring the module.
Device Manager
Configuration Examples and Tech Notes
Configuration examples are "how to" guides that provide an end-to-end example of the procedures required to complete a specific configuration. If the example requires configuration in more than one management application, such as Secure Firewall chassis manager and Secure Firewall Management Center the configuraton example includes the procedures for both management applications.
Command Reference Guide
The Cisco Secure Firewall Threat Defense Command Reference explains how to use the command line interface (CLI) for Threat Defense devices.
Snort 3 Inspector Reference
The Snort 3 Inspector Reference explains the options, rules, and best practices for configuring the Snort 3 inspectors.
Application Detector References for VDB Releases
Beginning with VDB Release 343, all application detector information is available through Secure Firewall Application Detectors. This site includes a searchable database of application detectors. The Release Notes provide an update on the newest VDB release.
Note |
The Cisco Vulnerability Database Library for Firepower System provides links to the Cisco Firepower Application Detector Reference for VDB release 297-343. |
Hardware Guides
This section contains the following topics:
Hardware Installation
These guides provide information about Firepower hardware, including deployment information, physical installation procedures, field-replaceable components, specifications, and safety and regulatory information.
Note |
Firepower Hardware Installation Guides
-
Cisco Secure Firewall Management Center 1700, 2700, and 4700 Hardware Installation Guide
-
Cisco Firepower Management Center 1600, 2600, and 4600 Hardware Installation Guide
-
Cisco Firepower Management Center 1000, 2500, and 4500 Hardware Installation Guide
-
Cisco Firepower Management Center 750, 1500, 2000, 3500, and 4000 Hardware Installation Guide
-
Cisco Secure Firewall 3110, 3120, 3130, and 3140 Hardware Installation Guide
-
Cisco Firepower 4110, 4120, 4140, and 4150 Hardware Installation Guide
-
Cisco Firepower 4112, 4115, 4125, and 4145 Hardware Installation Guide
-
Cisco Secure Firewall 4200 Series Hardware Installation Guide
ASA 5500-X Series Hardware Installation Guides
ISA 3000 Hardware Installation Guide
Regulatory Compliance and Safety Information
Regulatory compliance and safety information guides provides general safety guidelines and regulatory information for Firepower devices. The books related to regulatory compliance and safety information are:
Firepower Regulatory Compliance and Safety Information
-
Regulatory Compliance and Safety Information—Cisco Firepower Management Center 1600, 2600, 4600
-
Regulatory Compliance and Safety Information—Cisco Firepower Management Center 1000, 2500, and 4500
-
Regulatory Compliance and Safety Information—Cisco Firepower 1010
-
Regulatory Compliance and Safety Information—Cisco Firepower 1100 Series
-
Regulatory Compliance and Safety Information—Cisco Firepower 2100 Series
-
Regulatory Compliance and Safety Information—Cisco Secure Firewall 3100 Series
-
Regulatory Compliance and Safety Information—Cisco Firepower 4100 Series
-
Regulatory Compliance and Safety Information—Cisco Secure Firewall 4215, 4225, 4245
-
Regulatory Compliance and Safety Information-Cisco Firepower 9300
ASA Regulatory Compliance and Safety Information
Quick Start and Getting Started Guides
Quick start and getting started guides provide information on deploying the appliance, procedures for installing your appliance on your network, initial setup and configuration, and reimaging an appliance. Virtual quick start guides include deployment, installation, and initial setup information for virtual environments.
Hardening Guides
Hardening guides provide information on hardening your Firepower deployment and reducing its vulnerability to cyber attack. Each hardening guide focuses on a specific area of a Firepower deployment.
Release |
Guide |
---|---|
Version 7.2 |
|
Version 7.0 |
|
Version 6.4.0 |
Troubleshooting Guides and Articles
Links to troubleshooting Tech Notes and other troubleshooting resources are available under the "Troubleshooting and Alerts" heading on the top-level document listing page for each product on Cisco.com. See the links for your products in Top-Level Documentation Listing Pages for Management Center Deployments.
Troubleshooting guides are listed below:
Integration and API Documentation
Integration guides provide information on extending Firepower capabilities through custom application development using exposed APIs.
Terminal Services (TS) Agent Documentation
The Firepower System TS Agent is a utility that assigns unique port ranges to users reported by Windows Terminal Servers to uniquely identify the users on the Firepower Management Center, to support user awareness and user control.
Release |
Guide |
---|---|
Version 1.4 |
|
Version 1.3 |
|
Version 1.2 |
User Agent Documentation
Caution |
The user agent is reaching its end of support period. Firepower Management Center version 6.6 is the last version with which you can enable the user agent. The user agent cannot be enabled in Firepower Management Center 6.7 and upgrades to 6.7 will warn you to disable the user agent before upgrading. |
Release |
Guide |
---|---|
Version 2.5 |
|
Version 2.4 |
|
Version 2.3 |
|
Version 2.2.x |
FireSIGHT System User Agent Configuration Guide, Version 2.2 |
Additional Resources
The Firewalls Community is an exhaustive repository of reference material that complements our extensive documentation. This includes links to 3D models of our hardware, hardware configuration selector, product collateral, configuration examples, troubleshooting tech notes, training videos, lab and Cisco Live sessions, social media channels, Cisco Blogs and all the documentation published by the Technical Publications team.
Some of the individuals posting to community sites or video sharing sites, including the moderators, work for Cisco Systems. Opinions expressed on those sites and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party.
Note |
Some of the videos, technical notes, and reference material in the Firewalls Community points to older versions of the management center. Your version of the management center and the version referenced in the videos or technical notes might have differences in the user interface that cause the procedures not to be identical. |