cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
40349
Views
55
Helpful
58
Replies

ASA FirePOWER Threat Defense unified image (FTD)

ilukeberry
Level 1
Level 1

Hi

Can someone from Cisco please explain what this image is? And what parts of ASA does include ? Can it do VPN/Anyconnect ?

Is ASA OS getting retired ?

Regards

1 Accepted Solution

Accepted Solutions

Correct. As of now not all the features are available but they will be eventually. Current image is out 6.0.1 which does not have anyconnect. Please rate the answer if it helps. Thanks Yogesh

View solution in original post

58 Replies 58

yogdhanu
Cisco Employee
Cisco Employee
Hi The Firepower Threat Defense (FTD) is a unified image of ASA and Firepower. It is designed to do what ASA do and what Firepower do , together with unified management. It does not yet have anyconnect (in pipeline) . Yes ASA is going to get retired and unified image will come up in future. Thanks Yogesh

So basically all features of current ASA OS features will get transferred into FTD? I'll stick with ASA OS with FirePOWER combo until this FTD gets all the features.

Correct. As of now not all the features are available but they will be eventually. Current image is out 6.0.1 which does not have anyconnect. Please rate the answer if it helps. Thanks Yogesh

One more question. Will any migration tool be provided?

http://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/5500X/ftd-55xx-X-qsg.html

Br,

Per Tenggren

Already read that. Doesn't mention any migration tool.

What do you want to migrate? The classic ASA ACLs can't be migraded to the FTD afaik.

From the release notes:

When you reimage and install Firepower Threat Defense on your 5500-X appliance, all previous files and configurations saved on the ASA will be lost.

I don't want to migrate right now, but i have ton of other settings for AnyConnect, VPN and AAA in ASA currently and i was just asking when FTD gets all features of ASA OS if it will be possible to migrate those.

FTD doesn't yet support all of those features (read VPN) , so we don't yet know if that's something which will be possible. Once an image supporting anyconnect with full vpn functionality releases , we will know if it can be done.

Right now , all needs to be configured manually.

What about FTD 6.0.1 on ASA w/FP, and defining NAT and Routing in FMC and have FTD on ASA w/FP do it ?

There is surely a document or release notes that tells you what each FTD ASA/wFP version can do ?

I think yes...

http://www.cisco.com/c/en/us/td/docs/security/firepower/601/relnotes/firepower-system-release-notes-version-601.html#pgfId-433655

Hi,

I have re-image to FTD 6.1.0 on ASA5506. I would like to ask that can I re-image this FTD back to FTD as factory default on FTD.

Thanks.

BR,

Thaung

If you re-run the FTD imaging process on an ASA that is already imaged with FTD it will indeed restore it to a new installation state.

Just follow the process described here:

http://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/reimage/asa-ftd-reimage.html#pgfId-129933

Hi Marvin,

Good Day!

I have ASA5525-X but I convert it to run the FTD code. May I know if we can do port-channels in the FTD? Currently, I'm checking the config and I don't see any port-channel config in the on-box GUI nor in the CLI.

Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: