How Cisco Defense Orchestrator Works with Firepower Threat Defense
How Cisco Defense Orchestrator Works with Firepower Threat
Defense
CDO and FDM Co-Management
After you complete initial configuration in FDM to establish internet connectivity and configure a basic
network policy, you can onboard the device to CDO. After you onboard the device to CDO, you can continue
to use FDM as needed. You can choose whether to accept out-of-band changes in CDO on a case-by-case
basis.
Secure Device Connector (SDC)
All communication between CDO and the devices it manages passes through an SDC. CDO and the devices
it manages do not communicate directly.
SDCs can be deployed in the cloud or in your network using the following methods:
Cisco Firepower 2100 Getting Started Guide
128
Pre-Configuration
Power on the Device, on page
FTD CLI
(Optional) Change Management Network Settings at the CLI, on page
Firepower Device
Log Into FDM, on page
Manager
Firepower Device
Complete the Initial Configuration, on page
Manager
Cisco Defense
Log Into CDO with Cisco Secure Sign-On, on page
Orchestrator
Cisco Defense
Onboard the device using a registration key or credentials
Orchestrator
to CDO, on page
Firepower Device
Register with the registration key
Manager
you onboard using credentials, you do not need to log into FDM.
Cisco Commerce
(Optional) Obtain feature licenses
Workspace
Smart Software
Generate a license token
Manager
Cisco Defense
Register the device with the Smart Licensing Server
Orchestrator
page
Cisco Defense
Configure the Device in CDO, on page
Orchestrator
135.
138.
144).
(Configure Licensing, on page
155).
Firepower Threat Defense Deployment with CDO
139.
143.
(Onboard the FTD
(Onboard the FTD to CDO, on page
(Configure Licensing, on page
155).
(Configure Licensing, on
151.
136.
144). If
155).