Replacing ASA/FTD with Firepower Services: Step-by-Step Guide
Learn how to replace your ASA/FTD with Firepower services efficiently. Follow steps to collect important information, download files, re-image devices, restore configurations, re-host licenses, and replace the device seamlessly.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
FirePOWER Replacing your ASA/FTD with Firepower services KaustubhVajarkar Cisco FirePOWERTAC Engineer
STEPS Collect important information from existing device Download installer files for required version Re-image new device to the required version Restore configuration Re-host licenses Replace device
Collect important information from existing device Collect version information show module show version show asdm image Download installer files for required version Re-image new device to the required version Collect ASA license information Restore configuration show activation-key detail Re-host licenses Configuration > ASA FirePOWER Configuration > Licenses and clickingAdd New License. (To locate old license key if on-box managed) Replace device Create backup from ASDM ASA configuration backup http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/asdm63/configuration_g uide/config/admin_swconfig.html#wp1243681
Collect important information from existing device Download installer files for required version Collect version information show version Re-image new device to the required version FTD license information Restore configuration The FTD uses smart license and a token will be required to be downloaded from Cisco Smart Software Manager Re-host licenses Replace device Create backup from FTD Firepower configuration backup if using on-box management http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-firepower- services/200448-Configure-Backup-Restore-of-Configurati.html
Device cabling Collect important information from existing device Download installer files for required version Re-image new device to the required version Restore configuration Re-host licenses Replace device
Download link http://www.cisco.com/go/asa-firepower-sw Collect important information from existing device Compatibility matrix http://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/as amatrx.html Download installer files for required version Re-image new device to the required version ASA FTD boot image ftd-boot-9.6.2.0.lfbff Restore configuration asa953-lfbff-k8.SPA Re-host licenses ASDM System software install package ftd-6.1.0-330.pkg asdm-771.bin Replace device FirePOWER Boot Image asasfr-5500x-boot-6.1.0- 330.img FirepowerPackage Installer asasfr-sys-6.1.0-330.pkg
Collect important information from existing device Download installer files for required version Install and Configure a FirePOWER Services Module on an ASA Platform http://www.cisco.com/c/en/us/support/docs/security/asa-firepower- services/118644-configure-firepower-00.html Re-image new device to the required version Restore configuration Re-host licenses Reimage the Cisco ASA or Firepower Threat Defense Device http://www.cisco.com/c/en/us/td/docs/security/firepower/quick_star t/reimage/asa-ftd-reimage.html Replace device
Install basic configuration on ASA and connect via ASDM Cisco ASA 5506-X Series Quick Start Guide http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/5506X/5 506x-quick-start.html Cisco ASA 5508-X and ASA 5516-X Quick Start Guide http://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/5508X/5 508x-quick-start.html Collect important information from existing device Download installer files for required version Re-image new device to the required version Restore configuration Restore backup for ASA using ASDM Restoring Configurations http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/asdm63/confi guration_guide/config/admin_swconfig.html#wp1244402 Re-host licenses Replace device Restore Firepower module if on-box managed Provision network settings to Firepower module ciscoasa# session sfr console > configure network ipv4 manual ipaddrnetmaskgw
Collect important information from existing device Download installer files for required version Re-image new device to the required version Assign management IP address on the new FTD Restore configuration Restore the previously taken backup Re-host licenses Replace device
Collect important information from existing device Download installer files for required version Re-image new device to the required version Product License Registration http://www.cisco.com/go/license Restore configuration Re-host licenses FTD uses smart licenses and a token will be required to be downloaded from Cisco Smart Software Manager Replace device
Collect important information from existing device Connect cables according to the network diagram Download installer files for required version Delete old FirePOWER module/FTD from FirePOWER Management Center GUI Device > Device management > Delete device. Re-image new device to the required version Restore configuration Add the FirePOWER module/FTD in the new device to the Management Center > configure manager add fmcIP regkey Re-host licenses Replace device Deploy policies to the device Verify connection events indicating correct functionality of the FirePOWER module.
FirePOWER Kaustubh Vajarkar Cisco FirePOWER TAC Engineer THANK YOU
