Skip to content
Skip to search
Skip to footer

Cisco Secure Firewall Threat Defense Virtual Getting Started Guide, Version 10.0

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: December 3, 2025

Chapter: What's New in 10.0.0

What's New in 10.0.0
New Threat Defense Virtual Features in Release 10.0.0

What's New in 10.0.0

This chapter lists the new features, enhancements, and changes introduced in Threat Defense Virtual Release 10.0.0.

New Threat Defense Virtual Features in Release 10.0.0


Feature	Version	Details	Supported Cloud Platforms
Threat Defense Virtual Unlimited (FTDvU)	10.0.0	To address the demand for high-performance instances, Threat Defense Virtual is capable of booting up to 64 vCPUs. To enable this scalability, a new licensing tier FTDvU is introduced. For more information, see License PIDs section in Cisco Secure Firewall Management Center Administration Guide.	VMWare and KVM only
OCI Threat Defense Virtual Ampere A1 (ARM) Compute Shape support	10.0.0	The feature supports deployment of ARM-based Threat Defense Virtual Flex instances on Oracle Cloud Infrastructure (OCI). For more information, see OCI Compute Shapes.	OCI
Secure Boot and UEFI firmware support	10.0.0	Threat Defense Virtual is compatible with UEFI-based virtual machines. This modern firmware interface replaces legacy BIOS, improves boot performance, and provides enhanced hardware/VM compatibility. Secure Boot ensures that only signed and trusted boot-loaders, kernel modules, and drivers are loaded when the VM starts. It improves the virtual appliances security. For more information, see the relevant sections in the corresponding Cloud platform.	All platforms For OCI, only UEFI mode is supported.
Interface Name change	10.0.0	Threat Defense Virtual uses a standardized interface naming convention across all virtual platforms. For more information, see Interface Name Change.	All platforms
Dynamic Disk Expansion support for Threat Defense Virtual	10.0.0	Threat Defense Virtual supports dynamic disk expansion across all virtual platforms. For more information, see Dynamic Disk Expansion Support for Threat Defense Virtual.	All platforms
Deploy Threat Defense Virtual on Hyper-V	10.0.0	Deployment of Threat Defense Virtual is supported on Microsoft Hyper-V. This allows you to run the Threat Defense Virtual as a virtual machine within a Hyper-V environment, making it possible to integrate firewall and security services into Microsoft-based virtualization platforms. For more information, see Deploy the Firewall Threat Defense Virtual on Hyper-V.	Hyper-V
OpenStack Caracal support	10.0.0	Threat Defense Virtual deployment is supported on the Caracal release of OpenStack. This enables customers to use Cisco virtual security appliances on environments that use Caracal, expanding compatibility with the latest OpenStack platform. For more information, see System Requirements.	OpenStack
Nutanix AOS 7.3.0.6 support	10.0.0	With the release of Nutanix AOS 7.3.0.6, Cisco Secure Firewall continues to support Threat Defense Virtual deployments on Nutanix environments. Nutanix AOS 7.3.0.6 builds on the VPC capabilities introduced in earlier Nutanix AOS releases, providing functionality similar to VPCs available in public cloud environments. This enhancement allows more flexible and cloud-like network segmentation and isolation within Nutanix environments, enabling customers to design and scale secure multi-tenant architectures more effectively. For more information, see System Requirements.	Nutanix
Dual ARM Multi AZ Clustering	10.0.0	A Dual-Arm proxy is a network deployment mode that enables the Threat defense Virtual to inspect traffic, applies Network Address Translation (NAT), and sends it directly from its outside interface to the Internet via the Internet Gateway. This direct egress path bypasses the GWLB and its endpoint on egress, streamlining traffic flow for greater efficiency. For more information, see AWS Gateway Load Balancer and Geneve Dual-Arm Proxy section in Cisco Secure Firewall Management Center Device Configuration Guide.	AWS
Threat Defense Virtual Cloud Clustering enhancements in GCP	10.0.0	Threat Defense Virtual clustering solution in Google Cloud Platform (GCP) is enhanced with dynamic autoscaling capabilities. The autoscale solution is based on CPU utilization metrics and helps to achieve optimal resource usage. For more information, see Threat Defense Virtual Clustering with Autoscale Solution in GCP section in Cisco Secure Firewall Management Center Device Configuration Guide.	GCP
Threat Defense Virtual AWS Cloud WAN Service Insertion	10.0.0	AWS Cloud WAN is a global service that can be used to build, manage, and monitor wide area networks (WAN) using a centralized dashboard. AWS Service Insertion feature simplifies the integration of security and inspection services into the Cloud WAN based global networks. Using this feature, you can easily steer your global network traffic between Amazon VPCs (Virtual Private Cloud), AWS Regions, on-premises locations, and Internet via security appliances or inspection services using a central Cloud WAN policy or the AWS management console. For more information, see Firewall Threat Defense Virtual Integration with AWS Cloud WAN Using Service Insertion.	AWS

Was this Document Helpful?

Feedback

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)