Skip to content
Skip to search
Skip to footer

Secure Firewall 4200 Threat Defense Getting Started: Cloud-delivered Firewall Management Center

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: December 3, 2025

Chapter: Cable and Onboard the Firewall

Cable and Onboard the Firewall
Cable the Firewall
Onboard the Firewall
Perform Initial Configuration

Cable and Onboard the Firewall

Cable and onboard the firewall to Security Cloud Control.

Cable the Firewall

Obtain a console cable—The firewall does not ship with a console cable by default, so you will need to buy a third-party USB-to-RJ-45 serial cable, for example.
Install SFPs into the data interface ports—The built-in ports are 1/10/25-Gb SFP28 ports that require SFP/SFP+/SFP28 modules.
See the hardware installation guide for more information.

Cabling for Security Cloud Control

Onboard the Firewall

Onboard the firewall using a CLI registration key.

Procedure

Step 1	In the Security Cloud Control navigation menu, click Manage > Security Devices, then click the blue plus button () to Onboard a device.
Step 2	Click the FTD tile.
Step 3	Under Management Mode, be sure FTD is selected.
Step 4	Select Use CLI Registration Key as the onboarding method. Figure 1. Use CLI Registration Key
Step 5	Enter the Device Name and click Next. Figure 2. Device Name
Step 6	For the Policy Assignment, use the drop-down menu to choose an access control policy for the device. If you have no policies configured, choose the Default Access Control Policy. Figure 3. Access Control Policy
Step 7	For the Subscription License, click the Physical FTD Device radio button, and then check each of the feature licenses you want to enable. Click Next. Figure 4. Subscription License
Step 8	For the CLI Registration Key, Security Cloud Control generates a command with the registration key and other parameters. You must copy this command and use it in the intial configuration of the Firewall Threat Defense. Figure 5. CLI Registration Key configure manager add Security Cloud Control`_hostname` `registration_key` `nat_id` `display_name` Copy this command at the Firewall Threat Defense CLI after you complete the startup script. See Perform Initial Configuration. Example: Sample command for CLI setup: `configure manager add account1.app.us.scc.cisco.com KPOOP0rgWzaHrnj1V5ha2q5Rf8pKFX9E Lzm1HOynhVUWhXYWz2swmkj2ZWsN3Lb account1.app.us.scc.cisco.com`
Step 9	Click Next in the onboarding wizard to start registering the device.
Step 10	(Optional) Add labels to your device to help sort and filter the Security Devices page. Enter a label and select the blue plus button (). Labels are applied to the device after it's onboarded to Security Cloud Control. Figure 6. Done

Perform Initial Configuration

Set the dedicated Management IP address, gateway, and other basic networking settings using the CLI setup script.

Procedure

Connect to the console port and access the Firewall Threat Defense CLI. See Access the Firewall Threat Defense CLI.

Was this Document Helpful?

Feedback

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)