Cisco Secure Firewall Management Center Virtual Getting Started Guide

PDF

Overview

Updated: February 5, 2026

Want to summarize with AI?

Log in

Overview

Learn how to select supported AWS instance types, meet memory requirements, and resize instances for Firewall Management Center Virtual deployments. Understand deprecated instance types, upgrade constraints, and required AWS services such as EC2, VPC, S3, and AMIs to deploy and manage the appliance in the AWS environment.

Firewall Management Center Virtual Requires 28 GB RAM for Upgrade (6.6.0+)

The Firewall Management Center Virtual platform has introduced a new memory check during upgrade. The Firewall Management Center Virtual upgrades to Version 6.6.0+ will fail if you allocate less than 28 GB RAM to the virtual appliance.

As of the Version 6.6.0 release, lower-memory instance types for cloud-based Firewall Management Center Virtual deployments (AWS, Azure) are fully deprecated. You cannot create the new Firewall Management Center Virtual instances using them, even for earlier versions. You can continue running existing instances. See Table 1.

As a result of this memory check, we will not be able to support lower memory instances on supported platforms.

The following table summarizes the AWS instance types that the Firewall Management Center Virtual supports; those that Versions 6.5.x and earlier support, and those that Version 6.6.0+ support.

Note

Version 6.6 adds support for the C5 instance types shown in the following table. Larger instance types provide more CPU resources to your AWS VMs for increased performance, and some allow for more network interfaces.

Table 1. AWS Supported Instance Types for the Firewall Management Center Virtual

Platform

Version 6.6.0+

vCPUs

Memory (GB)

Maximum Number of Interfaces

Version 6.5.x and earlier

vCPUs

Memory (GB)

Maximum Number of Interfaces

Firewall Management Center Virtual

c3.4xlarge

16

30

8

c3.xlarge*

4

7.5

4

c4.4xlarge

16

30

8

c3.2xlarge*

8

15

4

c5.4xlarge

16

32

8

c3.4xlarge

16

30

8

c6i.4xlarge

16

32

8

c4.xlarge*

4

7.5

4
c6a.4xlarge

16

32

8

c4.2xlarge*

8

15

4
c6in.4xlarge

16

32

8

c4.4xlarge

16

30

8

*Note that the Firewall Management Center Virtual will not support these instance types on Version 6.6.0 and above. Beginning with Version 6.6.0, you must deploy the Firewall Management Center Virtual (any version) using an instance with at least 28 GB RAM. See Deprecated Instanc Types and Resizing Instance Types for more information.
Table 2. AWS Supported Instance Types for the Firewall Management Center Virtual 300

Platform

Version 7.1.0+

Firewall Management Center Virtual 300 (FMCv300)

c5.9xlarge: 36 vCPUs, 72 GB

SSD storage: 2000 GB

Deprecated Instance Types

You can continue running your current Version 6.5.x and earlier Firewall Management Center Virtual deployments, but you will not be able to launch the new Firewall Management Center Virtual deployments (any version) using these instance types:

  • c3.xlarge—4 vCPUs, 7.5 GB (DISABLED for the Firewall Management Center Virtual after Version 6.6.0+)

  • c3.2xlarge—8 vCPUs, 15 GB (DISABLED for the Firewall Management Center Virtual after Version 6.6.0+)

  • c4.xlarge—4 vCPUs, 7.5 GB (DISABLED for the Firewall Management Center Virtual after Version 6.6.0+)

  • c4.2xlarge—8 vCPUs, 15 GB (DISABLED for the Firewall Management Center Virtual after Version 6.6.0+)

Resizing Instance Types

Because the upgrade path from any earlier version of Firewall Management Center Virtual (6.2.x, 6.3.x, 6.4.x, and 6.5.x) to Version 6.6.0 includes the 28 GB RAM memory check, you need to resize your current instance type to one that supports Version 6.6.0 (see Table 1).

You can resize an instance if the current instance type and the new instance type that you want are compatible. For the Firewall Management Center Virtual deployments:

  • Resize any c3.xlarge or c3.2xlarge to the c3.4xlarge instance type.

  • Resize any c4.xlarge or c4.2xlarge to the c4.4xlarge instance type.

Be aware of the following before resizing your instance:

  • You must stop your instance before you change instance types.

  • Verify that your current instance type is compatible with the new instance type that you choose.

  • If this instance has an instance store volume, any data on it is lost when the instance is stopped. Migrate your instance store-backed instance before you resize.

  • If you're not using an Elastic IP address, the public IP address is released when you stop the instance.

For instructions on how to resize your instance, see the AWS documentation “Changing the Instance Type” (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html).

AWS Solution Overview

AWS is a collection of remote computing services offered by Amazon.com, also called web services, that make up a cloud-computing platform. These services operate from 11 geographical regions across the world. In general, you should become familiar with the following AWS services when deploying the Firewall Management Center Virtual:

  • Amazon Elastic Compute Cloud (EC2)—a web service that enables you to rent virtual computers to launch and manage your own applications and service, such as a firewall, in Amazon's data centers.

  • Amazon Virtual Private Cloud (VPC)—a web service that enables you to configure an isolated private network that exists within the Amazon public cloud. You run you EC2 instances within a VPC.

  • Amazon Simple Storage Service (S3)—a web service that provides you with a data storage infrastructure.

You create an account on AWS, set up the VPC and EC2 components (using either the AWS Wizards or manual configuration), and chose an Amazon Machine Image (AMI) instance. The AMI is a template that contains the software configuration needed to launch your instance.

Note

The AMI images are not available for download outside of the AWS environment.