History for Device Settings

Feature

Minimum Management Center

Minimum Threat Defense

Details

Recovery-config mode for emergency on-device configuration and out-of-band configuration detection on the management center

20250219

7.7.0

If you lose the management connection to your device, you can make select configuration changes directly at the device CLI to:

  • Restore the management connection if you are using a data interface for manager access

  • Make select policy changes that can't wait until the connection is restored

After the management connection is restored, the management center will detect the configuration changes on the device. It does not automatically update the device configuration in the management center; you must view the configuration differences, acknowledge that the device configuration is different, and then manually make the same changes in the management center before you deploy.

New/modified diagnostic CLI (system support diagnostic-cli ) command: configure recovery-config

New/modified screens: Devices > Device Management > Device > Health > Out of Band Status

High availability is supported with redundant manager access data interfaces

20250219

7.7.0

You can now use redundant manager access data interfaces with high availability.

Cluster health monitor settings.

20221213

Any

You can now edit cluster health monitor settings.

New/modified screens: Devices > Device Management > Cluster > Cluster Health Monitor Settings

Note

If you previously configured these settings using FlexConfig, be sure to remove the FlexConfig configuration before you deploy. Otherwise the FlexConfig configuration will overwrite the management center configuration.

Redundant manager access data interface.

20221213

7.3.0

When you use a data interface for manager access, you can configure a secondary data interface to take over management functions if the primary interface goes down. The device uses SLA monitoring to track the viability of the static routes and an ECMP zone that contains both interfaces so management traffic can use both interfaces.

New/modified screens:

  • Devices > Device Management > Device > Management

  • Devices > Device Management > Device > Interfaces > Manager Access

Policy rollback support for high availability devices.

20220609

7.2.0

The configure policy rollback command is supported for high availability devices.

Auto rollback of a deployment that causes a loss of management connectivity.

20220609

You can now enable auto rollback of the configuration if a deployment causes the management connection between the management center and the threat defense to go down. Previously, you could only manually rollback a configuration using the configure policy rollback command.

New/modified screens:

  • Devices > Device Management > Device > Deployment Settings

  • Deploy > Advanced Deploy > Preview

  • Deploy > Deployment History > Preview

Object group search is enabled by default for access control rules.

20220609

7.2.0

The Object Group Search setting is enabled by default for managed devices starting with Version 7.2.0. This option is in the Advanced Settings section when editing device settings on the Device Management page.

Import and export device configurations.

20220609

7.2.0

You can export the device-specific configuration, and you can then import the saved configuration for the same device in the following use cases:

  • Moving the device to a different FMC.

  • Restore an old configuration.

  • Reregistering a device.

New/modified screens: Devices > Device Management > Device > General

Update the FMC IP address on FTD.

20220609

7.0.3

If you change the FMC IP address, you can now use the FTD CLI to update the device.

New/modified commands: configure manager edit