(Preview Only) Secure Firewall Threat Defense

Deploying a gateway directly to a Secure Firewall Threat Defense virtual (FTDv) device can offer several advantages, especially in network security and management. Utilizing this functionality with FTDv lets you take advantage of advanced security features that may not be present in standard ISP gateways. By deploying a gateway directly to an FTDv device, you can take advantage of these security features to protect your network.

Because this is a multi-product task you must navigate between both Multicloud Defense and Cloud-delivered Firewall Management Center to complete the steps. Multicloud Defense deploys and registers the FTDv device including interfaces, gateway configuration, NAT rules, platform settings, whereas you edit your access policy, rules, and objects in your Cloud-delivered Firewall Management Center account.

The following functionality is limited due to the preview nature of this feature:

• You cannot create a gateway for clustered FTDv devices.

• Only East-West/Egress gateway types are supported.

• You must create a new Service VPC. VPCs created before this feature do not support this functionality; note that when you create a new VPC it can still be used for both Multicloud Defense gateways or FTDv gateways.

• You must use a license purchased through the Cisco Smart Account.

Follow this set of procedures to successfully create and register a Multicloud Defense Gateway to your FTDv device:

1. Onboard a CSP.

2. Create a Service VPC.

3. Create a Multicloud Defense Gateway.

4. Configure your access policy cdFMC.