Create an SGT Group
To create an SGT group that can be used for an access control rule, use the following procedure:
Before you begin
You must have the following configurations or environments configured prior to creating a security group tag (SGT) group:
-
FDM-managed device must be running at least Version 6.5.
-
You must configure the ISE identity source to subscribe to SXP mappings and enable deploy changes. To manage SXP mappings, see Configure Security Groups and SXP Publishing in ISE of the Firepower Device Manager Configuration Guide for the version you're using, Version 6.7 and later.
-
All SGTs must be created in ISE. To create an SGT, see the Cisco Identity Services Engine Configuration Guide of the version your are currently running.