Firepower Threat Defense (FTD)
In Chapter 1 you learned that Firepower Threat Defense software is unified software that provides next-generation firewall services, including the following:
Stateful firewall capabilities
Static and dynamic routing
Next-generation intrusion prevention systems (NGIPS)
Application visibility and control (AVC)
Advanced Malware Protection (AMP)
In the Cisco ASA, you can use FTD in single context mode and in routed or transparent mode. Multiple context mode is not supported at this writing.
The following are the Cisco ASA 5500-X models that support a reimage to run the FTD software:
To reimage one of the aforementioned Cisco ASA models, you must meet the following prerequisites:
You must have a Cisco Smart Account. You can create one at Cisco Software Central (https://software.cisco.com).
You need to review the FTD software version release notes to become familiar of the supported features, as Cisco continues to add features very regularly.
Add at least a base FTD license to your Smart Account (for example, L-ASA5516T-BASE=).
You must have access to an FMC (virtual or physical).
You must have access to the console port of the Cisco 5500-X appliance on which FTD software will be installed, either directly from the computer being used for installing FTD software or through a terminal server.
It is a best practice to back up your existing configuration.
Understand that when you reimage and install FTD software on your Cisco ASA, all previous files and configurations saved on the ASA are lost.
You need to have the required minimum free space (3 GB plus the size of the boot software) available on the flash (disk0).
You must have an SSD in your Cisco ASA.
You must have access to a TFTP server to host the FTD images.
In Chapter 3, you will learn how to reimage and install the FTD software in supported Cisco ASA models.