Onboard an FDM-Managed HA Pair Running Threat Defense Version 6.6 or Version 6.7 and later

Onboard a peer device. See Onboard an FDM-Managed Device Running Software Version 6.6+ Using a Registration Key

In the left pane, click Security Devices.

Click the Devices tab to locate your device.

Click the FTD tab. Once the device is synced, select the device so it is highlighted. In the action pane located directly below Device Details, click Onboard Device.

Enter the HA Peer Device Name for the peer device that has already been onboarded. Click Next.

If you provided a smart license for the first device, Security Cloud Control repopulates that license so you can use it for onboarding this current device. Click Next.

Security Cloud Control automatically generates that registration key for the device you are preparing to onboarding. Click the Copy icon to copy the registration key.

Log into the Secure Firewall device manager UI of the device you want to onboard to Security Cloud Control.

Under System Settings, click Cloud Services.

In the Enrollment Type area, click Security/Security Cloud Control Account.

For devices running version 6.6, note that the Tenancy tab for Security Cloud Control is titled Security Account and you must manually enable Security Cloud Control in the Secure Firewall device manager UI.

In the Region field, select the Cisco cloud region that your tenant is assigned to.

In the Registration Key field, paste the registration key that you generated in Security Cloud Control.

For devices running version 6.7 or later in the Service Enrollment area, check Enable Firewall in Security Cloud Control.

Review the information about the Cisco Success Network Enrollment. If you do not want to participate, uncheck the Enroll Cisco Success Network check box.

Click Register and then Accept the Cisco Disclosure. FDM sends the registration request to Security Cloud Control.

Return to Security Cloud Control, in the Create Registration Key area, click Next.

In the Smart License area, you can apply a smart license to the FDM-managed device and click Nextor you can click Skip to continue the onboarding with a 90-day evaluation license or if the device is already smart-licensed. For more information, see Updating an Existing Smart License of an FDM-Managed Device.

If your device is running version 6.6, you need to manually enable communication to Security Cloud Control. From the device's FDM-managed UI, navigate to System Settings > Cloud Services and, in the Firewall in Security Cloud Control tile, click Enable.

Return to Security Cloud Control, click Go to Security Devices. Security Cloud Control automatically onboards the device and combines them as a single entry. Similar to the first peer device you onboard, the device status changes from "Unprovisioned" to "Locating" to "Syncing" to "Synced."