Onboard a Catalyst SD-WAN Manager to Security Cloud Control Firewall Management

Use this procedure to onboard the Catalyst SD-WAN Manager to the Firewall Manager platform.


 

Once Catalyst SD-WAN Manager is onboarded to Firewall Manager, security operations (management of policies, objects, and profiles) can be carried out only from Firewall Manager.

Version Control feature is not supported in Firewall Manager.

Before you begin

  • You have Smart Account Administrator or Virtual Account Administrator privileges on a virtual account that is linked to a controller profile containing the information of the organization you want to onboard.

    For more information about Smart Account and Virtual Account, see Access the Cisco Catalyst SD-WAN Portal.

  • You should know the Organization Name of your Catalyst SD-WAN Manager, as it will be required during the onboarding process.

    1. Log in to your Catalyst SD-WAN Manager.

    2. Choose Administration > Settings > System > Organization Name.

      The Organization Name field provides the information. It is a unique identifier used to establish secure control connections within the SD-WAN environment.

  • Ensure easy onboarding is successful with Service Access Authorization enabled.

    1. Log in to your Catalyst SD-WAN Manager.

    2. Choose Administration > Settings > Cloud Services.

    3. Enable Cloud Services, Analytics, and Service Access Authorization.


 

All Secure Router devices managed by the Catalyst SD-WAN Manager, regardless of their Device Status, will be onboarded to Security Cloud Control Firewall Management.

  • You must have either an Admin or Super Admin role on Firewall Manager.

Procedure

1

In the Security Cloud Control platform menu, choose Products > Firewall.

2

Click the icon at the top-right corner of the Catalyst SD-WAN tab.

3

Click the Catalyst SD-WAN Manager tile.

Alternatively, you can use the Get started with Security Cloud Control interface to onboard Cisco Catalyst SD-WAN Manager.
  1. In the top menu, click .

  2. Click the Manage firewalls tab.

  3. Click Onboard on the Catalyst SD-WAN tile.

4

From the Select Organization drop-down list, choose an organization.

The organizations displayed in the list are based on the region where the Firewall Manager is deployed.

5

In the Create label field, enter the desired label and click Connect.

Labels are applied to the device after it is onboarded to Firewall Manager. Labels allow you to group devices and filter them in the Security Devices page.

6

Click Close after verifying the details of the Cisco Catalyst SD-WAN Manager you are onboarding.

In the Services page, the Catalyst SD-WAN shows the onboarded manager.

After a successful onboarding, the following information is displayed in the Firewall Manager:

  • All security objects, security profiles, and NGFW policies. The system displays these imported policies in Manage > Policies > WAN Branch Edge.

  • Secure Router devices and their running configuration.

What to do next

In the Management pane on the right, click Devices to see the onboarded Secure Router devices.