Login

Cisco Security Cloud Control Administration Guide

About Cisco Security Cloud Control
- Products Managed by Cisco Security Cloud Control
Platform Services for all Products
- Manage Security Devices
- Manage Objects
- Global Search
  - Initiate Full Indexing
  - Perform a Global Search
- Preview and Deploy Configuration Changes for All Devices
- Additional Configuration Assistance
- Integrate Identity Services Engine with Security Cloud Control
- Organization Notification Settings
- Security Cloud Control Platform Navigator
- Give us your Feedback
Managing Organizations
- Setting a Region for an Organization
- Create an Organization
- Rename an organization
- Switch organizations
- Cisco Support Access to your Organization
  - Enable Cisco Support Access
  - Disable support access
Managing Products and Subscriptions
- Overview of Subscription Process
- Single Product Instance in an Organization
- Claim a Subscription
- Activate a Product Instance
  - Activate an Inactive Product Instance
  - Activate an Externally Managed Product Instance
  - Activation Code to Activate Externally Managed Product Instance
  - Activate a Product Instance with Further Inputs
- View Product Subscription Details
- Deactivate a Product Instance
Onboard Devices to Security Cloud Control
- Secure ASA Onboarding Methods
- Secure Firewall Threat Defense Onboarding Methods
- On-Premises Firewall Management Center Onboarding Methods
- Meraki Security Appliance Onboarding Methods
- Cisco IOS Device Onboarding Methods
- Secure Firewall Chassis Manager Onboarding Methods
- AWS Virtual Private Cloud Onboarding Methods
- Cisco Umbrella Organization Onboarding Methods
Managing Role-Based Access Control
- Role-Based Access Control in an Organization
  - Managing Users
  - Managing Groups
  - Managing Roles
- Invite a User
- Import Users
- View or Find Users
- Edit a User Name
- Assign Roles to a User
- Add a User to Groups
- Assign Roles to Existing Users
- Remove Role Assignments
- Create a Custom Role
- Edit a Custom Role
- Delete a Custom Role
- Custom Role for Cisco Secure Workload
- Reset Multifactor Authentication Settings
- Reset User Password
- Disable a User Account
- Restore a User Account
- Remove a User Account
- Create a New Group
- Edit a Group Name
- Add Users to a Group
- Assign Roles to Groups
- Remove users from a group
- Delete a Group
- Manage Role Delegation
- Logging the Events
  - View the Activity Log
Managing Domains
- Overview
- Claim and verify a domain
Managing Identity Provider Group Mapping
- Identity Provider Group Map
- Map Identity Provider Group
- Edit an identity provider group mapping
- Link an External Identity Provider
- Delink an External Identity Provider
Integrating Identity Providers
- Prerequisites
- SAML Response Requirements
- Step 1: Initial setup
- Step 2: Provide Security Cloud SAML metadata to your identity provider
- Step 3: Provide SAML metadata from your IdP to Security Cloud
- Step 4: Test your SAML integration
- Step 5: Activate the integration
- Troubleshooting SAML errors
Identity Service Provider Instructions
- Integrating Auth0 with Security Cloud Sign On
- Integrating Microsoft Entra ID with Security Cloud Sign On
- Integrating Duo with Security Cloud Sign On
- Integrating Google Identity with Security Cloud Sign On
- Integrating Okta with Security Cloud Sign On
- Integrating Ping Identity with Security Cloud Sign On

Platform Secure Firewall Threat Defense Virtual

Activity Manage

Onboard Devices to Security Cloud Control Secure Firewall Threat Defense Onboarding Methods

Last updated: Jul 17, 2025

Secure Firewall Threat Defense Onboarding Methods

Follow these links to procedures that describe ways to onboard a Secure Firewall Threat Defense to Security Cloud Control for management by Cloud-Delivered Firewall Management Center or an On-Premises Firewall Management Center.

Using a CLI Registration Key. Onboard a threat defense device using a registration key generated from Security Cloud Control and applied to the device using the command line interface. Available for threat defense versions 7.0.3 and 7.2+. These devices will be managed by Cloud-Delivered Firewall Management Center.
Onboard several threat defense devices using Zero Touch Provisioning. These devics must be freshly installed and have never been logged into using either the device CLI, a management center, or the device manager. This onboarding method is available for threat defense versions 7.4+. These devices will be managed by Cloud-Delivered Firewall Management Center.
Onboard the threat defense device using its serial number. Onboard a newly fatory-shipped threat defense version 7.2+ device to a cloud-delivered Firewall Management Center or to a version 7.4+ On-Premises Firewall Management Center using zero-touch provisioning.
Deploy a virtual threat defense device to a cloud environment to one of these supported cloud platforms: Amazon Web Services (AWS), Google Cloud Platform (GCP), or Microsoft Azure.

Previous topic Secure ASA Onboarding Methods Next topic On-Premises Firewall Management Center Onboarding Methods