Cisco ASA 5500-X: Reimaging Essentials for FTD functions

Cisco ASA 5500-X: Reimaging Essentials for FTD functions

If your Cisco ASA is currently running FirePOWER Services as a separate module and you want to deploy Firepower Threat Defense (FTD), you must reimage your ASA with the unified FTD image. This blog discusses the steps required to reimage and troubleshoot any Cisco ASA 5500-X Series hardware.

To reimage ASA hardware with FTD, you need to use more than one type of image on the same hardware. This section describes the purposes of those images.

Figure 1 shows the subsets of a Firepower Threat Defense software image that you install or upgrade on the Cisco ASA 5500-X Series hardware platforms during the FTD reimaging process:

Subsets of a Firepower Threat Defense Software Image 

Figure 1 Subsets of a Firepower Threat Defense Software Image

  •  ROMMON software: The ROMMON software is the firmware of an ASA. In an ASA, you enter the ROMMON mode to perform all the necessary tasks to copy a boot image from an external server. If you are reimaging one of the low-end ASA hardware platforms, such as ASA 5506-X, 5506W-X, 5506H-X, 5508-X, or 5516-X, you must update the firmware to Release 1.1.8 or greater. If you are running one of the midrange ASA hardware platforms, such as 5512-X, 5515-X, 5525-X, 5545-X, or 5555-X, and want to reimage it to the FTD software, you do not need to update the default firmware.
  •  Boot image: The FTD boot image is a subset of the FTD system software. After you load your ASA with an FTD boot image, you can use the CLI of the boot image to prepare your ASA for downloading the FTD system software and beginning the setup.
  •  System software: All the features of FTD are packaged in a system software image. You begin the FTD system software installation from the CLI prompt of the boot image. This is the last step of a basic reimaging process.

Table 1 summarizes various types of software that you might have to install to complete the FTD reimaging process.

Table 1 Software Images Required to Complete an FTD Reimage

 

ROMMON Software

Boot Image

System Software

Purpose

To update the firmware of an ASA.

To load an ASA with the network config, download the system software, and begin setup.

To install the features of the FTD system.

Low-end ASA (5506-X, 5508-X, 5516-X)

Firmware release 1.1.8 or greater is required. Use the *.SPA file to upgrade firmware.

Use a *.lfbff file to load a low-end ASA with the FTD boot image.

Use a *.pkg file to install the FTD system software package. You can use the same system software package on any low-end and midrange ASA hardware models.

Midrange ASA (5512-X, 5515-X, 5525-X, 5545-X, 5555-X)

Not necessary to update the default firmware version.

Use a *.cdisk file to load a midrange ASA with the FTD boot image.

 

 

Вас заинтересует / Intresting for you:

Next-Generation Data Center Co...
Next-Generation Data Center Co... 173 views Masha Tue, 17 Sep 2019, 05:54:21
Cisco Firepower Threat Defense...
Cisco Firepower Threat Defense... 71 views Андрей Волков Sun, 10 Nov 2019, 12:06:37
History and evolution of Cisco...
History and evolution of Cisco... 79 views Андрей Волков Sun, 10 Nov 2019, 12:18:22
Introduction to Google Cloud P...
Introduction to Google Cloud P... 716 views silicon Fri, 12 Oct 2018, 09:05:12

Comments on Cisco ASA 5500-X: Reimaging Essentials for FTD functions

Be the first to comment
Please login to comment