Onboard an On-Premises Management Center to Security Cloud Control Firewall Management

Limitations and Guidelines

These are the limitations applicable to onboarding an on-premises management center:

• Onboarding an on-premises management center also onboards all of the devices registered to the on-premises management center. Be aware that if a managed device is disabled, or unreachable, Security Cloud Control Firewall Management may display the device in the Security Devices page, but cannot successfully send requests or view device information.

• Onboarding an on-premises management center does not cascade the policies in the on-premises management center to Security Cloud Control Firewall Management or Cloud-Delivered Firewall Management Center. However, you can migrate a Firewall Threat Defense managed by on-premises management center to Cloud-Delivered Firewall Management Center using the inbuilt Migrate FTD to cdFMC feature, which brings all the policies linked to the device. See Migrate Threat Defense to Cloud-delivered Firewall Management Center for more information.

• We recommend creating a new user on the on-premises management center specifically for Security Cloud Control Firewall Management communication that has administrator-level permissions. If you onboard an on-premises management center and then simultaneously log into that on-premises management center with the same login credentials, onboarding fails.

• If you create a new user on the on-premises management center for Security Cloud Control Firewall Management communication, the Maximum Number of Failed Logins for the user configuration must be set to "0".

• For On-Premises Management Centers running version 7.4 and older, if you experience a switchover and the FMC is no longer connected to the cloud, try disabling SecureX and then re-enabling it.