Firepower Threat Defense Deployment with CDO and Low-Touch Provisioning
• After you complete this task, your CDO administrator will be able to configure and manage the Firepower
CDO Administrator Onboarding and Management
After the remote branch administrator sends the serial number information to the central headquarters, the
CDO administrator onboards the FTD to CDO. When you onboard the firewall in CDO using the serial number,
the firewall is associated with your CDO tenant in the Cisco cloud.
After the branch office administrator cables and powers on the FTD, the firewall connects to the Cisco cloud,
and CDO syncs the firewall's configuration automatically.
You can then license your firewall, and configure and manage your firewall with CDO.
Log Into CDO
CDO uses Cisco Secure Sign-On as its identity provider and Duo Security for multi-factor authentication
(MFA). CDO requires MFA which provides an added layer of security in protecting your user identity.
Two-factor authentication, a type of MFA, requires two components, or factors, to ensure the identity of the
user logging into CDO.
The first factor is a username and password, and the second is a one-time password (OTP), which is generated
on demand from Duo Security.
After you establish your Cisco Secure Sign-On credentials, you can log into CDO from your Cisco Secure
Sign-On dashboard. From the Cisco Secure Sign-On dashboard, you can also log into any other supported
Cisco products.
• If you have a Cisco Secure Sign-On account, skip ahead to
• If you don't have a Cisco Secure Sign-On account, see
Create a New Cisco Secure Sign-On Account
The initial sign-on workflow is a four-step process. You need to complete all four steps.
Before you begin
• Install DUO Security―We recommend that you install the Duo Security app on a mobile phone. Review
• Time Synchronization―You are going to use your mobile device to generate a one-time password. It
• Use a current version of Firefox or Chrome.
All manuals and user guides at all-guides.com
device remotely. You're done.
on page
14.
page
11.
Duo Guide to Two Factor Authentication: Enrollment Guide
is important that your device clock is synchronized with real time as the OTP is time-based. Make sure
your device clock is set to the correct time.
CDO Administrator Onboarding and Management
Log Into CDO with Cisco Secure Sign-On,
Create a New Cisco Secure Sign-On Account, on
if you have questions about installing Duo.
Cisco Firepower 1010 Getting Started Guide
11