You are here
SEC0225 - ASA Firepower 6.0 Multiple Domain Management (Part 1)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video looks at Multi-Domain Management feature on Cisco ASA Firepower 6.0. We will be building domain hierarchy to demonstrate partitioning of configuration, devices, and policies. We will assign users to different domain level to try to understand the level of visibility while under management of the domain
Part 1 of this video covers creation of the first domain
Topic:
- Global Domain and Subdomain
- Leaf Domain
- Domain hierarchy and Configuration Inheritance
- User Creation with Domain Assignment
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
3 comments
Global domain only
Hi Metha, is it really necessary to have a domain aside form the global one? For example, CustomerA has two ASA pairs in active/standby with NGIPS modules. They don't need multiple domains since they one entity, but when trying to keep the devices in the global domain, FMC recommends to have the devices in a leaf domain.
Global domain only
It is not necessary to create additional domain if you have no need for separate device management. Staying in global domain should be fine
Thanks for the reply. Indeed,
Thanks for the reply. Indeed, FMC only complaints about a device not being assigned when there's a leaf domain configured.