a) If you need to set a static IP address for the Management interface, see
. By default, the Management interface uses DHCP.
You will need to download the new image from a server accessible from the Management interface.
b) Perform the
in the
.
Step 4
For low-touch provisioning,
do not log into the firewall
after reimaging; logging in starts initial setup. Low-touch
provisioning only works on firewalls with fresh installations that have not been set up.
Log Into CDO
CDO uses Cisco Secure Sign-On as its identity provider and Duo Security for multi-factor authentication
(MFA). CDO requires MFA which provides an added layer of security in protecting your user identity.
Two-factor authentication, a type of MFA, requires two components, or factors, to ensure the identity of the
user logging into CDO.
The first factor is a username and password, and the second is a one-time password (OTP), which is generated
on demand from Duo Security.
After you establish your Cisco Secure Sign-On credentials, you can log into CDO from your Cisco Secure
Sign-On dashboard. From the Cisco Secure Sign-On dashboard, you can also log into any other supported
Cisco products.
• If you have a Cisco Secure Sign-On account, skip ahead to
Log Into CDO with Cisco Secure Sign-On,
.
• If you don't have a Cisco Secure Sign-On account, continue to
Create a New Cisco Secure Sign-On
.
Create a New Cisco Secure Sign-On Account
The initial sign-on workflow is a four-step process. You need to complete all four steps.
Before you begin
•
Install DUO Security
―We recommend that you install the Duo Security app on a mobile phone. Review
Duo Guide to Two Factor Authentication: Enrollment Guide
if you have questions about installing Duo.
•
Time Synchronization
―You are going to use your mobile device to generate a one-time password. It
is important that your device clock is synchronized with real time as the OTP is time-based. Make sure
your device clock is set to the correct time.
• Use a current version of Firefox or Chrome.
Procedure
Step 1
Sign Up for a New Cisco Secure Sign-On Account.
a) Browse to
https://sign-on.security.cisco.com
b) At the bottom of the Sign In screen, click
Sign up
.
Cisco Firepower 1100 Getting Started Guide
117
Threat Defense Deployment with CDO
Log Into CDO