⧽ Technology Overview:
Cisco FTD is a threat-focused, next-gen firewall (NGFW) with unified management. It provides advanced threat protection before, during and after attacks.
NGFWs use a variety of capabilities including stateful firewall, static and dynamic routing, next-generation intrusion prevention systems (NGIPS), application visibility and control (AVC), URL filtering, access control to increase security and Zero day file analysis.
When integrated with other Cisco solutions (ISE, AMP, Talos, web and email appliances), it provides a cohesive environment of protection tools that share intelligence and learn.
The command to reset a Cisco Firepower Threat Defense appliance to factory defaults without completely re-imaging the device is configure manager delete. This will erase the entire configuration.
》The only settings NOT erased is the management configuration IP address and routing, therefore the appliance can be re-configured remotely using SSH.《
#1) Connect to the FTD management IP using SSH;
#2) Enter the command "show managers" to confirm the manager configuration;
#3) Enter the command "show interface ip brief" to confirm the current configuration of the data interfaces;
#4) Enter the command "show running-config" to confirm the presence of configuration;
#5) Enter the command "configure manager delete" and cross your fingers;
#6) Type "Yes" to confirmation;
The FTD has now been reset to factory defaults and can be re-configured.
You can safely reset the configuration whilst connected to the management interface via SSH without losing connection!
...wait a minute! ⏳👨💻
#7) Enter the command "show managers" to confirm no manager configured;
#8) Enter the command "show interface ip brief" and "show running-config" and confirm the configuration has been reset;
After the configuration has been reset, the device will need to be setup to use a manager, either locally using FDM or centrally using the FMC.
#9.a) To manage the FTD locally use the command "configure manager local";
#9.b) To manage the FTD via the FMC use the command "configure manager add <FMC IP Address> <Registration Key>".