Commit Migration Changes Manually to Cloud-delivered Firewall Management Center

We recommend that you commit migration changes manually if you are convinced with your changes and not waiting for Cisco Defense Orchestrator to auto commit changes. The Commit Migration Changes window shows the remaining days to commit the migration to cloud-delivered Firewall Management Center or revert the device to on-prem management center. During the evaluation period, you can modify the actions for selected threat defense devices before committing the changes. Once the changes are committed, you can't revoke the actions.

Note

The commit manager changes actions are disabled in the following conditions:

  • The 14-day evaluation period has passed.

  • The threat defense devices have either been reverted to the on-prem management center or deleted from on-prem management center, in which case, no further actions can be taken.

Procedure

Step 1

In the migration jobs page, click the under the Actions column of a completed job.

Step 2

Click Commit Migration Changes. (This link is available only after a job is completed successfully.)

Step 3

Select a device and in the Commit Actions list, choose one of the following actions:

  • Retain on OnPrem FMC for Analytics: After committing the changes, analytics management for selected threat defense devices is retained on the management center.
  • Delete Threat Defense from OnPrem FMC: After committing the changes, the selected devices are removed from the on-prem management center and are available for Cisco Defense Orchestrator to handle the analytics. You must configure the threat defense to send events to Cisco Defense Orchestrator for managing analytics. After the threat defense devices are deleted from the on-prem management center, they cannot be revoked.
  • Revert Manager to OnPrem FMC: After committing the changes, the device management is returned to the on-prem management center from Cisco Defense Orchestrator.
    Note

    • After committing this action, you can't change the management of the device to Cisco Defense Orchestrator again.

      Workaround: You must remove the device from the on-prem management center and onboard it. Then, you can change the management of the device in Cisco Defense Orchestrator.

    • After committing this action, the device does not show an "Out-of-Date" status in the on-prem management center.

      Workaround: On the on premises on-prem management center, deploy the changes to the device.

Step 4

Click Commit executes your specified actions immediately without further confirmation.

On the migration jobs screen, you can expand the job to check the progress of the actions specified.

The migrated devices appear on CDO's Inventory page. These devices can be managed using the cloud-delivered Firewall Management Center portal that is linked to CDO. Ensure you deploy the changes to the devices from cloud-delivered Firewall Management Center.