Updated 4/15/2019: Cisco Releases New ASA to Firepower Threat Defense (FTD) Migration Tool
Update to this post 4/15/2019
Cisco is going to be releasing a new FTD migration tool soon.
Migrating ASA to Firepower Threat Defense with the Firepower Migration Tool, v1.0.0
Cisco has just releases the latest new version of their ASA to FTD Migration tool. Check it out!
The Firepower Migration Tool (Migration Tool) converts the configuration of a supported ASA platform to a supported Firepower Threat Defense platform. With the Migration Tool, you can automate the migration of supported ASA features and policies, but you might need to migrate some features manually.
After you reach the Review and Validate screen, the Migration Tool saves your progress and allows you to resume the migration at a later time. If you close the Migration Tool before that screen, your progress is not saved.
Console
The console opens when you launch the Migration Tool. The console provides detailed information about the progress of each step in the Migration Tool. The contents of the console are also written to the Migration Tool log file.
The console must stay open while the Migration Tool is open and running.
Logs
The Migration Tool creates a log of each migration. The logs include details of what occurs at each step of the migration and can help you determine the cause if a migration fails.
You can find the log files for the Migration Tool in the following location: <migration_tool_folder>\log
Resources
The Migration Tool saves a copy of the pre-migration and post-migration reports in the Resourcesfolder.
You can find the Resources folder in the following location: <migration_tool_folder>\resources
Unparsed File
The Migration Tool logs information about the configuration lines that it ignored in the unparsed file. This Migration Tool creates this file when it parses the ASA configuration file.
You can find the unparsed file in the following location: <migration_tool_folder>
Search in the Migration Tool
You can search for items in the tables displayed in the Migration Tool, such as those on the Review and Validate screen.
To search for an item in any column or row of the table, click the search icon () above the table and enter the search term in the field. The Migration Tool filters the table rows and displays only those that contain the search term.
To search for an item in a single column, enter the search term in the field at the top of the column below the column title. The Migration Tool filters the table rows and displays only those that match the search term.
Licensing for the Migration Tool
The Migration Tool is free and does not require a license. However, for the Migration Tool to push the configuration to Firepower Management Center, it must have the required licenses for the related Firepower Threat Defense features.
You can finds more about the tool here:
Hi Todd,
Is the tool any good? Is it safe to use on a customer(or does stuff disappear etc)?
Yes, it is okay. I am not a fan of migration myself, as all of my customers had pain after a migration and they all wish they would have just done a clean install.
Get an ASA configuration, and practice putting this on a FTD device. You can either just copy the configuration from a .txt file or connect the ASA and push is over.
The new tool does not allow you to put rules in the prefilter any more as the old one did.
So if you can do a fresh install, do that, if not then test with this new tool first if you can.
thanks!
Todd
Hi Todd
Can the tool be used with FMCv or just FMC?
yes, any FMC, hardware or virtual. I recommend doing clean installs if you can.