The Secure Firewall Management Center Virtual (formerly Firepower Management Center Virtual) Appliance brings full firewall functionality to virtualized environments to secure data center traffic and multi-tenant environments. The management center virtual can manage physical and the Secure Firewall Threat Defense Virtual (formerly Firepower Threat Defense Virtual) Appliance brings full, NGIPS, and FirePOWER appliances.
You can find the quick start guide in the below link.
KVM is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (such as Intel VT). It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, such as kvm-intel.ko.
Deploy the Management Center Virtual
Use virt-manager, also known as Virtual Machine Manager, to launch the management center virtual. virt-manager is a graphical tool for creating and managing guest virtual machines.
Procedure
Step 1 | Start virt-manager (Applications > System Tools > Virtual Machine Manager).You may be asked to select the hypervisor and/or enter your root password. |
Step 2 | Click the button in the top left corner to open the New VM wizard. |
Step 3 | Enter the virtual machine details:For the operating system, select Import existing disk image.This method allows you to import a disk image (containing a pre-installed, bootable operating system) to it.Click Forward to continue. |
Step 4 | Load the disk image:Click Browse… to select the image file.Choose Use Generic for the OS type.Click Forward to continue. |
Step 5 | Configure the memory and CPU options:Set Memory (RAM) to 28672.Set CPUs to 4.Click Forward to continue. |
Step 6 | Check the Customize configuration before install box, specify a Name, then click Finish.Doing so opens another wizard that allows you to add, remove, and configure the virtual machine’s hardware settings. |
Step 7 | Modify the CPU configuration.From the left panel, select Processor, then select Configuration > Copy host CPU configuration.This applies the physical host’s CPU model and configuration to your virtual machine. |
Step 8 | 8. Configure the Virtual Disk:From the left panel, select Disk 1.Select Advanced options.Set the Disk bus to Virtio.Set the Storage format to qcow2. (If you choose import using the qcow2 extension. The default format will be qcow2) |
Step 9 | Configure a serial console:From the left panel, select Console.Select Remove to remove the default console.Click Add Hardware to add a serial device.For Device Type, select TCP net console (tcp).For Mode, select Server mode (bind).For Host, enter 0.0.0.0 for the IP address and enter a unique Port number.Check the Use Telnet box.Configure device parameters. |
If your Virt-Manager does not the TCP net console you can add the following serial console
Select Add Hardware and select Serial and modify the XML to the following. You need to enable editing in the preference. Change the host ip address and service (port) to your own.
<serial type="tcp">
<source mode="bind" host="127.0.6.1" service="10013" tls="no"/>
<protocol type="telnet"/>
<target type="isa-serial" port="0">
<model name="isa-serial"/>
</target>
<alas name="serial0"/>
</serial>
Step 10 | Configure a watchdog device to automatically trigger some action when the KVM guest hangs or crashes:Click Add Hardware to add a watchdog device.For Model, select default.For Action, select Forcefully reset the guest. |
Step 11 | Configure the virtual network interface.Choose macvtap or specify a shared device name (use a bridge name).Note By default, the management center virtual instance launches with one interface, which you can then configure. In this tutorial I have created a virtual bridge and I will be using that. |
Step 12 | If deploying using a Day 0 configuration file, create a virtual CD-ROM for the ISO:Click Add Hardware.Select Storage.Click Select managed or other existing storage and browse to the location of the ISO file.For Device type, select IDE CDROM. |
Step 13 | After configuring the virtual machine’s hardware, click Apply. |
Step 14 | Click Begin installation for virt-manager to create the virtual machine with your specified hardware settings. |
You should see the FMCv boot up. Login using the default username: admin and password: Admin123. You should be prompted to change the default password if the installation is successful.
Change the password and configure the management LAN information.
In the event that you configure the Management interface IP address wrongly. You can initiate the wizard from the linux shell. You can refer to the Command line guide to see the commands to change the parameters from both the command line or FXOS.
# Enter the expert mode
expert
# Change user to admin
sudo su
# Enter the password of admin that you have configured.
# Call the following script configure-network from the /usr/local/sf/bin/
/usr/local/sf/bin/configure-network
# This will launch the wizard and allow you to reconfigure the management interface IP Address.
Now you can login to the Web Interface of the FMCv
You can try out the FMCv by selecting the “Start 90-day evaluation period without registration” to try out the FMCv.
You can now proceed to configure the Secure Firewall Management Center (FMC).