Cisco Firepower Management Center
This document describes how to integrate Cisco Firepower Management Center with Google Security Operations.
Configure Cisco Firepower Management Center integration in Google Security Operations
For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations.
Integration parameters
| Parameter | Type | Default value | Mandatory | Description |
|---|---|---|---|---|
| API Root | String | N/A | Yes | API root of the Cisco Firepower Management Center instance. |
| Username | String | N/A | Yes | The email address of the user. |
| Password | String | N/A | Yes | The user account password. |
| Verify SSL | Checkbox | Checked | No | If enabled, verifies if the SSL certificate for the connection to the Cisco Firepower Management Center server is valid. |
Actions
Block Address
Block an IP address by assigning it to a network group attached to a policy
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Network Group Name | String | N/A | Network object name. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Block Port
Block a port that is assigned to a port group that is attached to a policy.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Port Group Name | String | N/A | Name of the port object group. |
| Port | String | N/A | Port to block Example: 9856 |
| Port Protocol | String | N/A | Target port protocol Example: TCP |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Block URL
Block the URL by assigning it to a set of URLs attached to it.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| URL Group Name | String | N/A | URL group object name. |
Use cases
N/A
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Get Addresses List by Name
Get a list of blocked addresses by its name in a particular group of networks.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Network Group Name | String | N/A | The name of the needed network group. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| addresses_list | True/False | addresses_list:False |
JSON Result
N/A
Get Ports List by Name
Get a list of blocked ports by its name for a particular group.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Port Group Name | String | N/A | The name of the needed ports group. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| ports_list | N/A | N/A |
JSON Result
N/A
Get URL List by Name
Get a list of URLs by its name from a specific group.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| URL Group Name | String | N/A | The name of the needed URL group. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| urls_list | N/A | N/A |
JSON Result
N/A
Ping
Test Connectivity.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is succeed | True/False | is_succeed:False |
JSON Result
N/A
Unblock Address
Unblock an address in Cisco Firepower.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Network Group Name | String | N/A | Network object name. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Unblock Port
Remove a port from a group of blocked ports.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Port Group Name | String | N/A | Name of the port object group. |
| Port | String | N/A | Target port Example: 9856 |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Unblock URL
Remove a URL from a group of blocked URLs.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| URL Group Name | String | N/A | URL group object name. |
Use cases
N/A
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Need more help? Get answers from Community members and Google SecOps professionals.