Cisco Firepower Management Center
Integration version: 5.0
Configure Cisco Firepower Management Center integration in Google Security Operations SOAR
For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.
Integration parameters
| Parameter | Type | Default value | Mandatory | Description |
|---|---|---|---|---|
| API Root | String | N/A | Yes | API root of the Cisco Firepower Management Center instance. |
| Username | String | N/A | Yes | The email address of the user. |
| Password | String | N/A | Yes | The user account password. |
| Verify SSL | Checkbox | Checked | No | If enabled, verifies if the SSL certificate for the connection to the Cisco Firepower Management Center server is valid. |
Actions
Block Address
Block an IP address by assigning it to a network group attached to a policy
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Network Group Name | String | N/A | Network object name. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Block Port
Block a port that is assigned to a port group that is attached to a policy.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Port Group Name | String | N/A | Name of the port object group. |
| Port | String | N/A | Port to block Example: 9856 |
| Port Protocol | String | N/A | Target port protocol Example: TCP |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Block URL
Block the URL by assigning it to a set of URLs attached to it.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| URL Group Name | String | N/A | URL group object name. |
Use cases
N/A
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Get Addresses List by Name
Get a list of blocked addresses by its name in a particular group of networks.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Network Group Name | String | N/A | The name of the needed network group. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| addresses_list | True/False | addresses_list:False |
JSON Result
N/A
Get Ports List by Name
Get a list of blocked ports by its name for a particular group.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Port Group Name | String | N/A | The name of the needed ports group. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| ports_list | N/A | N/A |
JSON Result
N/A
Get URL List by Name
Get a list of URLs by its name from a specific group.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| URL Group Name | String | N/A | The name of the needed URL group. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| urls_list | N/A | N/A |
JSON Result
N/A
Ping
Test Connectivity.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is succeed | True/False | is_succeed:False |
JSON Result
N/A
Unblock Address
Unblock an address in Cisco Firepower.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Network Group Name | String | N/A | Network object name. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Unblock Port
Remove a port from a group of blocked ports.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| Port Group Name | String | N/A | Name of the port object group. |
| Port | String | N/A | Target port Example: 9856 |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A
Unblock URL
Remove a URL from a group of blocked URLs.
Parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| URL Group Name | String | N/A | URL group object name. |
Use cases
N/A
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_succeed | True/False | is_succeed:False |
JSON Result
N/A