SonicWall-Beta
Integration version: 2.0
Product Use Cases
Perform management actions - add or remove IP from SonicWall Group, add URL to URI Lists/Groups.
Authentication
You cannot authenticate to both the API and the Web UI at the same time. Make sure you have logged out of the Web UI before using the integration.
Configure SonicWall integration in Google Security Operations SOAR
For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.
Actions
Ping
Description
Test connectivity to the SonicWall with parameters provided at the integration configuration page in the Google Security Operations Marketplace tab.
Parameters
N/A
Playbook Use Cases Examples
The action is used to test connectivity at the integration configuration page in the Google Security Operations Marketplace tab, and it can be executed as a manual action, not used in playbooks.
Run On
The action doesn't run on entities, and does not have mandatory input parameters.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Add IP to Address Group
Description
Add an IP address to specific SonicWall Address Group. Note that successful action execution commits all uncommitted changes.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| Group Name | String | N/A | True | Specify to which group you want to add IP address. Groups that contain unicode characters are not supported. |
| IP Zone | String | N/A | True | Specify the zone of the IP address that you want to add. |
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Remove IP from Address Group
Description
Remove IP address from specific SonicWall Address Group. Note that successful action execution commits all uncommitted changes.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| Group Name | String | N/A | True | Specify from which group you want to remove the IP address. Groups that contain unicode characters are not supported. |
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
List Address Groups
Description
List SonicWall Address Groups.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| Address Type | Dropdown |
IPv4 Possible values: IPv6 All |
False | Specify which address type should be used for address groups. |
| Max Address Groups To Return | Int | 100 | False | Specify how many address groups to return. |
Run On
The action doesn't run on entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
{
"address_groups": [
{
"ipv4": {
"name": "Public Mail Server Address Group",
"uuid": "601b29f9-6c3b-18c3-0200-00401038b139"
}
},
{
"ipv4": {
"name": "Default Trusted Relay Agent List",
"uuid": "d4590e52-b145-5835-0200-00401038b139"
}
},
{
"ipv4": {
"name": "McAfee Client AV Enforcement List",
"uuid": "4f555370-3660-3aee-0200-00401038b139"
}
},
{
"ipv4": {
"name": "Excluded from McAfee Client AV Enforcement List",
"uuid": "3d7ead85-d36b-51de-0200-00401038b139"
}
},
{
"ipv4": {
"name": "Kaspersky Client AV Enforcement List",
"uuid": "5d7701ac-4247-ffb4-0200-00401038b139"
}
},
{
"ipv4": {
"name": "Excluded from Kaspersky Client AV Enforcement List",
"uuid": "98ea70c8-d3e0-7584-0200-00401038b139"
}
},
{
"ipv4": {
"name": "Excluded from Client AV Enforcement List",
"uuid": "fe0a4372-936f-1747-0200-00401038b139"
}
},
{
"ipv4": {
"name": "Capture Client Enforcement List",
"uuid": "6878046d-34a8-deda-0200-00401038b139"
}
},
{
"ipv4": {
"name": "Excluded from DPI-SSL Enforcement List",
"uuid": "354a69f3-0ee5-7d6c-0200-00401038b139"
}
},
{
"ipv4": {
"name": "All X4 Management IP",
"uuid": "e3413593-7f84-9e36-0200-00401038b139",
"address_object": {
"ipv4": [
{
"name": "X4 IP"
}
]
}
}
},
{
"ipv4": {
"name": "All X5 Management IP",
"uuid": "8e9df420-5e71-37f7-0200-00401038b139",
"address_object": {
"ipv4": [
{
"name": "X5 IP"
}
]
}
}
},
{
"ipv4": {
"name": "All X6 Management IP",
"uuid": "a28cfb77-fe27-892e-0200-00401038b139",
"address_object": {
"ipv4": [
{
"name": "X6 IP"
}
]
}
}
},
{
"ipv4": {
"name": "Siemplify Block List",
"uuid": "00000000-0000-0003-0200-00401038b139",
"address_object": {
"ipv4": [
{
"name": "Siemplify 192.168.168.168 DMZ"
},
{
"name": "Dogo"
},
{
"name": "X0 IP"
}
]
}
}
}
]
}
Add URL to URI List
Description
Add URL to specific SonicWall URI List.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| URI List Name | String | N/A | True | Specify to which URI List you want to add the URL. URI Lists that contain unicode characters are not supported. |
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Remove URL from URI List
Description
Remove URL from specific SonicWall URI List.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| URI List Name | String | N/A | True | Specify to which URI List you want to add the URL. URI lists that contain unicode characters are not supported. |
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Add URI List to URI Group
Description
Add URI List to SonicWall URI Group.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| URI List Name | String | N/A | True | Specify which URI List you want to add the URI Group. URI Lists that contain unicode characters are not supported. |
| URI Group Name | String | N/A | True | Specify to which URI Group you want to add the URI List. URI Groups that contain unicode characters are not supported. |
Run On
The action doesn't run on entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
List URI Lists
Description
List SonicWall URI Lists. Requires SonicOS 6.5.3 or higher.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| Max URI Lists To Return | Int | 100 | False | Specify how many URI Lists to return. |
Run On
This action doesn't run on entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
{
"content_filter": {
"uri_list_object": [
{
"name": "Block List",
"uri": [
{
"uri": "example.com"
},
{
"uri": "example.com/news/123.html"
},
{
"uri": "string.com"
},
{
"uri": "string"
}
]
},
{
"name": "Test",
"uri": [
{
"uri": "qweewq"
}
]
}
]
}
}
List URI Groups
Description
List SonicWall URI Groups.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| Max URI Groups To Return | Int | 100 | False | Specify how many URI Groups to return. |
Run On
The action doesn't run on entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
{
"content_filter": {
"uri_list_group": [
{
"name": "URI TEst",
"uri_list_object": [
{
"name": "Block List"
}
]
},
{
"name": "asd",
"uri_list_group": [
{
"name": "URI TEst"
}
],
"uri_list_object": [
{
"name": "Block List"
}
]
}
]
}
}
Create CFS Profile
Description
Create SonicWall CFS Profile. Requires SonicOS 6.5.3 or higher.
Parameters
| Parameter Display Name | Type | Default Value | Is mandatory | Description |
|---|---|---|---|---|
| Name | String | True | Specify the name of the CFS Profile. Unicode characters are not supported. | |
| Allowed URI List or Group | String | False | Specify the allowed URI list or group for the CFS Profile. URI List with unicode characters is not supported. | |
| Forbidden URI List or Group | String | False | Specify the forbidden URI list or group for the CFS Profile. Unicode characters are not supported. | |
| Search Order | DDL | Allowed URI First Possible values: |
True | Specify the search order for the CFS Profile. |
| Operation for Forbidden URI | DDL | Block Possible values: Confirm Passphrase |
True | Specify the operation for forbidden URI for the CFS Profile. |
| Enable Smart Filter | Checkbox | Checked | True | Enable Smart Filter. |
| Enable Google Safe Search | Checkbox | Checked | True | Enable Google Safe Search. |
| Enable Youtube Restricted Mode | Checkbox | Checked | True | Enable Youtube Restricted Mode. |
| Enable Bing Safe Search | Checkbox | Checked | True | Enable Bing Safe Search. |
Run On
This action doesn't run on entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A