Cisco FirePower delivers an integrated threat defense across the entire attack continuum - before, during, and after an attack. It combines the proven security capabilities of the Cisco ASA Firewall with industry-leading Sourcefire threat and advanced malware protection features in a single device.
Connect Cisco FirePower with Devo SOAR
Navigate to Automations > Integrations.
Search for Cisco FirePower.
Click Details, then the + icon. Enter the required information in the following fields.
Label: Enter a connection name.
Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
Remote Agent: Run this integration using the Devo SOAR Remote Agent.
URL: URL of Cisco Firepower Management Center instance.
Username: Username of Cisco Firepower Management Center instance.
Password: Password of Cisco Firepower Management Center instance.
After you've entered all the details, click Connect.
Actions for Cisco FirePower
Block URL or IP
Blocks a URL or IP on a firewall.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
|---|---|---|
URL Group ID | ID of URL Group in which URL or IP has to be added. | Required |
URL/IP | Column name from parent table that contains URL or IP to block. | Required |
Release Notes
v3.0.0- Updated architecture to support IO via filesystemv2.0.1- Added documentation link in the automation library.