Fortinet Document Library

Version:


Table of Contents

1.0.0
Copy Link

About the connector

Arbor APS is provides DDoS mitigation technology that is proven in critical enterprise and government networks around the globe.

This document provides information about the Arbor APS connector, which facilitates automated interactions with Arbor APS using FortiSOAR™ playbooks. Add the Arbor APS connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a list of IPs on the outbound Blacklist or Whitelist in Arbor APS and adding an IP Address to the blacklist in Arbor APS.

Version information

Connector Version: 1.0.0

Authored By: Fortinet.

Certified: No

 

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-arbor-aps

For the detailed procedure to install a connector, click here.

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Get List of IPs Retrieves a list of all IP addresses present in the outbound Blacklist or Whitelist in Arbor APS. get_ips
Investigation
Block IP Adds an IP address that you have specified to the blacklist in Arbor APS. block_ip
Containment
Unblock IP Removes an IP address that you have specified from the blacklist in Arbor APS. block_ip
Remediation
Add IP in Whitelist Adds an IP address that you have specified to the whitelist in Arbor APS. add_ip_whitelist
Remediation
Remove IP from Whitelist Removes an IP address that you have specified from the whitelist in Arbor APS. remove_ip_from_whitelist
Containment

 

Included playbooks

The Sample - Arbor APS - 1.0.0 playbook collection comes bundled with the Arbor APS connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Arbor APS connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

 

About the connector

Arbor APS is provides DDoS mitigation technology that is proven in critical enterprise and government networks around the globe.

This document provides information about the Arbor APS connector, which facilitates automated interactions with Arbor APS using FortiSOAR™ playbooks. Add the Arbor APS connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a list of IPs on the outbound Blacklist or Whitelist in Arbor APS and adding an IP Address to the blacklist in Arbor APS.

Version information

Connector Version: 1.0.0

Authored By: Fortinet.

Certified: No

 

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-arbor-aps

For the detailed procedure to install a connector, click here.

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Get List of IPs Retrieves a list of all IP addresses present in the outbound Blacklist or Whitelist in Arbor APS. get_ips
Investigation
Block IP Adds an IP address that you have specified to the blacklist in Arbor APS. block_ip
Containment
Unblock IP Removes an IP address that you have specified from the blacklist in Arbor APS. block_ip
Remediation
Add IP in Whitelist Adds an IP address that you have specified to the whitelist in Arbor APS. add_ip_whitelist
Remediation
Remove IP from Whitelist Removes an IP address that you have specified from the whitelist in Arbor APS. remove_ip_from_whitelist
Containment

 

Included playbooks

The Sample - Arbor APS - 1.0.0 playbook collection comes bundled with the Arbor APS connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Arbor APS connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.