Cisco Adaptive Security Appliance (ASA) Software is the core operating system that powers the Cisco ASA family. It delivers enterprise-class firewall capabilities for ASA devices in an array of form factors - standalone appliances, blades, and virtual. ASA Software also integrates with other critical security technologies to deliver comprehensive solutions that meet continuously evolving security needs.
This document provides information about the Cisco ASA connector, which facilitates automated interactions, with a Cisco ASA server using FortiSOAR™ playbooks. Add the Cisco ASA connector as a step in FortiSOAR™ playbooks and perform automated operations, such as listing the current VPN sessions and blocking or unblocking IP addresses.
Connector Version: 1.0.0
Compatibility with FortiSOAR™ Versions: 4.9.0.0-708 and later
Compatibility with Cisco ASA Versions: 2.1.0 and later
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, select the Cisco ASA connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | FQDN of IP of the Cisco ASA server to which you will connect and perform the automated operations. |
Username | Username used to connect to the Cisco ASA server to which you will connect and perform automated operations. |
Password | Password used to connect to the Cisco ASA server to which you will connect and perform automated operations. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. Defaults to True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Get Version | Retrieves the software version of the Cisco ASA server you have specified. | get_version Investigation |
Block IP | Blocks the IP address you have specified. | block_ip Containment |
Unblock IP | Unblocks the IP address you have specified. | unblock_ip Remediation |
List Sessions | Lists the current VPN sessions running on the Cisco ASA server you have specified. | list_sessions Investigation |
Terminate Sessions | Terminates all VPN sessions of the user you have specified. | terminate_sessions Remediation |
None
The JSON output contains the software version of the Cisco ASA server you have specified.
Following image displays a sample output:
Parameter | Description |
---|---|
Destination IP Address | Destination IP address that you want to block. If for a specific destination IP address you want to block all source IP addresses then specify any in this field. |
Source IP Address | Source IP address that you want to block. If for a specific source IP address you want to block all destination IP addresses then specify any in this field.Note: You cannot enter any for both source and destination IP addresses. |
Rule Direction | The direction in which the access list rules work, i.e whether you want to block communication from source to destination (Out) or from destination to source (In). |
Access List Name | Name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name To Apply The Rule On | Name of the interface on which you want to apply the rule. |
The JSON output contains a Success
message if the IP is blocked successfully or an Error
message containing the reason for failure.
Following image displays a sample output:
Parameter | Description |
---|---|
Destination IP Address | Destination IP address that you want to unblock. If for a specific destination IP address you want to unblock all source IP addresses then specify any in this field. |
Source IP Address | Source IP address that you want to unblock. If for a specific source IP address you want to unblock all destination IP addresses then specify any in this field.Note: You cannot enter any for both source and destination IP addresses. |
Rule Direction | The direction in which the access list rules work, i.e whether you want to unblock communication from source to destination (Out) or from destination to source (In). |
Access List Name | Name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name To Apply The Rule On | Name of the interface on which you want to apply the rule. |
The JSON output contains a Success
message if the IP is unblocked successfully or an Error
message containing the reason for failure.
Following image displays a sample output:
None
The JSON output contains a list of the current VPN sessions running on the Cisco ASA server you have specified.
Following image displays a sample output:
Parameter | Description |
---|---|
Username | Name of the user whose session you want to terminate. |
The JSON output contains a Success
message if the sessions of the specified user are successfully terminated or an Error
message containing the reason for failure.
Following image displays a sample output:
The Sample-CiscoASA-1.0.0
playbook collection comes bundled with the Cisco ASA connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ASA connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
Cisco Adaptive Security Appliance (ASA) Software is the core operating system that powers the Cisco ASA family. It delivers enterprise-class firewall capabilities for ASA devices in an array of form factors - standalone appliances, blades, and virtual. ASA Software also integrates with other critical security technologies to deliver comprehensive solutions that meet continuously evolving security needs.
This document provides information about the Cisco ASA connector, which facilitates automated interactions, with a Cisco ASA server using FortiSOAR™ playbooks. Add the Cisco ASA connector as a step in FortiSOAR™ playbooks and perform automated operations, such as listing the current VPN sessions and blocking or unblocking IP addresses.
Connector Version: 1.0.0
Compatibility with FortiSOAR™ Versions: 4.9.0.0-708 and later
Compatibility with Cisco ASA Versions: 2.1.0 and later
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, select the Cisco ASA connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | FQDN of IP of the Cisco ASA server to which you will connect and perform the automated operations. |
Username | Username used to connect to the Cisco ASA server to which you will connect and perform automated operations. |
Password | Password used to connect to the Cisco ASA server to which you will connect and perform automated operations. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. Defaults to True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Get Version | Retrieves the software version of the Cisco ASA server you have specified. | get_version Investigation |
Block IP | Blocks the IP address you have specified. | block_ip Containment |
Unblock IP | Unblocks the IP address you have specified. | unblock_ip Remediation |
List Sessions | Lists the current VPN sessions running on the Cisco ASA server you have specified. | list_sessions Investigation |
Terminate Sessions | Terminates all VPN sessions of the user you have specified. | terminate_sessions Remediation |
None
The JSON output contains the software version of the Cisco ASA server you have specified.
Following image displays a sample output:
Parameter | Description |
---|---|
Destination IP Address | Destination IP address that you want to block. If for a specific destination IP address you want to block all source IP addresses then specify any in this field. |
Source IP Address | Source IP address that you want to block. If for a specific source IP address you want to block all destination IP addresses then specify any in this field.Note: You cannot enter any for both source and destination IP addresses. |
Rule Direction | The direction in which the access list rules work, i.e whether you want to block communication from source to destination (Out) or from destination to source (In). |
Access List Name | Name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name To Apply The Rule On | Name of the interface on which you want to apply the rule. |
The JSON output contains a Success
message if the IP is blocked successfully or an Error
message containing the reason for failure.
Following image displays a sample output:
Parameter | Description |
---|---|
Destination IP Address | Destination IP address that you want to unblock. If for a specific destination IP address you want to unblock all source IP addresses then specify any in this field. |
Source IP Address | Source IP address that you want to unblock. If for a specific source IP address you want to unblock all destination IP addresses then specify any in this field.Note: You cannot enter any for both source and destination IP addresses. |
Rule Direction | The direction in which the access list rules work, i.e whether you want to unblock communication from source to destination (Out) or from destination to source (In). |
Access List Name | Name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name To Apply The Rule On | Name of the interface on which you want to apply the rule. |
The JSON output contains a Success
message if the IP is unblocked successfully or an Error
message containing the reason for failure.
Following image displays a sample output:
None
The JSON output contains a list of the current VPN sessions running on the Cisco ASA server you have specified.
Following image displays a sample output:
Parameter | Description |
---|---|
Username | Name of the user whose session you want to terminate. |
The JSON output contains a Success
message if the sessions of the specified user are successfully terminated or an Error
message containing the reason for failure.
Following image displays a sample output:
The Sample-CiscoASA-1.0.0
playbook collection comes bundled with the Cisco ASA connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ASA connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.