Fortinet black logo

Cisco Firepower

Home FortiSOAR Connectors Cisco Firepower
1.0.0
3.0.1
3.0.0
2.0.0
1.0.0

Cisco Firepower v1.0.0

About the connector

Cisco Firepower blocks or unblock IPs or networks on a Firepower Network Group Object, which is configured with an ACL.

This document provides information about the Cisco Firepower connector, which facilitates automated interactions with Cisco Firepower using FortiSOAR™ playbooks. Add the Cisco Firepower connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a list currently blocked networks on a Firepower Network Group Object and blocking or unblocking an IP address on a Firepower Network Group Object.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-cisco-firepower

For the detailed procedure to install a connector, click here.

Configuring the connector

For the procedure to configure a connector, click here.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Get Blocked Networks Retrieves a list of all currently blocked networks on a Firepower Network Group Object list_block_ip
Investigation
Block IP Blocks an IP address or network on a Firepower Network Group Object block_ip
Containment
Unblock IP Unblocks an IP address or network on a Firepower Network Group Object unblock_ip
Remediation

Included playbooks

The Sample - Cisco-Firepower - 1.0.0 playbook collection comes bundled with the Cisco Firepower connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco Firepower connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next

About the connector

Cisco Firepower blocks or unblock IPs or networks on a Firepower Network Group Object, which is configured with an ACL.

This document provides information about the Cisco Firepower connector, which facilitates automated interactions with Cisco Firepower using FortiSOAR™ playbooks. Add the Cisco Firepower connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a list currently blocked networks on a Firepower Network Group Object and blocking or unblocking an IP address on a Firepower Network Group Object.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-cisco-firepower

For the detailed procedure to install a connector, click here.

Configuring the connector

For the procedure to configure a connector, click here.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Get Blocked Networks Retrieves a list of all currently blocked networks on a Firepower Network Group Object list_block_ip
Investigation
Block IP Blocks an IP address or network on a Firepower Network Group Object block_ip
Containment
Unblock IP Unblocks an IP address or network on a Firepower Network Group Object unblock_ip
Remediation

Included playbooks

The Sample - Cisco-Firepower - 1.0.0 playbook collection comes bundled with the Cisco Firepower connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco Firepower connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next