Fortinet Document Library

Version:


Table of Contents

McAfee Network Security Manager

1.0.0
Copy Link

About the connector

McAfee Network Security Manager is an advanced solution for up to six McAfee Network Security Platform sensors, McAfee Network Access Control appliances, or McAfee Network Threat Behavior Analysis appliances deployed in small and medium-size networks and enterprise branch offices.

This document provides information about the McAfee Network Security Manager connector, which facilitates automated interactions with McAfee Network Security Manager using FortiSOAR™ playbooks. Add the McAfee Network Security Manager connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving details for a specific domain from McAfee Network Security Manager and creating a new domain in McAfee Network Security Manager.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

 

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-mcafee-network-security-manager

For the detailed procedure to install a connector, click here.

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Create Domain Creates a new domain in McAfee Network Security Manager. add_domain
Investigation
Update Domain Updates details for an existing domain in McAfee Network Security Manager. update_domain
Investigation
Get Domain Details Retrieves details for an existing domain from McAfee Network Security Manager, based on the domain ID you have specified. get_domain_details
Investigation
Delete Domain Deletes an existing domain from McAfee Network Security Manager, based on the domain ID you have specified. delete_domain
Investigation
Get ALL Domains Retrieves a list of all domains present in McAfee Network Security Manager. get_domains
Investigation
Get Domain Sensors Retrieves a list of all sensors in a specified domain from McAfee Network Security Manager, based on the domain ID you have specified. get_domain_sensors
Investigation
Get Sensor Details Retrieves details of a specified sensor from McAfee Network Security Manager, based on the sensor ID you have specified. get_sensor_details
Investigation
Get Domain Firewall Policies Retrieves firewall policies in a specified domain from McAfee Network Security Manager, based on the domain ID you have specified. list_policies
Investigation
Get Policy Details Retrieves details of a specified firewall policy from McAfee Network Security Manager, based on the policy ID you have specified. get_policy_details
Investigation
Delete Policy Deletes a specified firewall policy from McAfee Network Security Manager, based on the policy ID you have specified. delete_policy
Investigation
Block IP Blocks an IP address on McAfee Network Security Manager. block_ip
Investigation
Unblock IP Unblocks an IP address on McAfee Network Security Manager. unblock_ip
Investigation

 

Included playbooks

The Sample - McAfee Network Security Manager - 1.0.0 playbook collection comes bundled with the McAfee Network Security Manager connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the McAfee Network Security Manager connector.

 

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

 

About the connector

McAfee Network Security Manager is an advanced solution for up to six McAfee Network Security Platform sensors, McAfee Network Access Control appliances, or McAfee Network Threat Behavior Analysis appliances deployed in small and medium-size networks and enterprise branch offices.

This document provides information about the McAfee Network Security Manager connector, which facilitates automated interactions with McAfee Network Security Manager using FortiSOAR™ playbooks. Add the McAfee Network Security Manager connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving details for a specific domain from McAfee Network Security Manager and creating a new domain in McAfee Network Security Manager.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

 

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-mcafee-network-security-manager

For the detailed procedure to install a connector, click here.

 

Configuring the connector

For the procedure to configure a connector, click here.

 

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

 

Function Description Annotation and Category
Create Domain Creates a new domain in McAfee Network Security Manager. add_domain
Investigation
Update Domain Updates details for an existing domain in McAfee Network Security Manager. update_domain
Investigation
Get Domain Details Retrieves details for an existing domain from McAfee Network Security Manager, based on the domain ID you have specified. get_domain_details
Investigation
Delete Domain Deletes an existing domain from McAfee Network Security Manager, based on the domain ID you have specified. delete_domain
Investigation
Get ALL Domains Retrieves a list of all domains present in McAfee Network Security Manager. get_domains
Investigation
Get Domain Sensors Retrieves a list of all sensors in a specified domain from McAfee Network Security Manager, based on the domain ID you have specified. get_domain_sensors
Investigation
Get Sensor Details Retrieves details of a specified sensor from McAfee Network Security Manager, based on the sensor ID you have specified. get_sensor_details
Investigation
Get Domain Firewall Policies Retrieves firewall policies in a specified domain from McAfee Network Security Manager, based on the domain ID you have specified. list_policies
Investigation
Get Policy Details Retrieves details of a specified firewall policy from McAfee Network Security Manager, based on the policy ID you have specified. get_policy_details
Investigation
Delete Policy Deletes a specified firewall policy from McAfee Network Security Manager, based on the policy ID you have specified. delete_policy
Investigation
Block IP Blocks an IP address on McAfee Network Security Manager. block_ip
Investigation
Unblock IP Unblocks an IP address on McAfee Network Security Manager. unblock_ip
Investigation

 

Included playbooks

The Sample - McAfee Network Security Manager - 1.0.0 playbook collection comes bundled with the McAfee Network Security Manager connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the McAfee Network Security Manager connector.

 

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.