Cisco ASA connector that you can use to Get Version of the device, Block and Unblock IP Address, List and Terminate Sessions etc.
This document provides information about the Cisco ASA Connector, which facilitates automated interactions, with a Cisco ASA server using FortiSOAR™ playbooks. Add the Cisco ASA Connector as a step in FortiSOAR™ playbooks and perform automated operations with Cisco ASA.
Connector Version: 2.0.1
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Cisco ASA Connector in version 2.0.1:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum
command as a root user to install the connector:
yum install cyops-connector-cisco-asa
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Cisco ASA connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
Parameter | Description |
---|---|
Server URL | Fully Qualified Domain Name (FQDN) or IP of the Cisco ASA server to connect and perform the automated operations. |
Username | Username used to connect to the Cisco ASA server to connect and perform automated operations. |
Password | Password used to connect to the Cisco ASA server to connect and perform automated operations. |
Context Mode | Specify the context mode in which you want to run this connector configuration. You can choose from following options:
|
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set to True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
Function | Description | Annotation and Category |
---|---|---|
Get Version | Retrieves the software version of the Cisco ASA server specified in configuration parameters. | get_version Investigation |
Block IP | Blocks the IP address on the Cisco ASA server based on the source IP address, destination IP address, rule direction, and other input parameters you have specified. | block_ip Containment |
Unblock IP | Unblocks the IP address on the Cisco ASA server based on the source IP address, destination IP address, rule direction, and other input parameters you have specified. | unblock_ip Remediation |
List Sessions | Lists current VPN sessions running on the Cisco ASA server specified in the configuration parameters. | list_sessions Investigation |
Terminate Sessions | Terminates all VPN sessions of the specified user from the Cisco ASA server specified in the configuration parameters. | terminate_sessions Remediation |
Get Network Group | Retrieves details of network objects or groups from the Cisco ASA server specified in the configuration parameters. | get_network_group Investigation |
Update Network Group | Updates a specific network object group in the Cisco ASA server by adding or removing a specified IP address from the network group specified. | update_group Containment |
Run Custom Commands | Run custom commands on the Cisco ASA server. | run_custom_commands Containment |
None.
The output contains the following populated JSON schema:
{
"command": "",
"output": "",
"status": ""
}
Parameter | Description |
---|---|
Destination IP Address | Specify the destination IP address that you want to block. Specify any in this field to block all source IP addresses for a specific destination IP address. |
Source IP Address | Specify the source IP address that you want to block. Specify any in this field to block all destination IP addresses for a specific source IP address.NOTE: Do not enter any for both source and destination IP addresses. |
Rule Direction | Specify the direction in which you want the access list rules to work, i.e whether you want to block communication from source to destination (Out ) or from destination to source (In ) or both. |
Access List Name | Specify the name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name to Apply the Rule on | Specify the name of the interface on which to apply the rule. |
The output contains the following populated JSON schema:
{
"message": ""
}
Parameter | Description |
---|---|
Destination IP Address | Specify the destination IP address that you want to unblock. Specify any in this field to unblock all source IP addresses for a specific destination IP address. |
Source IP Address | Specify the source IP address that you want to unblock. Specify any in this field to unblock all destination IP addresses for a specific source IP address.NOTE: Do not enter any for both source and destination IP addresses. |
Rule Direction | Specify the direction in which you want the access list rules to work, i.e whether you want to unblock communication from source to destination (Out ), destination to source (In ), or both (Both ). |
Access List Name | Specify the name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name to Apply the Rule on | Specify the name of the interface on which to apply the rule. |
The output contains the following populated JSON schema:
{
"message": ""
}
None.
The output contains the following populated JSON schema:
{
"total_users": "",
"users": []
}
Parameter | Description |
---|---|
Username | Specify the name of the user whose running VPN sessions you want to terminate on Cisco ASA. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Network Group Name | Specify the name of the network group name whose details you want to retrieve from Cisco ASA. |
The output contains the following populated JSON schema:
{
"status": "",
"command": "",
"output": ""
}
Parameter | Description |
---|---|
Network Group Name | Specify the name of the Network group that you want to update in Cisco ASA by adding or removing an IP address from the specified group. |
Method | Select the update action that you want to perform on the specified group. You can choose to Add or Remove an IP address from the specified network group. |
IP Address | Specify the IP address that you want to update in the specified network group. |
The output contains the following populated JSON schema:
{
"status": "",
"command": ""
}
Parameter | Description |
---|---|
Commands | Specify the Cisco ASA custom commands separated by a semicolon(; ) separated. E.g. <command1>;<command2>;<command3> |
The output contains the following populated JSON schema:
{
"message": ""
}
The Sample - Cisco ASA - 2.0.1
playbook collection comes bundled with the Cisco ASA connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ASA connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
Cisco ASA connector that you can use to Get Version of the device, Block and Unblock IP Address, List and Terminate Sessions etc.
This document provides information about the Cisco ASA Connector, which facilitates automated interactions, with a Cisco ASA server using FortiSOAR™ playbooks. Add the Cisco ASA Connector as a step in FortiSOAR™ playbooks and perform automated operations with Cisco ASA.
Connector Version: 2.0.1
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Cisco ASA Connector in version 2.0.1:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum
command as a root user to install the connector:
yum install cyops-connector-cisco-asa
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Cisco ASA connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
Parameter | Description |
---|---|
Server URL | Fully Qualified Domain Name (FQDN) or IP of the Cisco ASA server to connect and perform the automated operations. |
Username | Username used to connect to the Cisco ASA server to connect and perform automated operations. |
Password | Password used to connect to the Cisco ASA server to connect and perform automated operations. |
Context Mode | Specify the context mode in which you want to run this connector configuration. You can choose from following options:
|
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set to True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
Function | Description | Annotation and Category |
---|---|---|
Get Version | Retrieves the software version of the Cisco ASA server specified in configuration parameters. | get_version Investigation |
Block IP | Blocks the IP address on the Cisco ASA server based on the source IP address, destination IP address, rule direction, and other input parameters you have specified. | block_ip Containment |
Unblock IP | Unblocks the IP address on the Cisco ASA server based on the source IP address, destination IP address, rule direction, and other input parameters you have specified. | unblock_ip Remediation |
List Sessions | Lists current VPN sessions running on the Cisco ASA server specified in the configuration parameters. | list_sessions Investigation |
Terminate Sessions | Terminates all VPN sessions of the specified user from the Cisco ASA server specified in the configuration parameters. | terminate_sessions Remediation |
Get Network Group | Retrieves details of network objects or groups from the Cisco ASA server specified in the configuration parameters. | get_network_group Investigation |
Update Network Group | Updates a specific network object group in the Cisco ASA server by adding or removing a specified IP address from the network group specified. | update_group Containment |
Run Custom Commands | Run custom commands on the Cisco ASA server. | run_custom_commands Containment |
None.
The output contains the following populated JSON schema:
{
"command": "",
"output": "",
"status": ""
}
Parameter | Description |
---|---|
Destination IP Address | Specify the destination IP address that you want to block. Specify any in this field to block all source IP addresses for a specific destination IP address. |
Source IP Address | Specify the source IP address that you want to block. Specify any in this field to block all destination IP addresses for a specific source IP address.NOTE: Do not enter any for both source and destination IP addresses. |
Rule Direction | Specify the direction in which you want the access list rules to work, i.e whether you want to block communication from source to destination (Out ) or from destination to source (In ) or both. |
Access List Name | Specify the name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name to Apply the Rule on | Specify the name of the interface on which to apply the rule. |
The output contains the following populated JSON schema:
{
"message": ""
}
Parameter | Description |
---|---|
Destination IP Address | Specify the destination IP address that you want to unblock. Specify any in this field to unblock all source IP addresses for a specific destination IP address. |
Source IP Address | Specify the source IP address that you want to unblock. Specify any in this field to unblock all destination IP addresses for a specific source IP address.NOTE: Do not enter any for both source and destination IP addresses. |
Rule Direction | Specify the direction in which you want the access list rules to work, i.e whether you want to unblock communication from source to destination (Out ), destination to source (In ), or both (Both ). |
Access List Name | Specify the name of the access list that controls access to your network by preventing certain traffic from entering or exiting from your network. |
Interface Name to Apply the Rule on | Specify the name of the interface on which to apply the rule. |
The output contains the following populated JSON schema:
{
"message": ""
}
None.
The output contains the following populated JSON schema:
{
"total_users": "",
"users": []
}
Parameter | Description |
---|---|
Username | Specify the name of the user whose running VPN sessions you want to terminate on Cisco ASA. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Network Group Name | Specify the name of the network group name whose details you want to retrieve from Cisco ASA. |
The output contains the following populated JSON schema:
{
"status": "",
"command": "",
"output": ""
}
Parameter | Description |
---|---|
Network Group Name | Specify the name of the Network group that you want to update in Cisco ASA by adding or removing an IP address from the specified group. |
Method | Select the update action that you want to perform on the specified group. You can choose to Add or Remove an IP address from the specified network group. |
IP Address | Specify the IP address that you want to update in the specified network group. |
The output contains the following populated JSON schema:
{
"status": "",
"command": ""
}
Parameter | Description |
---|---|
Commands | Specify the Cisco ASA custom commands separated by a semicolon(; ) separated. E.g. <command1>;<command2>;<command3> |
The output contains the following populated JSON schema:
{
"message": ""
}
The Sample - Cisco ASA - 2.0.1
playbook collection comes bundled with the Cisco ASA connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Cisco ASA connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.