Cisco Firepower Management Center

Integration version: 6.0

Configure Cisco Firepower Management Center integration in Google Security Operations SOAR

For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.

Integration parameters

Parameter	Type	Default value	Mandatory	Description
API Root	String	N/A	Yes	API root of the Cisco Firepower Management Center instance.
Username	String	N/A	Yes	The email address of the user.
Password	String	N/A	Yes	The user account password.
Verify SSL	Checkbox	Checked	No	If enabled, verifies if the SSL certificate for the connection to the Cisco Firepower Management Center server is valid.

Actions

Block Address

Block an IP address by assigning it to a network group attached to a policy

Parameters

Parameter Name	Type	Default Value	Description
Network Group Name	String	N/A	Network object name.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
is_succeed	True/False	is_succeed:False

JSON Result

N/A

Block Port

Block a port that is assigned to a port group that is attached to a policy.

Parameters

Parameter Name	Type	Default Value	Description
Port Group Name	String	N/A	Name of the port object group.
Port	String	N/A	Port to block Example: 9856
Port Protocol	String	N/A	Target port protocol Example: TCP

Parameter Name

Type

Default Value

Description

Port Group Name

String

N/A

Name of the port object group.

Port

String

N/A

Port to block

Example: 9856

Port Protocol

String

N/A

Target port protocol

Example: TCP

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
is_succeed	True/False	is_succeed:False

JSON Result

N/A

Block URL

Block the URL by assigning it to a set of URLs attached to it.

Parameters

Parameter Name	Type	Default Value	Description
URL Group Name	String	N/A	URL group object name.

Use cases

N/A

Run On

This action runs on the URL entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
is_succeed	True/False	is_succeed:False

JSON Result

N/A

Get Addresses List by Name

Get a list of blocked addresses by its name in a particular group of networks.

Parameters

Parameter Name	Type	Default Value	Description
Network Group Name	String	N/A	The name of the needed network group.

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
addresses_list	True/False	addresses_list:False

JSON Result

N/A

Get Ports List by Name

Get a list of blocked ports by its name for a particular group.

Parameters

Parameter Name	Type	Default Value	Description
Port Group Name	String	N/A	The name of the needed ports group.

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
ports_list	N/A	N/A

JSON Result

N/A

Get URL List by Name

Get a list of URLs by its name from a specific group.

Parameters

Parameter Name	Type	Default Value	Description
URL Group Name	String	N/A	The name of the needed URL group.

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
urls_list	N/A	N/A

JSON Result

N/A

Ping

Test Connectivity.

Parameters

N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
is succeed	True/False	is_succeed:False

JSON Result

N/A

Unblock Address

Unblock an address in Cisco Firepower.

Parameters

Parameter Name	Type	Default Value	Description
Network Group Name	String	N/A	Network object name.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
is_succeed	True/False	is_succeed:False

JSON Result

N/A

Unblock Port

Remove a port from a group of blocked ports.

Parameters

Parameter Name	Type	Default Value	Description
Port Group Name	String	N/A	Name of the port object group.
Port	String	N/A	Target port Example: 9856

Parameter Name

Type

Default Value

Description

Port Group Name

String

N/A

Name of the port object group.

Port

String

N/A

Target port

Example: 9856

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
is_succeed	True/False	is_succeed:False

JSON Result

N/A

Unblock URL

Remove a URL from a group of blocked URLs.

Parameters

Parameter Name	Type	Default Value	Description
URL Group Name	String	N/A	URL group object name.

Use cases

N/A

Run On

This action runs on the URL entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
is_succeed	True/False	is_succeed:False

JSON Result

N/A

Need more help? Get answers from Community members and Google SecOps professionals.