- 08 Mar 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
Cisco Stealthwatch
- Updated on 08 Mar 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
Cisco Stealthwatch is an agentless malware detection solution that provides visibility and network traffic security analytics across the extended network, including endpoints, branch, data center, and cloud.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
Parameters
- Cisco SMC Hostname (required) - The hostname or IP address of the Cisco SMC server.
- Tenant identifier (required) - Specify the Tenant ID. Tenant ID is the suffix of domain_[TENANT_ID] that can be found when you run the following command on the Cisco SMC server:
Note: Only the tenant identifier numbers themselves need to be entered into the field.ls -lsa /lancope/var/smc/config/
- User Name and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.
- Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Cisco SMC Hostname. For more details, see SSL Trust & CA Settings.
- If enabled, the SSL certificate offered by the value supplied in Cisco SMC Hostname will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
- If disabled, the SSL certificate offered by the value supplied in Cisco SMC Hostname will not be verified against the CA database inside of Axonius.
- HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Cisco SMC Hostname.
- If supplied, Axonius will utilize the proxy when connecting to the value supplied in Cisco SMC Hostname.
- If not supplied, Axonius will connect directly to the value supplied in Cisco SMC Hostname.
- For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
APIs
Axonius uses Stealthwatch Enterprise REST API Documentation.
Required Ports
HTTPS communication is required between Axonius and the Cisco SMC server.
Required Permissions
The value supplied in User Name must be a read-only user. The user should have access to Cisco Stealthwatch SMC (Management Center) with permissions to view exporters.
Version Matrix
This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.
Version | Supported | Notes |
---|---|---|
Cisco Stealthwatch 6.10 and higher | Yes | |
Cisco Stealthwatch 6.9 and lower | No |