Cisco Firepower Management Center
Cisco Firepower Management Center provides management over firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection.
Assets Types Fetched
- Devices, Networks, Network/Firewall Rules, Network Devices
APIs
- Axonius uses the Firepower Management Center REST API
- Review info about Authentication here.
Required Permissions
The value supplied in User Name must have Devices > Device Management permissions in order to fetch assets.
The following permissions are required in order to enable the advanced configurations:
- Get the device hosts:
- Object Manager
- Fetch firewall rules:
- Object Manager
- Devices
>NAT>NAT List - Policies
>Access Control>Access Control Policy
Parameters
-
Host Name or IP Address (required) - The hostname or IP address of the Cisco Firepower Management Center server.
-
User Name and Password (required) - The credentials for a user account that has the permissions to fetch assets.
-
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
-
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Note
Advanced settings can either apply to all connections for this adapter, or to a specific connection. Refer to Advanced Configuration for Adapters.
-
Get the device hosts - Select this option to retrieve all devices of the type host. When enabled, the adapter fetches data from the
object/hostsAPI endpoint, which returns host objects - network objects representing IP addresses or hosts configured in Firepower.Note
You must have the Object Manager permission to enable this setting.
-
Fetch firewall rules - Select this option to fetch firewall rules. For the permissions required to enable this setting, see Required Permissions.
-
Enrich firewall access rules with hit counts - Select this option to enrich firewall rules with hit-counts-per-rule information.
-
Fetch ARP table from firewall devices - Select this option to ARP table entries from each managed firewall device, including data such as MAC address, IP address, interface, and port information.
Note
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
