SecureX and CDO
The Cisco SecureX platform connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure for a consistent experience that unifies visibility, enables automation, and strengthens your security across network, endpoint, cloud, and applications. By connecting technology in an integrated platform, SecureX delivers measurable insights, desirable outcomes, and unparalleled cross-team collaboration. For more about what SecureX is and what this platform offers, see About SecureX.
Allowing SecureX to access your CDO tenant results in a summarization of device events, including a total count of device as well as a count of devices with errors, devices with conflicts, and devices that may currently be out-of-sync. The summary of events also provides a second window that tallies currently applied policies and the objects associated to those policies. Policies are defined by device-type, and objects are identified via object type.
Multiple steps are required to add a CDO module to the SecureX dashboard. See Add CDO to SecureX for more information.
 Warning |
If you have not already merged your CDO and SecureX accounts, you may not be able to see the events for all of your onboarded devices. We strongly recommend merging your accounts before you create a CDO module in SecureX. See Merge You CDO and SecureX Accounts for more information. |
SecureX Ribbon
The SecureX ribbon is available in CDO whether you create a SecureX account or not. Click the SecureX tab 
located at the bottom of the page to expand the ribbon.
In order to use the ribbon, you need to validate your SecureX account. We strongly recommend using the same authentication login you use to access SecureX. Once the ribbon is authenticated, you can utilize SecureX features directly from CDO.
See the SecureX ribbon documentation for more information.
Troubleshooting SecureX
This experience involves two products; see SecureX Troubleshooting to help identify, resolve, or inquire about issues you might experience.
Merge Your CDO and SecureX Accounts
If you already have a SecureX or Cisco Threat Response (CTR) account, you will need to merge your CDO account and SecureX/CTR account in order for your devices to be registered with SecureX. Your accounts can be merged to the SecureX portal. We strongly recommend merging your accounts before creating a CDO module. Until your accounts are merged, you will not be able to see your device's events in SecureX or benefit from other SecureX features.
See SecureX's Merge Accounts for instructions.
 Note |
If you have accounts on more than one regional cloud, you must merge accounts separately for each regional cloud. |
Add CDO to SecureX
Allow SecureX to access your registered devices and add the CDO module to the SecureX dashboard to see a summary of your device policies and objects alongside the other Cisco platforms in your security portfolio.
Before you begin
We strongly recommend the following action items before connecting SecureX in CDO:
-
You must be at least an Administrator for your SecureX account.
-
You must have a SuperAdmin user role for your CDO tenant.
-
Merge your tenant accounts in Security Service Exchange (SSE) to facilitate tenant communication. See Merge Your CDO and SecureX Accounts for more information.
-
After merging your CDO account with SSE, ensure that you log out of your CDO tenant and log in again.
-
If you have not already done so, configure Cisco Secure Sign-On as your SAML single sign-on identity provider (IdP) and Duo Security for multi-factor authentication (MFA). Both CDO and SecureX use this as an authentication method. See Integrate Your SAML Single Sign-On with Cisco Defense Orchestrator for more information.
Note |
Note: If you have multiple tenants, you must create one module per tenant in SecureX. Each tenant requires a unique API token for authorization. |
Connect SecureX in CDO
After you have merged your SecureX and CDO accounts, you must authorize communication between the two platforms and manually enable the CDO module to be added to the SecureX dashboard. Connect SecureX through the CDO UI and see a summary of your device's policies, event types, object, and more alongside other Cisco platforms in your security portfolio.
Note |
If you already have a CDO module configured in the SecureX dashboard, the Connect Tenant to SecureX option will create a duplicate CDO modules. If you experience this issue, see Troubleshoot SecureX for more information. |
Use the following procedure to procure the API token from CDO and add the CDO module to SecureX:
Procedure
| Step 1 |
Log into CDO. |
| Step 2 |
From the user menu located in the upper right corner, select Settings. |
| Step 3 |
Select the General Settings tab on the left side of the window. |
| Step 4 |
Locate the Tenant Settings section and click Connect SecureX. The browser window redirects you to the SecureX login page. Log into SecureX with the organization credentials you want associated with your CDO tenant. |
| Step 5 |
After you successfully log into SecureX, the browser automatically redirects back to CDO. In the User Management tab of the General Settings page, you will see a new user that includes the name of the organization you logged into SecureX with. This user is read-only and is only used to send data to SecureX. |
Disconnect SecureX in CDO
You can disconnect the communication requests between CDO and the SecureX organization. This option does not remove the organization from SecureX, but it does remove the read-only API user from CDO and the tenant formerly associated with the SecureX organization stops sending event reports.
Note that this does not log the tenant out of the SecureX ribbon in CDO, or disable the ribbon in any way. To log out of the ribbon, you must open a case in Support Case Manager to manually reset the ribbon login. This request logs your tenant out of the ribbon.
Procedure
| Step 1 |
Log into CDO. |
| Step 2 |
From the user menu located in the upper right corner, select Settings. |
| Step 3 |
Select the General Settings tab on the left side of the window. |
| Step 4 |
Locate the Tenant Settings section and click Disconnect SecureX. In the User Management tab of the General Settings page, the read-only user created to send data to SecureX is deleted. |
Add the CDO Tile to SecureX
After you have enabled the CDO module, you can now add the CDO tile to the SecureX dashboard. The product's module accesses status information from CDO and reports the data to the dashboard through two possible tile selections.
Use the following procedure to add the CDO tile to the SecureX dashboard:
Procedure
| Step 1 |
From the SecureX Dashboard tab |
||
| Step 2 |
(Optional) Rename the dashboard.
|
||
| Step 3 |
Select CDO from the list of "Available Tiles" and to expand the option to see the available tiles. Check all the tiles that you want included in your dashboard.
|
||
| Step 4 |
Click Save. |
, click 
Feedback