簡介
本文檔介紹如何在Secure Firewall 7.2上將SecureX與Cisco Secure Firewall整合進行整合和故障排除。
必要條件
需求
思科建議瞭解以下主題:
- Firepower Management Center (FMC)
- 思科安全防火牆
- 選購的影像虛擬化
- 安全防火牆和FMC必須獲得許可
採用元件
- 思科安全防火牆- 7.2
- Firepower管理中心(FMC) - 7.2
- 安全服務交換(SSE)
- SecureX
- 智慧許可證門戶
- 思科威脅回應(CTR)
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路運作中,請確保您瞭解任何指令可能造成的影響。
背景
7.2版包括對Secure Firewall與SecureX和SecureX Orchestration整合的方式的更改:
功能 |
說明 |
增強的SecureX整合、SecureX協調。 |
We have streamlined the SecureX integration process. Now, as long as you already have a SecureX account, you just choose your cloud region on the new Integration > SecureX page, click Enable SecureX, and authenticate to SecureX. The option to send events to the cloud, as well as to enable Cisco Success Network and Cisco Support Diagnostics, are also moved to this new page. When you enable SecureX integration on this new page, licensing and management for the systems's cloud connection switches from Cisco Smart Licensing to SecureX. If you already enabled SecureX the "old" way, you must disable and re-enable to get the benefits of this cloud connection management. Note that this page also governs the cloud region for and event types sent to the Secure Network Analytics (Stealthwatch) cloud using Security Analytics and Logging (SaaS), even though the web interface does not indicate this. Previously, these options were on System > Integration > Cloud Services. Enabling SecureX does not affect communications with the Secure Network Analytics cloud; you can send events to both. The management center also now supports SecureX orchestration—a powerful drag-and-drop interface you can use to automate workflows across security tools. After you enable SecureX, you can enable orchestration.
|
請參閱7.2完整發行版本註釋以檢查此發行版本中包含的所有功能。
設定
開始整合之前,請確定您的環境允許這些URL:
美國地區
- api-sse.cisco.com
- eventing-ingest.sse.itd.cisco.com
歐盟地區
- api.eu.sse.itd.cisco.com
- eventing-ingest.eu.sse.itd.cisco.com
APJ地區
- api.apj.sse.itd.cisco.com
- eventing-ingest.apj.sse.itd.cisco.com
步驟1.開始整合登入到FMC。轉至Integration>SecureX,選擇要連線的區域(美國、歐盟或APJC),選擇要轉發到SecureX的事件型別,然後選擇Enable SecureX:
注意,只有選擇 Save 後,更改才會應用。
步驟 2.選擇儲存後,您將被重定向到「已在SecureX帳戶中授權FMC」(您需要在此步驟之前登入到SecureX帳戶),選擇授權FMC:
步驟 3.授權後,系統會將您重新導向到SecureX:
如果您有多個組織,則會顯示SecureX登入頁面,以選擇要整合FMC和安全防火牆裝置的組織:
步驟 4.選擇SecureX組織後,您將再次被重定向到FMC,您必須獲得顯示整合成功的消息:
驗證
完成整合後,您可以從頁面底部展開功能區:
在功能區上啟動安全服務交換,在裝置下,您必須看到您剛才整合的FMC和安全防火牆: