Netscout Arbor Edge Defense
App Vendor: Netscout
App Category: Endpoint
Connector Version: 1.0.0
API Version: 6.3.1
About App
Netscout Arbor Edge Defense is an inline security appliance deployed at the network perimeter between the internet router and firewall. The Netscout Arbor Edge Defense app enables security teams to integrate with the Netscout AED enterprise application to manage hosts.
The Netscout Arbor Edge Defense app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
List All Outbound Blacklisted Hosts | This action retrieves a list of all the outbound blacklisted hosts. |
List All Outbound Whitelisted Hosts | This action retrieves a list of all the outbound whitelisted hosts. |
Add Host to Outbound Whitelist | This action adds hosts to the outbound threat filter whitelist. |
Add Hosts to Outbound Blacklist | This action adds hosts to the outbound threat filter blacklist. |
Add Hosts to Inbound Blacklist | This action adds hosts to the inbound threat filter blacklist. |
List All Inbound Blacklisted Hosts | This action retrieves a list of all the inbound blacklisted hosts. |
Add Host to Inbound Whitelist | This action adds a host to the inbound threat filter whitelist. |
Remove Host From Inbound Blacklist | This action removes a host from the inbound blacklist. |
Remove Host From Outbound Blacklist | This action removes a host from the outbound blacklist. |
Get Outbound Blacklisted Host Detail | This action retrieves the details of outbound blacklisted hosts. |
Get Inbound Blacklisted Host Detail | This action retrieves the details of inbound blacklisted hosts. |
Configuration Parameters
The following configuration parameters are required for the Netscout Arbor Edge Defense app to communicate with the Netscout Arbor Edge Defense enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Endpoint | Enter the endpoint. Example: "https://<host-ip-address>/" | Text | Required | |
API Key | Enter the API key. Example: "sample api key" | Password | Required | |
Verify | Optional preference to either verify the status of skip verifying. Example: true | Boolean | Optional | Allowed values
Default value: false |
Action: List All Outbound Blacklisted Hosts
This action retrieves a list of all the outbound blacklisted hosts.
Action Input Parameters
This action does not require any input parameter.
Action: List All Outbound Whitelisted Hosts
This action retrieves a list of all the outbound whitelisted hosts.
Action Input Parameters
This action does not require any input parameter.
Action: Add Host to Outbound Whitelist
This action adds hosts to the outbound threat filter whitelist.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address of the host to add the host to the outbound whitelist. Example: "1.1.1.1" | Text | Required | |
Annotation | Enter the description of the host. Example: "sample description" | Text | Required |
Example Request
[
{
"host": "1.1.1.1",
"annotation": "sample description"
}
]Action: Add Hosts to Outbound Blacklist
This action adds hosts to the outbound threat filter blacklist.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address of the host to add the host to the outbound blacklist. Example: "1.1.1.1" | Text | Required | |
Annotation | Enter a description of the host. Example: "sample description" | Text | Required |
Example Request
[
{
"host": "1.1.1.1",
"annotation": "sample description"
}
]Action: Add Hosts to Inbound Blacklist
This action adds hosts to the inbound threat filter blacklist.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address of the host to add the host to the inbound blacklist. Example: "1.1.1.1" | Text | Required | |
Annotation | Enter the description for the host. Example: "sample description" | Text | Required | |
Protection Group ID | Enter the protection group ID for the host. Example: 5 | Integer | Required | Default value: 5 |
Example Request
[
{
"host": "1.1.1.1",
"annotation": "sample description",
"pgid": 5
}
]Action: Add Host to Inbound Whitelist
The action adds a host to the inbound threat filter whitelist.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address of the host to add the host to the inbound whitelist. Example: "1.1.1.1" | Text | Required | |
Annotation | Enter the description for the host. Example: "sample description" | Text | Required | |
Protection Group ID | Enter the protection group ID for the host. Example: 5 | Integer | Required | Default value: 5 |
Example Request
[
{
"host": "1.1.1.1",
"annotation": "sample description",
"pgid": 5
}
]Action: List All Inbound Blacklisted Hosts
This action retrieves a list of all the inbound blacklisted hosts.
Action Input Parameters
This action does not require any input parameter.
Action: Remove Host From Inbound Blacklist
This action removes a host from the inbound blacklist.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address or CIDR of the host to remove the host from the inbound blacklist. Example: "1.1.1.1" | Text | Required | |
Protection Group ID | Enter the protection group ID for the host. Example: 5 | Integer | Required | Default value: 5 |
Example Request
[
{
"host": "1.1.1.1",
"annotation": "sample description",
"pgid": 5
}
]Action: Remove Host From Outbound Blacklist
This action removes a host from the outbound blacklist.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address or CIDR of the host to remove the host from the outbound blacklist. Example: "1.1.1.1" | Text | Required |
Example Request
[
{
"host": "1.1.1.1"
}
]Action: Get Outbound Blacklisted Host Detail
This action retrieves the details of outbound blacklisted hosts.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address of the host to retrieve the details of the outbound blacklisted host. Example: "1.1.1.1" | Text | Required |
Example Request
[
{
"host": "1.1.1.1"
}
]Action: Get Inbound Blacklisted Host Detail
This action retrieves the details of inbound blacklisted hosts.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Host | Enter the IP address of the host to retrieve the details of the inbound blacklisted host. Example: "1.1.1.1" | Text | Required |
Example Request
[
{
"host": "1.1.1.1"
}
]