Cisco Adaptive Security Appliance (ASA)
App Vendor: Cisco
App Category: Network Security
Connector version: 1.0.3
API Version: 1.0.0
Note
Before upgrading a Orchestrate instance to the 3.2.1.0 version, you must upgrade this app to the latest version (v1.0.3) and validate the functioning of the associated Playbooks.
About App
Cisco Adaptive Security Appliance (ASA) is a network security solution that provides proactive defense to threats and prevents attacks before they spread through the network by combining firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities. The Cisco Adaptive Security Appliance (ASA) app allows security teams to integrate with the Cisco Adaptive Security Appliance (ASA) enterprise application.
The Cisco Adaptive Security Appliance (ASA) app allows security teams to manage VPN sessions, block or unblock IP addresses, get software version of a device, and run CLI commands. The Cisco Adaptive Security Appliance (ASA) app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Terminate VPN Session | This action terminates a VPN session. |
Get Details of a VPN Session | This action retrieves the details of a VPN session. |
Run CLI Command | This action runs a command to get the results using the CLI. |
Fetch Version | This action retrieves the software version of a device. |
Get a List of VPN Sessions | This action retrieves a list of VPN sessions. |
Unblock IP Address | This action unblocks an IP address. |
Block IP Address | This action blocks an IP address. |
Configuration Parameters
The following configuration parameters are required for the Cisco Adaptive Security Appliance (ASA) app to communicate with the enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Cloud Domain | Enter the Cisco ASA cloud domain (fqdn or ip_address). Example: "https://asa.secops.ml" | Text | Required | |
Token | Enter the Cisco ASA token. Example: "sample token" | Password | Required | |
SSL Verification | Optional preference to either verify or skip the SSL certificate verification. Example: True | Boolean | Optional | Allowed values:
Default value: False |
Action: Terminate VPN Session
This action terminates a VPN session of a specific user.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username to terminate the VPN session of a user. Example: "Anna" | Text | Required |
Example Request
[
{
"username": "Anna"
}
]Action: Get Details of a VPN Session
This action retrieves the details of a VPN session.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username to get the VPN session details of a user. Example: "Anna" | Text | Required |
Example Request
[
{
"username": "Anna"
}
]Action: Run CLI Command
This action runs a command to get the results using the CLI.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Command | Enter the command that you want to run. Example: "copy /noconfirm disk0:/< filename > running-config" | Text | Required |
Example Request
[
{
"command": "copy /noconfirm disk0:/< filename > running-config"
}
]Action: Fetch Version
This action retrieves the software version of a device.
Action Input Parameters
This action does not require any input parameter.
Action: Get a List of VPN Sessions
This action retrieves a list of VPN sessions.
Action Input Parameters
This action does not require any input parameter.
Action: Unblock IP Address
This action unblocks an IP address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the IP address to unblock. Example: "1.1.1.1" | Text | Required | |
Access List Name | Enter the access list name. Example: "Analysis" | Text | Required | |
Protocol Type | Enter the protocol type. Example: "tcp" | Text | Required | Allowed values:
|
Example Request
[
{
"ip_address": "1.1.1.1",
"accesslist_name": "Analysis",
"protocol_type": "tcp"
}
]Action: Block IP Address
This action blocks an IP address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
IP Address | Enter the IP address to block. Example: "1.1.1.1" | Text | Required | |
Access List Name | Enter the access list name. Example: "Analysis" | Text | Required | |
Protocol Type | Enter the protocol type. Example: "tcp" | Text | Required | Allowed values:
|
Example Request
[
{
"ip_address": "1.1.1.1",
"accesslist_name": "Analysis",
"protocol_type": "tcp"
}
]