Cisco Security Cloud Integration
Introduction
Cisco Secure Firewall Management Center (FMC) now integrates with Cisco Security Cloud. This integration enhances your experience by enabling a variety of Cisco cloud security services, including:
- Cisco AI Assistant for Security
- Policy Analyzer & Optimizer
- Low-Touch Provisioning to easily onboard branch devices
- Integration with Cisco XDR and Talos Eventing services
- Cloud-based logging and eventing with Cisco Security Analytics and Logging (SaaS)
SecureX End-of-Life Notice
Cisco SecureX is End-of-Life and is no longer supported. For an FMC which is integrated with SecureX, upon upgrade to FMC 7.6, the Cisco Security Cloud interface will show as unregistered. However, all existing cloud-integrated features will continue uninterrupted.
In order to make any configuration changes after upgrade, or to enable any of the new features (such as AI Assistant for Firewall), it is highly recommended to register directly with Cisco Security Cloud.
Prerequisites
Integrating with the Cisco Security Cloud requires a Cisco Security Cloud Sign On account. If you do not already have an account you can create one here: https://sign-on.security.cisco.com
Cisco Secure Firewall Management Center must have outbound internet connectivity on port 443/TCP (HTTPS). For environments where outbound access is restricted, the following table shows the minimum requirements for connectivity to Cisco Security Cloud.
Cisco Security Cloud Region | Resources |
---|---|
Americas (us-east-1) | www.defenseorchestrator.com admin.sse.itd.cisco.com securex.us.security.cisco.com api-services.us.sse.itd.cisco.com api-sse.cisco.com registration.us.sse.itd.cisco.com |
Europe (eu-central-1) | defenseorchestrator.eu admin.eu.sse.itd.cisco.com securex.eu.security.cisco.com api-services.eu.sse.itd.cisco.com api.eu.sse.itd.cisco.com registration.eu.sse.itd.cisco.com |
APJ (ap-northeast-1) | www.apj.cdo.cisco.com admin.apj.sse.itd.cisco.com securex.apjc.security.cisco.com api-services.apj.sse.itd.cisco.com api.apj.sse.itd.cisco.com registration.apj.sse.itd.cisco.com |
Australia (ap-southeast-2) | www.aus.cdo.cisco.com api-services.au.sse.itd.cisco.com api.au.sse.itd.cisco.com registration.au.sse.itd.cisco.com |
India (ap-south-1) | www.in.cdo.cisco.com api-services.in.sse.itd.cisco.com api.in.sse.itd.cisco.com registration.in.sse.itd.cisco.com |
Configuration Process
-
In Firewall Management Center, navigate to Integration > Cisco Security Cloud.
-
From the drop-down list select your desired region in Current Cloud Region. Then click Enable Cisco Security Cloud.
-
A pop-up window will appear with the title Welcome to the Cisco Security Cloud. (If the pop-up does not automatically appear, it is possible it was blocked by your web browser, and will need to be manually displayed.) On this screen, click Continue to Cisco SSO.
-
Sign-in with your Cisco Security Cloud email address and password. (If you do not have an existing account, please click Sign up now on the screen to create one.)
-
A new screen will appear asking to Grant Application Access to your FMC. Please confirm the code displayed on this screen matches the code on your FMC. After confirming, click Authorize FMC.
Cisco Security Cloud View FMC View -
Cisco Security Cloud will confirm that your FMC has been authorized. This browser window can now be closed.
-
Back on the FMC, Cisco Security Cloud will now show that it is Enabled. Click Save for the configuration to take effect.
-
A screen will appear while Cisco Security Cloud is being configured. Configuration can take 1-3 minutes to complete.
Enabling Features
Once integration with Cisco Security Cloud is complete, the Settings section will display the various integration options which can be enabled, including:
- Event Configuration: Send Security-Related events (or all events, with an active Security Analytics and Logging subscription) to the cloud.
- Cisco AI Assistant: AI Assistant explains firewall configurations, assists with rule creation, and generates custom guides for completing common administrative tasks.
- Policy Analyzer and Optimizer: Assists with review of firewall configurations to optimize the security and performance of firewalls.
- Cisco Security Cloud Support: Enable the sharing of usage metrics to assist Cisco in improving the quality and features of the product, and allow Cisco Support to easily collect device telemetry to assist in troubleshooting during support calls.
- Cisco XDR Automation: Allow Cisco XDR to automate response actions on Firewall Management Center (requires a Cisco XDR account).
Updated about 2 months ago