Integrate Cisco Firepower with Red Canary
- 25 Jul 2024
- 1 Minute to read
- PDF
Integrate Cisco Firepower with Red Canary
- Updated on 25 Jul 2024
- 1 Minute to read
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Integrating Cisco Firepower with Red Canary enhances threat detection and response capabilities by centralizing security data and automating incident response workflows. To integrate Cisco Firepower with Red Canary, follow the procedure below from beginning to end.
Red Canary–Create your Red Canary generated email
Create a Red Canary provided-email to send Cisco Firepower alerts for ingestion.
From your Red Canary homepage, click Integrations, and See all integrations.
.png?sv=2022-11-02&spr=https&st=2024-09-20T14%3A45%3A08Z&se=2024-09-20T14%3A55%3A08Z&sr=c&sp=r&sig=py9L%2Fk5Y3GFXN7J%2BB14wXcWVzhQxb9VEYJtcbYkYx9w%3D)
Type and select Cisco Firepower.
Click Configure.
Enter a Name for your external alert source.
Select a Display Category.
Under the Ingest Format/Method dropdown, select Cisco Firepower via Email.
Note: If you do not see your security product listed, click See all integrations.
Click Save Configuration. This will generate the email address to which Cisco Firepower alerts will be sent.
Click Edit Configuration.
Click Activate.
NOTE: Any devices inline between the Firepower device and Red Canary that may manipulate email messages (i.e., Perimeter Devices) should have an exclusion in place to bypass these processes; otherwise, the email message may be manipulated prior to being ingested by Red Canary and subsequently reformatted to HTML.
For more information on completing the set up for Cisco Firepower, please click here.
Note: From the Syslog Severity dropdown, select warning. Click OK to save the configuration.
.png?sv=2022-11-02&spr=https&st=2024-09-20T14%3A45%3A08Z&se=2024-09-20T14%3A55%3A08Z&sr=c&sp=r&sig=py9L%2Fk5Y3GFXN7J%2BB14wXcWVzhQxb9VEYJtcbYkYx9w%3D)
Was this article helpful?
