This project configures Umbrella Secure Internet Gateway (SIG) on remote
network devices. Customers can quickly provision large, distributed networks
and perform automated key rollovers to integrate with SIG. The solution is
particularly useful for disaster response/humanitarian operations, but can be
used for any use case in which it is well-suited.
Contact information:
Steven McNutt (Cisco Systems / stmcnutt@cisco.com)
Nick Russo (Cisco Systems / nickrus@cisco.com)
Devnet Create 2021 Powerpoint Deck
Devnet Create 2021 Video
Note: This is a proof of concept workflow. The sidecar is not hardened for production use!
sig_me
sidecar: References the IP of the docker-compose
sidecar app.sig_me_db
: References the mySQL database string within SXOsig_me_db_creds
: Define these to include the mySQL username and password.umbrella_org_id
: The numeric Umbrella organization ID to which you have read/write access.umbrella_api_key
: The Umbrella Management API key; used as HTTP basic auth username.umbrella_api_secret
: The Umbrella Management API secret; used as HTTP basic auth password.device_username
: The shell login username on the managed network device (router, firewall, etc.)device_password
: The shell login password on the managed network device (router, firewall, etc.)sig_me_db
connection.docker-compose
app running on-premises for sig_me
Sidecar.example_db_setup_script
in the sql/
directory.sig_me
Sidecar hostname/IP.
docker-compose
on the instance.docker-compose build
(one time only)docker-compose up
(whenever you want to bring up the sidecar)docker-compose
down will bring the sidecar downsig_me.json
in a text editor.sig_me
Sidecar "host": value to the sidecar hostname/IP.sig_me_db
"server": value to the mySQL hostname/IP.In the left pane menu, select Workflows. Click on IMPORT to import the workflow.
Click on Browse and copy paste the content of your edited sig_me.json
file
inside of the text window. Select IMPORT AS A NEW WORKFLOW (CLONE) and click on IMPORT.
Next steps, like updating targets/account keys, setting a trigger, and running the workflow.
If the mySQL target is unreachable, you'll get an import error.
Ensure SXO can reach the database and the import should be successful.
This is a proof of concept workflow. The sidecar is not hardend for production use!
This project configures Umbrella Secure Internet Gateway (SIG) on remote network devices. Customers can quickly provision large, distributed networks and perform automated key rollovers to integrate with SIG. The solution is particularly useful for disaster response/humanitarian operations, but can be used for any use case in which it is well-suited.
Link to related DevNet Sandbox: Cisco Umbrella Secure Internet Gateway Sandbox
Link to related Learning module on DevNet: SecureX orchestration
This project configures Umbrella Secure Internet Gateway (SIG) on remote network devices. Customers can quickly provision large, distributed networks and perform automated key rollovers to integrate with SIG. The solution is particularly useful for disaster response/humanitarian operations, but can be used for any use case in which it is well-suited.
Link to related DevNet Sandbox: Cisco Umbrella Secure Internet Gateway Sandbox
Link to related Learning module on DevNet: SecureX orchestration
Code Exchange Community
Get help, share code, and collaborate with other developers in the Code Exchange community.View Community