mssp-con-ver-check
MSSP Secure Endpoint Customer Connector Version Check
Problem Statement.
Secure Endpoint MSSP partners need to operate with efficiency at scale. “Simple” tasks like verifying compliance for standard operating conditions on all customer endpoints deployed can be time consuming.
Key Customer/Partner outcomes:
Automation to improve operational efficiency from hours to seconds. This particular workflow can be leveraged to identify “non-standard” endpoint connector versions across all MSSP customers. A simple starting framework for other use cases that require common action across multiple MSSP Secure Endpoint customers. Also provides a framework for other Secure Endpoint QA & policy compliance element verification.
Pre-Requisites
- Acquire each tenant/customer API keys from Secure Endpoint MSSP Console
- Utilize Copy-AMP-MSSP-CREDS.json workflow to add Secure Endpoint customer tenant API keys into Group Target
Worflow Operation
Loop through each MSSP customer and do the following:
- Get all Computers
- Remove input standard hosts
- Create Table with non-standard hosts
- Outputs non-standard hosts to table & Webex Teams room
Required Global Variable
Create Global Variable MSSP customer credentials using Copy-ADD-AMP-MSSP-CREDS.json to aggregate MSSP customer API account keys used in this workflow.
Required Targets
- AMP Target
- AMP MSSP Target Group - contains all MSSP customer targets
Required Account Keys
- Account keys for each individual AMP-MSSP Customer
- Global MSSP Account Keys
Setup Information
Browse to your SecureX orchestration instance. This will be a different URL depending on the region your account is in:
- US: https://securex-ao.us.security.cisco.com/orch-ui/workflows/
- EU: https://securex-ao.eu.security.cisco.com/orch-ui/workflows/
- APJC: https://securex-ao.apjc.security.cisco.com/orch-ui/workflows/
Import both workflows.
- Copy-ADD-AMP-MSSP-CREDS.json
- MSSP Customers Connector Version Check-3.json
Running Workflow
Workflow Outputs
*Cust Conn Ver3 Table
- Webex Teams Output
Known Issues
*Webex Teams renders triplicates of non-standard connector versions.
Learning Labs
Use Case
MSSP Secure Endpoint Customer Connector Version Check
Problem Statement.
Secure Endpoint MSSP partners need to operate with efficiency at scale. “Simple” tasks like verifying compliance for standard operating conditions on all customer endpoints deployed can be time consuming.
Key Customer/Partner outcomes:
Automation to improve operational efficiency from hours to seconds. This particular workflow can be leveraged to identify “non-standard” endpoint connector versions across all MSSP customers. A simple starting framework for other use cases that require common action across multiple MSSP Secure Endpoint customers. Also provides a framework for other Secure Endpoint QA & policy compliance element verification.
Pre-Requisites
- Acquire each tenant/customer API keys from Secure Endpoint MSSP Console
- Utilize Copy-AMP-MSSP-CREDS.json workflow to add Secure Endpoint customer tenant API keys into Group Target
Worflow Operation
Loop through each MSSP customer and do the following:
- Get all Computers
- Remove input standard hosts
- Create Table with non-standard hosts
- Outputs non-standard hosts to table & Webex Teams room
Required Global Variable
Create Global Variable MSSP customer credentials using Copy-ADD-AMP-MSSP-CREDS.json to aggregate MSSP customer API account keys used in this workflow.
Required Targets
- AMP Target
- AMP MSSP Target Group - contains all MSSP customer targets
Required Account Keys
- Account keys for each individual AMP-MSSP Customer
- Global MSSP Account Keys
Setup Information
Browse to your SecureX orchestration instance. This will be a different URL depending on the region your account is in:
- US: https://securex-ao.us.security.cisco.com/orch-ui/workflows/
- EU: https://securex-ao.eu.security.cisco.com/orch-ui/workflows/
- APJC: https://securex-ao.apjc.security.cisco.com/orch-ui/workflows/
Import both workflows.
- Copy-ADD-AMP-MSSP-CREDS.json
- MSSP Customers Connector Version Check-3.json
Running Workflow
Workflow Outputs
*Cust Conn Ver3 Table
- Webex Teams Output
Known Issues
*Webex Teams renders triplicates of non-standard connector versions.
Learning Labs
Secure Endpoint MSSP Audit Automation
Automating common tasks to increase MSSP efficiency
Currently to verify currently deployed connector versions of Secure Endpoint is a manual process, or could require multiple API calls and scripting. This is time consuming and complex for MSSP partners managing multiple Secure Endpoint customers. To help MSSP partners scale resources and simplify operations this workflow was developed leveraging SecureX Orchestration. This workflow can be adapted & modified to check various other policy & deployment configurations across multiple customers. Additionally, this workflow could be configured to run on a schedule automatically if desired.
Links to DevNet Learning Labs
Provide links to related Learning Labs or modules on DevNet:
Owner
Contributors
Github contributorCategories
Products
Cisco Security Cloud Control (SCC)WebexSecure Network AnalyticsProgramming Languages
License
Other
Code Exchange Community
Get help, share code, and collaborate with other developers in the Code Exchange community.View CommunityCisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.