Set up Nuvolo for Integration
Table of Contents
Expand all | Collapse all
-
- Integrate IoT Security with AIMS
- Set up AIMS for Integration
- Set up IoT Security and XSOAR for AIMS Integration
- Send Work Orders to AIMS
- Integrate IoT Security with Microsoft SCCM
- Set up Microsoft SCCM for Integration
- Set up IoT Security and XSOAR for SCCM Integration
- Integrate IoT Security with Nuvolo
- Set up Nuvolo for Integration
- Set up IoT Security and XSOAR for Nuvolo Integration
- Send Security Alerts to Nuvolo
- Send Vulnerabilities to Nuvolo
- Integrate IoT Security with ServiceNow
- Set up ServiceNow for Integration
- Set up IoT Security and XSOAR for ServiceNow Integration
- Send Security Alerts to ServiceNow
- Send Vulnerabilities to ServiceNow
-
- Integrate IoT Security with Cortex XDR
- Set up Cortex XDR for Integration
- Set up IoT Security and XSOAR for XDR Integration
- Integrate IoT Security with CrowdStrike
- Set up CrowdStrike for Integration
- Set up IoT Security and XSOAR for CrowdStrike Integration
- Integrate IoT Security with Microsoft Defender XDR
- Set up Microsoft Defender XDR for Integration
- Set up IoT Security and Cortex XSOAR for Microsoft Defender XDR Integration
- Integrate IoT Security with Tanium
- Set up Tanium for Integration
- Set up IoT Security and XSOAR for Tanium Integration
-
- Integrate IoT Security with Aruba AirWave
- Set up Aruba AirWave for Integration
- Set up IoT Security and Cortex XSOAR for Aruba AirWave Integration
- View Device Location Information
- Integrate IoT Security with Aruba Central
- Set up Aruba Central for Integration
- Set up IoT Security and XSOAR for Aruba Central Integration
- Integrate IoT Security with Cisco DNA Center
- Set up Cisco DNA Center to Connect with XSOAR Engines
- Set up IoT Security and XSOAR for DNA Center Integration
- Integrate IoT Security with Cisco Meraki Cloud
- Set up Cisco Meraki Cloud for Integration
- Set up IoT Security and XSOAR for Cisco Meraki Cloud
- Integrate IoT Security with Cisco Prime
- Set up Cisco Prime to Accept Connections from IoT Security
- Set up IoT Security and XSOAR for Cisco Prime Integration
- Integrate IoT Security with Network Switches for SNMP Discovery
- Set up IoT Security and Cortex XSOAR for SNMP Discovery
- Integrate IoT Security with Switches for Network Discovery
- Set up IoT Security and Cortex XSOAR for Network Discovery
-
- Integrate IoT Security with Aruba WLAN Controllers
- Set up Aruba WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Aruba WLAN Controllers
- Integrate IoT Security with Cisco WLAN Controllers
- Set up Cisco WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Cisco WLAN Controllers
-
- Integrate IoT Security with Aruba ClearPass
- Set up Aruba ClearPass for Integration
- Set up IoT Security and XSOAR for ClearPass Integration
- Put a Device in Quarantine Using Aruba ClearPass
- Release a Device from Quarantine Using Aruba ClearPass
- Integrate IoT Security with Cisco ISE
- Set up Cisco ISE to Identify IoT Devices
- Set up Cisco ISE to Identify and Quarantine IoT Devices
- Configure ISE Servers as an HA Pair
- Set up IoT Security and XSOAR for Cisco ISE Integration
- Put a Device in Quarantine Using Cisco ISE
- Release a Device from Quarantine Using Cisco ISE
- Apply Access Control Lists through Cisco ISE
- Integrate IoT Security with Cisco ISE pxGrid
- Set up Integration with Cisco ISE pxGrid
- Put a Device in Quarantine Using Cisco ISE pxGrid
- Release a Device from Quarantine Using Cisco ISE pxGrid
- Integrate IoT Security with Forescout
- Set up Forescout for Integration
- Set up IoT Security and XSOAR for Forescout Integration
- Put a Device in Quarantine Using Forescout
- Release a Device from Quarantine Using Forescout
-
- Integrate IoT Security with Qualys
- Set up QualysGuard Express for Integration
- Set up IoT Security and XSOAR for Qualys Integration
- Perform a Vulnerability Scan Using Qualys
- Get Vulnerability Scan Reports from Qualys
- Integrate IoT Security with Rapid7
- Set up Rapid7 InsightVM for Integration
- Set up IoT Security and XSOAR for Rapid7 Integration
- Perform a Vulnerability Scan Using Rapid7
- Get Vulnerability Scan Reports from Rapid7
- Integrate IoT Security with Tenable
- Set up Tenable for Integration
- Set up IoT Security and XSOAR for Tenable Integration
- Perform a Vulnerability Scan Using Tenable
- Get Vulnerability Scan Reports from Tenable
Set up Nuvolo for Integration
Set up Nuvolo for integration with IoT Security through
Cortex XSOAR.
Nuvolo is preconfigured with most of what
you need to integrate with IoT Security. The following steps explain
what you need to do to complete the Nuvolo configuration.
- Contact Nuvolo and request the creation of a user account to access the Nuvolo API.Because Nuvolo is an application that runs on the ServiceNow platform, only users with ServiceNow administrative rights can create users. The user account selected here must not have any roles or permissions granted to it.Log in to Nuvolo as a user with the system admin role, navigate to the EAM Queue module, and then click AdministrationData Source.In the list of data sources, click the Palo Alto Networks record to open it.The Palo Alto Networks Data Source record appears with empty Company and Account fields.Click the Lookup using list icon (Click the Lookup using list icon (After you make the company and account selections, click Update.Retrieve the source key for the data source record and record its value.To retrieve the value, enter the OT Cyber Security section, navigate to AdministrationData Source, right-click Palo Alto Networks, and then click Copy sys_id in the pop-up menu that appears.This copies the value to your computer’s clipboard. You will later enter this value in the Source Key field in Cortex XSOAR when configuring a Nuvolo instance.Link IoT Security-sourced data with Nuvolo assets.To accomplish this critical element in the integration, configure Nuvolo to use the MAC address or serial number key fields in the key/data pairs it receives from IoT Security in its discovery and security queues. In the EAM Queue section, click AdministrationKey Field MappingNew, enter the following, and then click Submit:Table Name: Clinical Devices [x_nuvo_eam_clinical_devices]Field Name: MAC AddressKey Name: Mac Address (This must be an exact match for the key name that XSOAR sends.)Data Source: Palo Alto NetworksQueue Type: Discovery Queue [x_nuvo_eam_discovery_queue]Repeat the previous step three more times to create a total of four key field mappings with the following settings:
Table Name Field Name Key Name Data Source Queue Type Clinical Devices [x_nuvo_eam_clinical_devices] MAC Address Mac Address Palo Alto Networks Discovery Queue [x_nuvo_discovery_queue] Clinical Devices [x_nuvo_eam_clinical_devices] Serial Number Serial Number Palo Alto Networks Discovery Queue [x_nuvo_discovery_queue] Clinical Devices [x_nuvo_eam_clinical_devices] MAC Address Mac Address Palo Alto Networks Security Queue [x_nuvo_security_queue] Clinical Devices [x_nuvo_eam_clinical_devices] Serial Number Serial Number Palo Alto Networks Security Queue [x_nuvo_security_queue] Nuvolo provides several predefined action scripts specifically for IoT Security:- The scripts in the Discovery Queue add new IoT Security-discovered devices to the asset inventory in Nuvolo and update existing assets with IoT Security-provided details. The two action scripts in the Discovery Queue that add devices and update assets are titled Palo Alto Networks – Create Device and Palo Alto Networks – Update device automatically if identified by trusted identifier.To see newly added and updated assets in the Nuvolo interface, click Clinical Asset ManagementInventoryDevices.
- The action script in the Security Queue is titled Palo Alto Networks – Create Alert, map devices, & create WOs.To see alerts and vulnerabilities sent to Nuvolo from IoT Security, click OT Cyber SecurityQueue ManagementSecurity Queue.To see work orders for security events sent from IoT Security, click Clinical Asset ManagementWork OrdersAll.