Set up Nuvolo for Integration
Table of Contents
Expand all | Collapse all
-
- Integrate IoT Security with AIMS
- Set up AIMS for Integration
- Set up IoT Security and XSOAR for AIMS Integration
- Send Work Orders to AIMS
- Integrate IoT Security with Microsoft SCCM
- Set up Microsoft SCCM for Integration
- Set up IoT Security and XSOAR for SCCM Integration
- Integrate IoT Security with Nuvolo
- Set up Nuvolo for Integration
- Set up IoT Security and XSOAR for Nuvolo Integration
- Send Security Alerts to Nuvolo
- Send Vulnerabilities to Nuvolo
- Integrate IoT Security with ServiceNow
- Set up ServiceNow for Integration
- Set up IoT Security and XSOAR for ServiceNow Integration
- Send Security Alerts to ServiceNow
- Send Vulnerabilities to ServiceNow
-
- Integrate IoT Security with Cortex XDR
- Set up Cortex XDR for Integration
- Set up IoT Security and XSOAR for XDR Integration
- Integrate IoT Security with CrowdStrike
- Set up CrowdStrike for Integration
- Set up IoT Security and XSOAR for CrowdStrike Integration
- Integrate IoT Security with Tanium
- Set up Tanium for Integration
- Set up IoT Security and XSOAR for Tanium Integration
-
- Integrate IoT Security with Aruba Central
- Set up Aruba Central for Integration
- Set up IoT Security and XSOAR for Aruba Central Integration
- Integrate IoT Security with Cisco DNA Center
- Set up Cisco DNA Center to Connect with XSOAR Engines
- Set up IoT Security and XSOAR for DNA Center Integration
- Integrate IoT Security with Cisco Meraki Cloud
- Set up Cisco Meraki Cloud for Integration
- Set up IoT Security and XSOAR for Cisco Meraki Cloud
- Integrate IoT Security with Cisco Prime
- Set up Cisco Prime to Accept Connections from IoT Security
- Set up IoT Security and XSOAR for Cisco Prime Integration
- Integrate IoT Security with Network Switches for SNMP Discovery
- Set up IoT Security and Cortex XSOAR for SNMP Discovery
- Integrate IoT Security with Switches for Network Discovery
- Set up IoT Security and Cortex XSOAR for Network Discovery
-
- Integrate IoT Security with Aruba WLAN Controllers
- Set up Aruba WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Aruba WLAN Controllers
- Integrate IoT Security with Cisco WLAN Controllers
- Set up Cisco WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Cisco WLAN Controllers
-
- Integrate IoT Security with Aruba ClearPass
- Set up Aruba ClearPass for Integration
- Set up IoT Security and XSOAR for ClearPass Integration
- Put a Device in Quarantine Using Aruba ClearPass
- Release a Device from Quarantine Using Aruba ClearPass
- Integrate IoT Security with Cisco ISE
- Set up Cisco ISE to Identify IoT Devices
- Set up Cisco ISE to Identify and Quarantine IoT Devices
- Configure ISE Servers as an HA Pair
- Set up IoT Security and XSOAR for Cisco ISE Integration
- Put a Device in Quarantine Using Cisco ISE
- Release a Device from Quarantine Using Cisco ISE
- Apply Access Control Lists through Cisco ISE
- Integrate IoT Security with Cisco ISE pxGrid
- Set up Integration with Cisco ISE pxGrid
- Put a Device in Quarantine Using Cisco ISE pxGrid
- Release a Device from Quarantine Using Cisco ISE pxGrid
- Integrate IoT Security with Forescout
- Set up Forescout for Integration
- Set up IoT Security and XSOAR for Forescout Integration
- Put a Device in Quarantine Using Forescout
- Release a Device from Quarantine Using Forescout
-
- Integrate IoT Security with Qualys
- Set up QualysGuard Express for Integration
- Set up IoT Security and XSOAR for Qualys Integration
- Perform a Vulnerability Scan Using Qualys
- Get Vulnerability Scan Reports from Qualys
- Integrate IoT Security with Rapid7
- Set up Rapid7 InsightVM for Integration
- Set up IoT Security and XSOAR for Rapid7 Integration
- Perform a Vulnerability Scan Using Rapid7
- Get Vulnerability Scan Reports from Rapid7
- Integrate IoT Security with Tenable
- Set up Tenable for Integration
- Set up IoT Security and XSOAR for Tenable Integration
- Perform a Vulnerability Scan Using Tenable
- Get Vulnerability Scan Reports from Tenable
Set up Nuvolo for Integration
Set up Nuvolo for integration with
IoT Security
through
Cortex XSOAR
.Nuvolo is preconfigured with most of what
you need to integrate with
IoT Security
. The following steps explain
what you need to do to complete the Nuvolo configuration.- Contact Nuvolo and request the creation of a user account to access the Nuvolo API.Because Nuvolo is an application that runs on the ServiceNow platform, only users with ServiceNow administrative rights can create users. The user account selected here must not have any roles or permissions granted to it.
- Log in to Nuvolo as a user with the system admin role, navigate to the EAM Queue module, and then click.AdministrationData Source
- In the list of data sources, click thePalo Alto Networksrecord to open it.The Palo Alto Networks Data Source record appears with empty Company and Account fields.
- Click theLookup using listicon ( ) next to the Company field to create or select the company vendor record for Palo Alto Networks.
- Click theLookup using listicon ( ) next to the Account field to select the user account record created for API access.
- After you make the company and account selections, clickUpdate.
- Retrieve the source key for the data source record and record its value.To retrieve the value, enter the OT Cyber Security section, navigate to, right-clickAdministrationData SourcePalo Alto Networks, and then clickCopy sys_idin the pop-up menu that appears.This copies the value to your computer’s clipboard. You will later enter this value in the Source Key field inCortex XSOARwhen configuring a Nuvolo instance.
- LinkIoT Security-sourced data with Nuvolo assets.To accomplish this critical element in the integration, configure Nuvolo to use the MAC address or serial number key fields in the key/data pairs it receives fromIoT Securityin its discovery and security queues. In the EAM Queue section, click, enter the following, and then clickAdministrationKey Field MappingNewSubmit:Table Name:Clinical Devices [x_nuvo_eam_clinical_devices]Field Name:MAC AddressKey Name:Mac Address(This must be an exact match for the key name that XSOAR sends.)Data Source:Palo Alto NetworksQueue Type:Discovery Queue [x_nuvo_eam_discovery_queue]
- Repeat the previous step three more times to create a total of four key field mappings with the following settings:Table NameField NameKey NameData SourceQueue TypeClinical Devices [x_nuvo_eam_clinical_devices]MAC AddressMac AddressPalo Alto NetworksDiscovery Queue [x_nuvo_discovery_queue]Clinical Devices [x_nuvo_eam_clinical_devices]Serial NumberSerial NumberPalo Alto NetworksDiscovery Queue [x_nuvo_discovery_queue]Clinical Devices [x_nuvo_eam_clinical_devices]MAC AddressMac AddressPalo Alto NetworksSecurity Queue [x_nuvo_security_queue]Clinical Devices [x_nuvo_eam_clinical_devices]Serial NumberSerial NumberPalo Alto NetworksSecurity Queue [x_nuvo_security_queue]Nuvolo provides several predefined action scripts specifically forIoT Security:
- The scripts in theDiscovery Queueadd newIoT Security-discovered devices to the asset inventory in Nuvolo and update existing assets withIoT Security-provided details. The two action scripts in the Discovery Queue that add devices and update assets are titledPalo Alto Networks – Create Device and Palo Alto Networks – Update device automatically if identified by trusted identifier.To see newly added and updated assets in the Nuvolo interface, click.Clinical Asset ManagementInventoryDevices
- The action script in the Security Queue is titledPalo Alto Networks – Create Alert, map devices, & create WOs.To see alerts and vulnerabilities sent to Nuvolo fromIoT Security, click.OT Cyber SecurityQueue ManagementSecurity QueueTo see work orders for security events sent fromIoT Security, click.Clinical Asset ManagementWork OrdersAll