This document applies to Classic/Legacy Integrations. You may continue to use these integration configurations. While no active development is happening for these integrations, we continue to provide Classic/Legacy Integrations in the product. You do not have to move to MSI Integrations. If your support engineer or TSC recommends or you choose to move to MSI Integrations, you can take advantage of the latest features and functionality. For more information, see the MSI Integration documentation in the Integrations Overview.
Update Cisco AMP
Verify that the Director can resolve and communicate to AMP's API, located at https://api.amp.cisco.com.
Update the Validation Platform
Prerequisites
Information to gather before you start:
- Identify the client ID for AMP communications.
Identify the API Key for AMP communications.
- Log in to https://console.amp.sourcefire.com (NA) or https://console.eu.amp.sourcefire.com (EU).
- From the Accounts menu, navigate to the Business Page.
- Click Edit.
- Click Regenerate to generate the Client ID and API Key (this button is located under "Features" next to"3rd Party API Access") .
Configuration
To add the Cisco AMP integration
Go to Settings > Integrations.
Click Add Integration and choose Cisco AMP.
- Enter information for the Host, Client ID, and API Key.
Expand Advanced options and update the information if necessary.
Click Submit.
Set up Proxy Assignment
If all outbound connections go through a proxy, you may want to set up a proxy definition and assignment for your integration. For information on setting up your proxy rules, see Proxy Rules.
Verify connectivity
To verify connectivity to Cisco AMP
Click Test to verify that the Director can communicate with the Cisco host using the provided client ID and API key.