FireMon Security Manager

Details
Content
Dependencies
Version History

Creates a Policy Planner Ticket in Policy Planner Application and Validates Pre Changes assessments for new requirement.

Use FireMon Security Manager to create a Policy Planner Ticket and Verify Pre Changes Assessment for Rule Requirement

Configure FireMon SecurityManager on Cortex XSOAR

Navigate to Settings > Integrations > Servers & Services.
Search for FireMon Security Manager.
Click Add instance to create and configure a new integration instance.

Parameter	Description	Required
url	Server URL (e.g., https://www.test.com)	True
credentials	Username	True
insecure	Trust any certificate (not secure)	False
proxy	Use system proxy settings	False

Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the CLI, as part of an automation, or in a playbook.
After you successfully execute a command, a DBot message appears in the War Room with the command details.

firemon-create-pp-ticket

Creates a new Policy Planner Ticket for PolicyPlanner in FMOS box.

Base Command

firemon-create-pp-ticket

Input

Argument Name	Description	Required
domain_id	Domain Id is required	Required
workflow_name	WorkFlow Name is required	Required
requirement	List of comma seperated requirements with [List of comma seperated Sources, List of comma seperated Destinations, List of comma seperated Services, Action]	Required
priority	Priority for the ticket,e.g., LOW, MEDIUM, HIGH	Required
due_date	Due Date is required	Required

Command Example

!firemon-create-pp-ticket domain_id=1 worflow_name="test WF" priority="LOW" due_date="2021-08-01T04:15-00:00" requirement=[{"sources":"1.1.1.1", "destinations":"2.2.2.2", "services":"http, tcp", "action":"ACCEPT"}]

firemon-pca

Validates and Return Pre Changes Assessment on Rules added as Requirement.

Base Command

firemon-pca

Input

Argument Name	Description	Required
domain_id	Domain Id is required	Required
device_group_id	Device Group Id is required	Required
sources	List of comma seperated sources	Required
destinations	List of comma seperated destinations	Required
services	List of comma seperated services	Required
action	Action is required	Required

Command Example

!firemon-pca domain_id=1 device_group_id=1 sources="1.1.1.1" destinations="2.2.2.2" services="http" action="ACCEPT"

Use FireMon Security Manager to create a Policy Planner Ticket and Verify Pre Changes Assessment for Rule Requirement

Configure FireMon SecurityManager on Cortex XSIAM

Navigate to Settings > Integrations > Servers & Services.
Search for FireMon Security Manager.
Click Add instance to create and configure a new integration instance.

Parameter	Description	Required
url	Server URL (e.g., https://www.test.com)	True
credentials	Username	True
insecure	Trust any certificate (not secure)	False
proxy	Use system proxy settings	False

Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the CLI, as part of an automation, or in a playbook.
After you successfully execute a command, a DBot message appears in the War Room with the command details.

firemon-create-pp-ticket

Creates a new Policy Planner Ticket for PolicyPlanner in FMOS box.

Base Command

firemon-create-pp-ticket

Input

Argument Name	Description	Required
domain_id	Domain Id is required	Required
workflow_name	WorkFlow Name is required	Required
requirement	List of comma seperated requirements with [List of comma seperated Sources, List of comma seperated Destinations, List of comma seperated Services, Action]	Required
priority	Priority for the ticket,e.g., LOW, MEDIUM, HIGH	Required
due_date	Due Date is required	Required

Command Example

firemon-pca

Validates and Return Pre Changes Assessment on Rules added as Requirement.

Base Command

firemon-pca

Input

Argument Name	Description	Required
domain_id	Domain Id is required	Required
device_group_id	Device Group Id is required	Required
sources	List of comma seperated sources	Required
destinations	List of comma seperated destinations	Required
services	List of comma seperated services	Required
action	Action is required	Required

Command Example

!firemon-pca domain_id=1 device_group_id=1 sources="1.1.1.1" destinations="2.2.2.2" services="http" action="ACCEPT"

Incident Fields

Name	Description
Domain Id
Priority
Action	Select Required Action
Workflow Name	Enter workflow Name
Requirements	Enter list of requirement
Source	Enter multiple sources as comma separated values
Service	Enter multiple services as comma separated values
Destination	Enter multiple destinations as comma separated values
Device Group Id	Enter Device Group Id
PP Ticket Due Date

Incident Types

Name	Description
FireMon Pre Change Assessment
FireMon Policy Planner

Integrations

Name	Description
FireMon Security Manager (Community Contribution)	FireMon Security Manager delivers comprehensive rule lifecycle management to help you manage and automate every stage of the change management process. Workflows can be customized and automated to conform to your security goals and standards, with tools at your disposal to evolve policy and protection over time.

Layouts

Name	Description
FireMon Incident Policy Planner	Layout for FireMon Policy Planner - Create PP Ticket
FireMon Incident Pre Change Assessment	Layout for FireMon Pre Change Assessment

Playbooks

Name	Description
FireMon Pre Change Assessment	Validates and Return Pre Changes Assessment on Rules added as Requirement.
FireMon Create Policy Planner Ticket	Creates a new Policy Planner Ticket for PolicyPlanner in FMOS box.

Incident Fields

Name	Description
Device Group Id	Enter Device Group Id
PP Ticket Due Date
Destination	Enter multiple destinations as comma separated values
Requirements	Enter list of requirement
Source	Enter multiple sources as comma separated values
Domain Id
Service	Enter multiple services as comma separated values
Workflow Name	Enter workflow Name
Priority

Incident Types

Name	Description
FireMon Pre Change Assessment
FireMon Policy Planner

Integrations

Name	Description
FireMon Security Manager (Community Contribution)	FireMon Security Manager delivers comprehensive rule lifecycle management to help you manage and automate every stage of the change management process. Workflows can be customized and automated to conform to your security goals and standards, with tools at your disposal to evolve policy and protection over time.

Playbooks

Name	Description
FireMon Create Policy Planner Ticket	Creates a new Policy Planner Ticket for PolicyPlanner in FMOS box.
FireMon Pre Change Assessment	Validates and Return Pre Changes Assessment on Rules added as Requirement.

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (2)

Pack Name	Pack By
Common Types	By: Cortex XSOAR
Phishing	By: Cortex XSOAR

All level dependencies (3)

Pack Name	Pack By
Cortex REST API	By: Cortex XSOAR
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

1.2.0 - R1189290 (July 18, 2024)

Integrations

FireMon Security Manager

Added new commands:
- firemon-collector-get-all: Get all the collectors in the inventory.
- firemon-collector-get-status-byid: Get collector status.
Updated the Docker image to: demisto/python3:3.10.14.90585.

Related pull requests:
- 33266
- 33478

Download

1.1.25 - 904622 (March 20, 2024)

FireMon Security Manager

Move to community support.

Related pull requests:
- 33440

Download

1.1.24 - 865088 (March 3, 2024)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.88772.

Related pull requests:
- 33184

Download

1.1.23 - 823153 (February 12, 2024)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 32837

Download

1.1.22 - 798475 (February 1, 2024)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32533

Download

1.1.21 - 757686 (January 11, 2024)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.84405.

Related pull requests:
- 32061

Download

1.1.20 - 7209615 (December 19, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31550

Download

1.1.19 - 6864790 (November 12, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.80014.

Related pull requests:
- 30811

Download

1.1.18 - 6715201 (October 26, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.78960.

Related pull requests:
- 30429

Download

1.1.17 - 6437102 (September 27, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.74666.

Related pull requests:
- 29868

Download

1.1.16 - 6230967 (September 4, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.13.72123.

Related pull requests:
- 29417

Download

1.1.15 - 6094945 (August 19, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.12.68714.

Related pull requests:
- 29057

Download

1.1.14 - 5950262 (August 3, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.12.66339.

Related pull requests:
- 28742

Download

1.1.13 - R5866730 (July 25, 2023)

Integrations

FireMon Security Manager

Updated the Docker image to: demisto/python3:3.10.12.65389.

Related pull requests:
- 28328

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Supported By	Community
Created	November 14, 2021
Last Release	July 18, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.