Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
4-4
FireSIGHT System Host Input API Guide
Chapter 4 Configuring Host Input Clients
Using the Host Input Reference Client
Loading General Prerequisites for the Host Input Reference Client
Before you can run the host input reference client, you must install the
IO::Socket::SSL
Perl module
on the client computer. You can install the module manually or use
cpan
to do so.
Note
If the
Net::SSLeay
module is not installed on the client computer, install that module as well.
Net::SSLeay
is required for communication with OpenSSL.
You also need to install and configure OpenSSL to support an SSL connection to the Defense Center.
For more information, see
For more information, see
.
In addition, if you plan to use the Qualys plugin with the host input client, you must install the
XML::Smart
Perl module and its prerequisites. If you plan to use IPv6 to communicate between the client
and the Defense Center, you must also install the
IO::Socket::INET6
Perl module.
Downloading and Unpacking the Host Input Reference Client
You can download the
HostInputClientSDK.zip
Unpack the zip file to a computer running the Linux operating system, where you plan to run the client.
Creating a Certificate for the Host Input Reference Client
License:
FireSIGHT
Before you can use the host input reference client, you need to create a certificate on the Defense Center
for the computer where you want to run the client. You then download that file to the client computer.
for the computer where you want to run the client. You then download that file to the client computer.
To create a certificate for the reference client:
Access:
Admin
Step 1
Select
Local
>
Registration
>
Host Input Client
.
The Host Input Client page appears.
Step 2
Click
Create Client
.
The Create Client page appears.
Step 3
In the
Hostname
field, enter the host name or IP address of the host running the host input reference client.
If you use a host name, the Defense Center must be able to resolve the host to an IP address. If you have
not configured DNS resolution on the Defense Center or if a reverse lookup is not available, you should
configure DNS first or use an IP address. Refer to the FireSIGHT System User Guide or the online help
for more information about configuring DNS settings.
not configured DNS resolution on the Defense Center or if a reverse lookup is not available, you should
configure DNS first or use an IP address. Refer to the FireSIGHT System User Guide or the online help
for more information about configuring DNS settings.
Step 4
Click
Save
.
The Defense Center now allows the host to access the Defense Center and creates an authentication
certificate to use during client-server authentication. The Host Input Client page appears again, with the
new client listed under
certificate to use during client-server authentication. The Host Input Client page appears again, with the
new client listed under
Hostname
.
Step 5
Click the download icon (
) next to the client hostname to download the certificate file.
Step 6
Save the certificate file to the directory where you put the reference client.
The client can now connect to the Defense Center. You do not need to restart the host input service.