Cisco Cisco Firepower Management Center 2000 Entwickleranleitung
4-2
FireSIGHT System Host Input API Guide
Chapter 4 Configuring Host Input Clients
Connecting the Client to the Defense Center
The Host Input Client page appears.
Step 2
Click
Create Client
.
The Create Client page appears.
Step 3
In the
Hostname
field, enter the host name or IP address of the host running the host input client.
Note
If you use a host name, the host input server must be able to resolve the host to an IP address.
If you have not configured DNS resolution, you should configure it first or use an IP address.
If you have not configured DNS resolution, you should configure it first or use an IP address.
Step 4
If you want to encrypt the certificate file, enter a password in the
Password
field.
Step 5
Click
Save
.
The host input service allows the client computer to access port 8307 on the Defense Center and creates
an authentication certificate to use during client-server authentication. The Host Input Client page
re-appears, with the new client listed under
an authentication certificate to use during client-server authentication. The Host Input Client page
re-appears, with the new client listed under
Host Input Clients
.
Step 6
Click the download icon (
) next to the certificate file.
Step 7
Save the certificate file to the directory used by your client computer for SSL authentication.
The client can now connect to the Defense Center.
Tip
To revoke access for a client, click the delete icon (
) next to the host you want to remove.
Note that you do not need to restart the host input service on the Defense Center; access is
revoked immediately.
revoked immediately.
Connecting the Client to the Defense Center
The host input service on the Defense Center reads a version from the client when the client connects.
If the client sends a version newer than the version of the server, the service rejects the connection.
If the client sends a version newer than the version of the server, the service rejects the connection.
In addition, during the initial exchange, the host input service communicates the maximum allowed data
size per transaction to the client. If the client attempts to send a data block bigger than the maximum
size, the server closes the connection.
size per transaction to the client. If the client attempts to send a data block bigger than the maximum
size, the server closes the connection.
Using the Host Input Reference Client
The reference client provided with the host input SDK is a set of sample client scripts and Perl modules
that illustrate how you can use the host input API. You can run them to familiarize yourself with host
input import, or you can use them to debug problems with installations of your custom-built client. You
can also use one of the scripts to process a host input command file from the client.
that illustrate how you can use the host input API. You can run them to familiarize yourself with host
input import, or you can use them to debug problems with installations of your custom-built client. You
can also use one of the scripts to process a host input command file from the client.
For more information on setting up reference clients, see the following sections:
•
•