All Collections
Integration Guide
Cisco IronPort Integration
Cisco IronPort Integration
Ali Murtaza avatar
Written by Ali Murtaza
Updated over a week ago

About Cisco IronPort

Cisco IronPort ESA (Email Security Appliance) is known for its comprehensive, fast, and dynamic protection against email security threats. Protection against emerging threats is also made possible with the continuous upgrades and new rules added to the customers’ email security solutions. Domains of suspicious senders can be added to blacklists. Similarly, safelists can also be upgraded with trusted domains.

Together, SIRP and Cisco IronPort ESA deliver advanced email security. SIRP’s integration with Cisco IronPort allows security teams to execute response actions right from SIRP.

Supported Actions

SIRP’s Cisco IronPort integration app allows you to execute the following actions:

S.no

Action

Description

1

Add Sender Domain to Blocklist

The sender domain will be added to the blocklist in Cisco IronPort

2

Add Sender Domain to Safelist

The sender domain will be added to the safelist in Cisco IronPort

Enable and Configure Cisco IronPort

Create a new user on the Cisco IronPort Instance

  1. Open your Cisco IronPort instance.

  2. In the Settings tab from the dashboard, go to Users.

  3. Create a New user and assign a name to them.

  4. Also, assign a minimum operator role to this new user.

Enable the Cisco IronPort in SIRP

  1. First, log in to SIRP, then go to Apps from the left navigation bar.

  2. Locate the app named Cisco IronPort.

  3. Enable the Cisco IronPort app by clicking on the toggle button under the Status Column.

  1. Once you enable the App, click the configure option to integrate SIRP with Cisco IronPort.

  2. Add the following details and click Save:

    1. URL: <URL from the Cisco IronPort Instance>

    2. Username: <Account ID from Cisco IronPort Instance>

    3. Password: <Assigned by the User>

Did this answer your question?