You You can configure REST API and DXL endpoints to send outbound notifications.
...
5. Save the configuration.
| Anchor | ||||
|---|---|---|---|---|
|
| Anchor | ||||
|---|---|---|---|---|
|
When adding a DXL endpoint, you must configure the DXL client and broker. You can manually configure the list of DXL brokers that are used by DXL clients in NIOS or import the broker configuration file, as described in the following steps.
To configure a DXL endpoint, complete the following:
- From the Grid tab, select the Ecosystem tab -> Outbound Endpoint tab, and click the Add icon and select Add DXL Endpoint.
Or
From the Grid tab, select the Ecosystem tab -> Outbound Endpoint tab and then click Add -> Add DXL Endpoint from the Toolbar. - In the the Add DXL Endpoint wizard, complete the following:
Name: Specify the name used to identify the endpoint.
Vendor Type: The DXL vendor type associated with the endpoint. This is optional.
Client Certificate: Click Generate to generate and upload both the client and CA certificates of the endpoint on NIOS. When you click Generate, the client certificate is automatically uploaded on NIOS and a copy of CA certificate is downloaded. Import this downloaded CA certificate to the DXL server. For information about how to import the CA certificate, refer to the McAfee documentation. If you already have the client certificate, you can upload it by clicking the Upload icon. Click Upload to upload the client certificate. In the Upload dialog box, click Select to navigate to the certificate, and then click Upload.
CA Certificates: Click CACertificates to upload the broker Certificate. Download the broker certificate from the DXL server and upload it to NIOS. In the CA Certificates dialog box, click the Add icon, and then navigate to the certificate to upload it.
WAPI Integration Username: If you have included at least one “wapi” related field in your action template, you must configure WAPI integration; otherwise, the WAPI step will fail due to an authorization error. Enter the username of the admin user you want to designate for DXL notifications.
WAPI Integration Password: Enter the password of the admin user you have designated for DXL notifications.
Member Source outbound API requests from: Select one of the following to process for sending outbound notifications:
- Selected
- Grid
- Master
- Candidate
- (Recommended): Select this to use the Grid Master Candidate to process and send outbound notifications to the endpoint. If there are multiple Grid Master candidates, select a Grid Master Candidate from the drop-down list. This is the recommended choice and is selected by default because the CPU and memory required for processing and sending outbound events from the Grid Master Candidate can be offloaded or manually load balanced across multiple Grid Master Candidates if required.
Note: If your outbound member is a Grid Master Candidate and in case the Grid Master Candidate is promoted to the Grid Master, make sure that you modify the outbound member to the Grid Master on the endpoint configuration to avoid any outbound notification failures. For information,
Modifying Outbound Endpoint Configurationsee .
- Current Grid Master: Click this to use the Grid Master to send outbound notifications to the endpoint. When you use the Grid Master as the outbound member, ensure that it has enough CPU and memory to process all the workloads and processes, in addition to being an outbound member. Infoblox recommends that you use the Grid Master as an outbound member only for testing purposes to avoid overloading the Grid Master and to maintain optimal performance for the Grid.
- Comment: Enter additional information about the
REST API - DXL endpoint.
- Disable: Select this if you want to save the configuration but do not want to use it yet. You can clear this check box when you are ready to use this configuration.
- Test Connection: Click this to validate the endpoint settings and test the connectivity between the Grid Master and the endpoint (this does not test the connection between the Grid Master Candidate that is assigned as the outbound member and the endpoint). Grid Manager displays a message indicating whether the connection is successful. Note that the test does not validate username, password, or certificate for the endpoint. It only tests the basic connection between the Grid Master and the endpoint.
- Name: Specify the name used to identify the endpoint.
- Vendor Type: The REST API vendor type associated with the endpoint. This is optional.
- Auth Username: Enter the username of the target endpoint. The appliance ignores the Auth Username for WAPI related steps in any action templates if WAPI integration is configured. It still uses this username for other non-WAPI related steps.
- Auth Password: Enter the user account password for the target endpoint. You can click Clear Password to clear the password and set a new one. The appliance ignores the Auth Username for WAPI related steps in any action templates if WAPI integration is configured. It still uses this password for other non-WAPI related steps. Client Certificate: Click Select to upload the endpoint certificate. In the Upload dialog box, click Select to
3. Click Next to add the DXL broker. There are two ways to configure the DXL broker. You can manually enter the host name of the broker or you can import the broker configuration file using the Import option. In the Brokers wizard, do one of the following:
- Click Add to open the Add Broker wizard. Enter the host name in the Host Name text box. Optionally, you can enter the following information as well:
- IP address: Enter the IP address of the DXL broker.
- Unique ID: A unique identifier for the broker. This is useful for identifying the DXL broker in log messages.
- Port information: The port number used to communicate with the DXL broker.
- Click Add to open the Add Broker wizard. Enter the host name in the Host Name text box. Optionally, you can enter the following information as well:
- Click Import to upload the broker configuration file. In the Upload dialog box, click Select to navigate to the certificate, and then
...
- click Upload.
...
Note: You can export the Broker configuration file from McAfee ePolicy Orchestrator (McAfee ePO). For information how to export, refer to the McAfee documentation.
...
Click Test Connection to validate the connectivity between the DXL broker fabric and the Grid Master.
4. Click Next to set the severity level for the events.
- Log Level: From the drop-down list, select the severity level for the events. The severity level you select here determines the type of events that are being logged. This can be Debug, Info, Warning, or Error. When you select Debug, all fields or variables used in the events that were sent to the endpoint are logged, including deduplicated events for RPZ hits. For information about deduplication, see Deduplicating RPZ Events. Note that setting this to Debug might slightly affect the performance of your production system..
- Vendor Type: Displays the vendor information for the endpoint.
- Template Type: Displays Session Management.
- Parameters: Displays the parameters of the template you select. You can access these values in the notification rules
5. Click Next to add extensible attributes for the endpoint. For information, see About Extensible Attributes.
6. Save the configuration.
| Anchor | ||||
|---|---|---|---|---|
|
| Anchor | ||||
|---|---|---|---|---|
|
...
- From the Grid tab, select the Ecosystem tab -> REST API Endpoint tab, click the Action icon next to the endpoint name and select Edit from the menu.
- The <Endpoint Name> REST API Endpoint editor provides the following tabs from which you can modify data:
- General: You can modify the general information of an endpoint, as described in Configuring REST API Endpoints.
- Session Management: You can edit the session timeout value and upload a new session management template.
- Extensible Attributes: You can add, modify, and delete extensible attributes that are associated with an endpoint. For information, see About Extensible Attributes.
- Save the configuration.
...