Deploying and Using the Application

To enable the Infoblox SOC to Tenable integration, you’ll need both a destination and a traffic flow. After deploying the integration from the Ecosystem Portal, these components are automatically populated.

Steps to Deploy the Tenable Integration

1. Access the Ecosystem Portal:
   Log in to the Infoblox CSP.

2. Navigate to the Integration Marketplace:

   • Go to Configure in the top menu.

   • Click on Administration.

3. From the list, select Integration Marketplace.
   

   

    

4. Deploy the Integration:
   You will be redirected to the Infoblox Marketplace. Locate the Tenable integration, and click Deploy to add it to your Infoblox portal.
   

   

Once deployed, the integration script will appear in the Automation tab of the Data Connector.

Review and Configure the Destination Parameters:
Although the destination is automatically created, you’ll need to review and configure specific destination parameters to match your Tenable environment settings. This ensures seamless communication between Infoblox SOC and Tenable.

• On the Infoblox CSP highlight on Configure, click on Administration and select Data Connector from the revealed list

• On the Data Connector tab, click on the Automation tab on the top of the Data Connector Page where you can see the Integration script.
  

  

• Although the destination is automatically created, you’ll need to review and configure specific destination parameters to match your Tenable environment settings.

• Edit the Application Script for Tenable Integration and configure the desired Variables for Authentication and Integration.

  • Variables

    • cspInstance

    • cspApiKey

    • tenableAccessKey

    • tenableSecretKey

    • tenableTemplateName

    • tenableScannerName
      

      

  • Enable the destination by changing State to Enabled.
    

    

• Verify the Traffic Flow:
  The traffic flow is also auto-populated upon deployment. It’s recommended to verify the traffic flow settings to confirm that the data is correctly directed from Infoblox SOC to Tenable.

   

   

  

• Edit the Traffic Flow:

  • Go to the General tab.

  • Set the State to Enable.

• Configure the Source:

  • Under Log Source Configuration, set Source to Infoblox Cloud Source.

  • Set Log Type to Internal Notifications Log.

• Select the Service Instance:

  • Expand the Service Instance list by clicking on the Service Instance header.

  • From the list, select the created Data Connector service.

• Finalize the Setup:

  • Click Finish to confirm the creation of the Traffic Flow.

Configuring Tenable parameters

1. To generate tenableAccessKey and tenableSecretKey:

   1. Log in to Tenable: Go to your Tenable instance and log in with your credentials.

   2. Navigate to API Keys:

      1. Click on your profile icon in the top-right corner.

      2. Select "My Profile" or "API Keys" from the dropdown menu.

   3. Generate API Keys:

      1. Click on "Generate" or "Create API Key".

      2. Note down the Access Key (tenableAccessKey) and Secret Key (tenableSecretKey). Store them securely as the secret key will be shown only once.
         
         

         

2. To find tenableTemplateName:

   1. Log in to Tenable: Go to your Tenable instance and log in with your credentials.

   2. Navigate to Scans:

      1. Go to the "Scans" tab.

      2. Click on "New Scan".

   3. Select a Template:

      1. Browse through the available templates.

      2. Note down the name of the template you wish to use (e.g., Basic Network Scan).
         
         

         

3. To find tenableScannerName:

   1. Log in to Tenable: Go to your Tenable instance and log in with your credentials.

   2. Navigate to Scanners:

   3. Go to the "Scans" tab.

   4. Click on "Tools > Manage Sensors" in the sidebar or sub-menu.

   5. Select a Scanner from the available list