Request Threat Containment
Workflow #0039
This workflow submits a firewall change request ticket using the Tufin SecureChange API. A confirmation message is sent using Microsoft Teams.
Change Log
Date | Notes |
---|---|
Jul 30, 2021 | - Initial release |
Sep 7, 2022 | - Minor updates to naming and descriptions |
See the Important Notes page for more information about updating workflows
Requirements
- The following system atomics are used by this workflow:
- None
- The following atomic actions must be imported before you can import this workflow:
- Microsoft Teams - Post Message via Webhook (CiscoSecurity_Atomics)
- Tufin - Submit Firewall Change Request (CiscoSecurity_Atomics)
- The targets and account keys listed at the bottom of the page
- A webhook URL for the Microsoft Teams channel to post messages to (see: this page)
- Tufin Orchestration Suite instance
Workflow Steps
- Submit firewall change request
- Send a message to Microsoft Teams indicating if the request was submitted successfully
Targets
Target Group: Default TargetGroup
Target Name | Type | Details | Account Keys | Notes |
---|---|---|---|---|
Microsoft Teams Webhook | HTTP Endpoint | Protocol: HTTPS Host: your-tenant.webhook.office.com Path: /the-rest-of-the-webhook-url | None | |
Tufin Orchestration Suite | HTTP Endpoint | Protocol: HTTPS Host: your-tufin-instance.domain.com Path: None | Tufin Credentials | If using a self-signed certificate, disable certificate validation on the target |
Account Keys
Account Key Name | Type | Details | Notes |
---|---|---|---|
Tufin Credentials | HTTP Basic Authentication | Username: Tufin Admin Username Password: Tufin Admin Password |