Create a Multicloud Defense Connector

This topic discusses how to create a connector for Cisco Multicloud Defense. The connector sends dynamic application address objects to the configured Cloud-delivered Firewall Management Center.

For more information, see the Address Objects chapter in the Cisco Multicloud Defense User Guide and address object API documentation.

The following figure shows how the Cisco Multicloud Defense connector works.

The Cisco Multicloud Defense connector sends IP addresses from AWS to the Cloud-delivered Firewall Management Center

As the figure shows:

  • Users logging in and out of AWS create activity monitored by Multicloud Defense.

  • The dynamic attributes connector and Multicloud Defense, both included in CDO, send IP addresses from that activity to the Cloud-delivered Firewall Management Center.

  • These IP addresses can then be used in access control rules by the Cloud-delivered Firewall Management Center.

Procedure

Step 1

Log in to CDO.

Step 2

Click Tools & Services > Dynamic Attributes Connector > Connectors.

Step 3

Do any of the following:

  • Add a new connector: click Add icon (add icon), then click the name of the connector.

  • Edit a connector: click Edit icon (edit icon).

  • Delete a connector: click Delete icon (delete icon).

Step 4

Enter a Name and optional Description to identify the connector.

Step 5

Enter a Pull Interval. (Default 30 seconds.) Interval at which objects are retrieved from the Multicloud Defense Connector.

Step 6

Click Test and make sure the test succeeds before you save the connector.

Step 7

Click Save.

Step 8

Make sure Ok is displayed in the Status column.

What to do next

You must create a Cloud-delivered Firewall Management Center adapter as discussed in Create an Adapter.