This article explains how to connect Cisco Umbrella to Workbench.
Step 1: Enable console access
Note
Expel secures all login information our SOC analysts need about your devices in a MFA password product. Access to this login information is protected using our internal MFA processes. To learn more about the IP addresses all Expel traffic comes from, go here.
-
Navigate to Admin > Accounts and click Add.
-
Add user’s email address soc+<Your_Organization_Name>@expel.io and select Read Only User Role for the account.
-
Click Send Invitation. Expel completes account registration after the registration email is received.
Step 2: Generate API credentials
-
Use your admin account to create an API Key. This can be found under Admin > API Keys.
-
At the prompt, set an API Key Name, select the appropriate Key Scope(s), and set the Expiry Date.
-
For the API Key Name, set to your organization's preference or something like Reports Key.
-
For the Key Scope, select the following depending on the type of tenant you have:
-
Reports > Read-All: all customers must select this.
-
Admin > Customers: only if you have a Multi-Organization Umbrella console.
-
-
For the Expiry Date, set to Never expire.
-
-
Copy both the Key and the Secret provided.
Use these to configure your technology in Workbench in the next step.
Step 3: Configure the technology in Workbench
-
Login to https://workbench.expel.io.
-
Navigate to Settings > Security Devices.
-
At the top of the page, click Add New Device.
-
Search for and select your technology.
-
Complete all fields using the credentials and information you collected in Step 1 and Step 2. To complete the Console login, see the steps below.
-
You can provide console access now or set it up later. Use the instructions below to set it up later.
Comments
0 comments
Please sign in to leave a comment.