Cisco ASA
VulnCheck Initial Access Intelligence improves Cisco ASA deployments by providing real-time IP Address data via our Tags API.
Customers of Cisco ASA who purchase a VulnCheck Initial Access Intelligence license are able to leverage Cisco's Dynamic Block List (DBL) functionality to block attacker Command & Control (C2) infrastructure detected by VulnCheck.
Working with Dynamic Block Lists in Cisco ASA
Cisco ASA provides an easy to use custom list functionality for Cisco ASA FirePOWER, which may be used with third-party intelligence providers like VulnCheck.
For more information on these features from Cisco see: Configure IP Blacklisting while Using Cisco Security Intelligence through ASDM
Block VulnCheck C2 Detections with Cisco ASA
You can use any third-party IP database for the custom list for which Firepower module contacts the third party server to fetch the IP address list. In order to configure this, navigate to Configuration > ASA FirePOWER Configuration > Object Management > SecurityIntelligence > Network Lists and Feeds
Then in the Feed URL input box, simply add:
https://api.vulncheck.com/v3/tags/vulncheck-c2?token=INSERT_VULNCHECK_TOKEN
Checkpoint Quantum Security Gateway
VulnCheck Initial Access Intelligence improves Checkpoint Quantum Security Gateway deployments by providing real-time IP Address data via our Tags API.
Fortinet FortiGate
VulnCheck Initial Access Intelligence improves Fortinet FortiGate deployments by providing real-time IP Address data via our Tags API.
