McAfee Web Gateway
Integration version: 8.0
Configure McAfee Web Gateway
To configure the McAfee Web Gateway to work with the Google Security Operations integration, follow these steps:
-
Enable REST API interface:
- On Web Gateway page, select Configuration → Appliances.
- On the appliances tree, select the appliance you want to administer using the REST interface and click User Interface.
- Under UI Access, select Enable REST interface over HTTPS (HTTP REST interface is optional).
- Click Save Changes.
-
Give permission to access REST interface:
- On Web Gateway page, select Accounts → Administrator Accounts.
- In the Roles area, select an administrator role and click Edit. The Edit Role window opens.
- Select REST interface accessible.
- Click OK to close the window.
- Click Save Changes.
Configure McAfee Web Gateway integration in Google SecOps
For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations .
Actions
Block IP
Description
Insert IP addresses to an "IP range"-type group.
Parameters
| Parameters | Type | Default Value | Description |
|---|---|---|---|
|
Group Name
|
String | N/A | The group name. |
|
Description
|
String | N/A | The entry description. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
|
is_blocked
|
True/False | is_blocked:False |
JSON Result
N/A
Insert Item to Group
Description
Insert a network object to a group (IP, URL, etc.). Note that each group is type stricted.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
|
Group Name
|
String | N/A | The group name. |
|
Item to Insert
|
String | N/A | The item to insert to the group. Default: x.x.x.x/24. |
|
Description
|
String | N/A | The entry description. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
|
is_blocked
|
True/False | is_blocked:False |
JSON Result
N/A
Ping
Description
Test Connectivity.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
|
is_connect
|
True/False | is_connect:False |
JSON Result
N/A
Remove Item From Group
Description
Remove a network object to a group (IP, URL, etc.). Note that each group is type stricted.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
|
Group Name
|
String | N/A | The group name. |
|
Item to Delete
|
String | N/A | The item to delete from the group. Default: x.x.x.x/32. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
|
is_unblocked
|
True/False | is_unblocked:False |
JSON Result
N/A
Unblock IP
Description
Delete IP addresses from an "IP range"-type group.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
|
Group Name
|
String | N/A | The group name to unblock the IP in. |
Use cases
N/A
Run On
his action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
|
is_unblocked
|
True/False | is_unblocked:False |
JSON Result
N/A
Need more help? Get answers from Community members and Google SecOps professionals.
