You can add Cisco ASA as a data source in VMware Aria Operations for Networks.

Prerequisites

You must ensure that:

  • The data source and its version is supported in VMware Aria Operations for Networks. For more information, see Supported Products and Versions.
  • The data source follows VMware Ports and Protocols supported in VMware Aria Operations for Networks. For more information, see VMware Ports and Protocols.
  • You have rights to the switch in the enable mode. The user's password must be same as the one used for the enable mode of Cisco ASA.

Procedure

  1. From the left navigation pane, go to Settings > Accounts and Data Sources.
  2. Click Add Source.
  3. Under Firewall group, click Cisco ASA.
  4. In the Add a New Cisco ASA Account or Source page, provide the required information.
    Option Action
    Collector VM Select a collector VM from the drop-down menu.
    IP Address/FQDN Enter the IP address or the FQDN details.
    Username Enter the user name.
    Note: The user should have the enable mode privilege to set terminal length to 0, and for switching security context.
    Password Enter the password.
    Note: Ensure that you enter the same password as the one that you used for the enable mode of Cisco ASA.
  5. Click Validate.
  6. To enable a richer data collection, click Use SNMP (recommended for richer data collection) check box, and do the following:
    1. From the SNMP Version drop-down menu, select an SNMP version. Depending on which version of SNMP you have selected, do the following:
      Option Action
      2c In the Community String text box, enter a community string.
      3
      1. Enter Username, Context Name.
      2. From the Authentication Type drop-down, select an authentication type and enter the Authentication Password.
      3. From the Privacy Type drop-down, select a privacy type and enter the Privacy Password.
  7. Define the polling interval for the configuration data collection. You can set the polling interval from 10 minutes to 7 days.
    • Preset - Select the interval time from the predefined time set.
    • Custom Interval - Set a value and select Minutes, Hours, and Days.
    • Fixed Schedule - Select the days and set the time to schedule the interval.
  8. (Optional) In the Nickname text box, enter a nickname.
  9. (Optional) In the Tags (Optional) key-value pair text box, enter a key and a value.
    A key-value pair could be any text. For example, you can use Layer Access as key-value pair where layer is the key and access is the value.
    1. To apply the tag in all the associated entities, click the Apply above tag operations to all associated entities check box. When you select this option, the tag gets applied to all associated entities. For more details about the associated entities, see Working with Local Tags.
      If you clear the Apply above tag operations to all associated entities check box, the assigned tag is removed from all the associated entities.
  10. (Optional) In the Notes text box, add a note if necessary.
  11. Click Submit.

What to do next

VMware Aria Operations for Networks supports the following features of Cisco ASA:
  • VLAN
  • Layer 3 Routing (IPv4)
  • VRF (Virtual routing and forwarding)
  • Security Policy
  • Security Zone
  • Global Policy
  • Multiple Context (Not supported in network assurance and verification)