Cisco Firepower Guide

For Cisco Firepower devices, Nipper requires a configuration file which is composed of responses from the Firewall Management Center (FMC) API that is managing your Firepower device.

For instructions on enabling this API, see here.

This file must be in JSON format in a bespoke schema. When a Firepower device is audited remotely, Nipper executes a javascript file which makes a series of API requests and builds up this configuration file from the responses.

Because of the number of API commands which must be run to retrieve the full configuration, we have provided tools to do this automatically in situations where the environment Nipper is deployed in cannot remotely connect to your device. These tools can be found in the public Titania Bitbucket repository, Nipper_Config_Retrieval.

Python script

We have provided a python application which can be used for running the javascript which generates the configuration file in isolation from Nipper. The application together with the javascript file can be found in the Nipper_Config_Retrieval repository, in the folder Manual config retrieval. Instructions on how to run the application are given in the readme.txt which is found at the same location. The script should be run on a workstation that can make HTTPS connections to the FMC. The workstation is required to have python, pipenv and pip installed. If it is not possible to install additional dependencies on your workstation, see the below section.

Standalone.exe

We have also provided this python script in the form of a standalone executable for Windows, which does not require any additional software to be installed. Simply download the executable retrieve-config.exe from the Nipper_Config_Retrieval repository Downloads page and run it on a Windows workstation that can connect to the FMC device over HTTPS.