Contents

Related Topics

Integrate Your Firebox with Autotask

You can configure your Firebox to integrate with Autotask, a professional service automation tool. This integration enables service providers to automatically synchronize customer asset information for more efficient device management and monitoring.

Fireware Version CompatibilityAutotask Integration is supported in Fireware v12.0.1 and higher.

Autotask features include:

  • Auto Synchronization of Asset Information — Automatically synchronizes your Firebox asset information and the status of your security service subscription, which includes subscription start and end dates, device serial numbers, and OS versions.
  • Closed-Loop Ticketing of System, Security, and Subscription Events — Configure event thresholds for a wide range of parameters to automatically trigger the creation and closure of tickets, such as security services, device statistics, and subscription statuses. This feature eliminates ticket flooding and false alarms, and automatically closes tickets when issues are resolved. If an event occurs again, the same ticket is reopened so that you can track repeated occurrences of the same event. You can also configure the default priority of tickets.

This topic includes integration instructions to help you configure your Firebox to work with Autotask. For more information or technical support about how to configure settings on the Autotask website, see the Autotask documentation.

Configure the Autotask Settings on Your Firebox

You can configure the Autotask integration settings from Fireware Web UI or Policy Manager.

In Autotask, you can create custom Priority levels, Queues, and Product categories that appear in the Autotask configuration settings on your Firebox. For instructions, see the Edit Ticket Priorities, Edit Queues, and Edit Products sections in this topic.

After you enable Autotask on your Firebox and save the configuration, Autotask automatically creates a Configuration Item object for the Firebox, unless you selected Use existing Configuration Item. Configuration Items are assets that you manage in Autotask. They are grouped by Product type in Autotask.

If you select Use existing Configuration Item, you must manually add the WatchGuard user-defined fields to your Autotask configuration to enable device monitoring.

To configure the Firebox to integrate with Autotask, from Fireware Web UI:Closed

  1. Select System > Technology Integrations.

    Screen shot of the Autotask configuration page on the Firebox

  2. Select the Autotask tab.
  3. Select the Enable Autotask check box.
  4. In the Username text box, type the user name for your Autotask account.
  5. In the Password text box, type the password for your Autotask account.
  6. Adjacent to the Account text box, click Lookup.
    The Account Lookup page appears.
  7. Select an account and click OK.
  8. To set a default ticket priority, adjacent to the Priority text box, click Lookup .
    The Service Ticket Priority Lookup dialog box appears.

    Screen shot of the Service Ticket Priority Lookup dialog box

  1. Select a priority level for tickets generated by the Firebox and click OK.
  2. To set a default queue for tickets, adjacent to the Queue text box, click Lookup.
    The Queue Lookup dialog box appears.
  3. Select a Queue and click OK. All tickets generated by the Firebox appear in this queue.
  4. Adjacent to the Product text box, click Lookup.
    The Product Lookup dialog box appears.
  5. Select a Product and click OK.
  6. If a Configuration Item already exists for this Firebox in your Autotask account, select the Use existing Configuration item check box. Tip!If a Configuration Item already exists for this Firebox in your Autotask account, and you do not select this check box, a duplicate Configuration Item appears in your Autotask account.
  7. To test the settings before you save the configuration, click Test Settings.
  8. To save the configuration changes, click Save.
To configure the Firebox to integrate with Autotask, from Policy Manager:Closed
  1. Select Setup > Technology Integrations > Autotask.

Screen shot of Autotask setup dialog box

  1. Select the Enable Autotask check box.
  2. In the Username text box, type the user name for your Autotask account.
  3. In the Password text box, type the password for your Autotask account.
  4. In the Account text box, type your Autotask account name.
  5. In the Priority text box, type the Autotask priority level for all tickets generated by the Firebox.
  6. In the Queue text box, type the Autotask queue name. All tickets generated by the Firebox appear in this queue.
  7. In the Product text box, type the Autotask Product name.
  8. If a Configuration Item already exists for this Firebox in your Autotask account, select the Use existing Configuration item check box. Tip!If a Configuration Item already exists for this Firebox in your Autotask account, and you do not select this check box, a duplicate Configuration Item appears in your Autotask account.
  9. Click OK.
  10. Save the configuration to your Firebox.

See Device Configuration Details in Autotask

After you enable Autotask integration on your Firebox, information from the Firebox, such as the serial number and expiration date, is automatically synchronized and appears in Autotask.

To see your Firebox in Autotask:Closed
  1. From the navigation icon at the top left, select CRM > Accounts.
    The Account Search page appears.
  2. In the Account Name or Number text box, type the account name. Tip!You can type only a portion of the account name.
  3. Click Search.
    A list of accounts appears.

Screen shot of the Autotask Account Search page

  1. To view the account details, click the account name.
    The Account page appears.

Screen shot of the Autotask Account page

Edit Configuration Items and Monitors

You can view the Configuration Items and Monitors for an account in Autotask.

To view the Configuration Items for an account:Closed
  1. On the Account page for your company, place your mouse pointer over the menu at the top left.

Screen shot of the Autotask Account page drop-down menu

  1. Select Configuration Item.
    The Configuration Items dialog box appears.

Screen shot of Autotask Configuration Items page

  1. Select a Configuration Item to view or edit the configuration.
    The Edit Configuration Item page appears.

Screen shot of the Edit Configuration Item page

  1. To view the connection details and monitors for your Firebox, expand the Configuration Item User-Defined Fields (Firewall) section.
    A list of WatchGuard monitors appears.

Screen shot of the Autotask Configuration Item page

WatchGuard Monitors

Firebox Configuration Items include a unique set of WatchGuard monitors that relate to device monitoring and ticket management. These are thresholds for system events, and enable you to customize the events that generate tickets.

If a system condition passes a configured threshold, a ticket is created to notify you of the system event. If the event does not continue and passes below the threshold, the ticket is automatically closed. If the event occurs again, the same ticket is opened again so that you can track repeated occurrences of the same event.

If you edit a monitor in Autotask, you must use the same syntax as existing monitors. If you create a monitor with invalid syntax, the Autotask UI does not warn you. However, errors appear in the Firebox logs.

WG: Firebox Model

Displays the model number of your Firebox.

WG: Fireware Version

Displays the Fireware OS version that is on your Firebox.

WG: Monitor APT Detection

Monitors APTs detected by APT Blocker over a specified period of time. For example, it can notify you if 100 APTs were detected over 10 minutes.

WG: Monitor Botnet Detection

Monitors botnet activity detected by Botnet Detection over a sustained period of time. For example, it can generate a ticket if botnet activity is detected for over 10, 30, or 60 minutes.

WG: Monitor Certificate Expiration

Monitors system certificates and generates a ticket if any certificates will expire within the number of days you specify. You can select 10, 30, or 60 days prior to expiration.

WG: Monitor Cluster Failover

Monitors whether a FireCluster failover has occurred. After a failover occurs, the new FireCluster master generates a ticket. The ticket information includes the member IDs of the new cluster master and the previous master. The ticket is closed after five minutes of cluster stability.

WG: Monitor CPU Usage

Monitors CPU usage over a specified time period. For example, it can generate a ticket if CPU usage is greater than 90% over 10 minutes.

WG: DLP Detection

Monitors violations detected by Data Loss Prevention over a specified period of time. For example, it can generate a ticket if 50 DLP violations were detected over 10 minutes.

WG: Feature-Key Expiration

Monitors feature keys and generates a ticket if any feature keys will expire within the number of days you specify. You can select 10, 30, or 60 days prior to expiration.

WG: Monitor Flood Detection

Monitors whether DoS flood attacks (such as SYN, ICMP, UDP, IPsec, IKE floods) have occurred over a specified period of time. For example, it can generate a ticket if any flood attacks are detected over 10, 30, or 60 minutes.

WG: Monitor Interface Status

Monitors whether any network interfaces have a link down status over a specified period of time. For example, it can generate a ticket if an interface is down for longer than 5, 10, or 30 seconds.

WG: Intrusion Prevention

Monitors whether intrusion attempts have been detected by IPS over a specified period of time. For example, it can notify you if 50 intrusions were detected over 10 minutes.

WG: Monitor Memory Usage

Monitors memory usage over a specified time period. For example, it can notify you if memory usage is greater than 90% for over 10 minutes.

WG: Monitor Spam Detection

Notifies you if spam email messages have been detected by spamBlocker over a specified period of time. For example, it can notify you if 50 spam messages were detected over 10 minutes.

WG: Monitor Total Connections

Monitors the total number of concurrent connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent connections is greater than 90% of your system limit for over 10 minutes.

WG: Monitor Total L2TP Connections

Monitors the total number of concurrent L2TP connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent L2TP connections is greater than 90% of your system limit for over 10 minutes.

WG: Monitor Total MUVPN Connections

Monitors the total number of concurrent Mobile VPN (MUVPN) connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent MUVPN connections is greater than 90% of your system limit for over 10 minutes.

WG: Monitor Total SSLVPN Connections

Monitors the total number of concurrent SSLVPN connections over a specified time period compared to your system connection limits. For example, it can generate a ticket if the total number of concurrent SSLVPN connections is greater than 90% of your system limit for over 10 minutes.

WG: Monitor Virus Detection

Notifies you if viruses have been detected by Gateway AntiVirus over a specified period of time. For example, it can generate a ticket if 50 viruses were detected over 10 minutes.

View Ticket Management

The thresholds you specify automatically trigger the creation and closure of tickets. This prevents ticket flooding and false alarms, and enables tickets to be automatically closed when issues are resolved. If an event occurs again, the same ticket is reopened so that you can track repeated occurrences of the same event.

To see a summary of tickets associated with this configuration in your Autotask account:Closed
  1. In your Autotask account, select the Tickets tab.

Screen shot of the Tickets tab

  1. To see the ticket details, click the ticket number or description.

Screen shot of the Autotask ticket detail page

 

Edit Ticket Priorities

These default Ticket Priorities appear in Autotask and on your Firebox:

  • Critical
  • High
  • Medium
  • Low

You can change the Ticket Priority name, deactivate a Ticket Priority, or create a new Ticket Priority. After you make changes to Ticket Priorities in Autotask, the Autotask configuration on your Firebox shows the changes.

To edit or create Ticket Priorities in Autotask:Closed
  1. On the Autotask dashboard, click the Autotask logo.
  2. Select Admin.

Screen shot of the main Autotask menu

  1. Expand Service Desk (Tickets).

Screen shot of the Autotask Service Desk Tickets section

  1. Click Priorities.
    The Ticket Priorities page appears.
  2. To edit a Ticket Priority, click the priority and type a new name.

Screen shot of the Autotask Ticket Priorities page

  1. To add a new Ticket Priority, click New.

Edit Queues

Several default Service Desk Queues appear in Autotask and on your Firebox.

You can make these changes to Queues:

  • Edit the Queue name
  • Deactivate or delete a Queue
  • Create a new Queue
  • Edit who receives notifications about the Queue

After you make changes to Service Desk Queues in Autotask, the Autotask configuration on your Firebox shows the changes.

To edit or create Queues in Autotask:Closed
  1. On the Autotask dashboard, click the Autotask logo.
  2. Select Admin.
  3. Click Service Desk (Tickets).
  4. Click Queues.
    The Service Desk Queues page appears.

Screen shot of the service desk queues in Autotask

  1. To edit a Queue, click the queue and type a new name.
  2. To deactivate a Queue, right-click the queue and select Inactivate Queue.
  3. To delete a Queue, right-click the queue and select Delete Queue.
  4. To create a new Queue, click New.
  5. To edit who receives notifications, right-click the Queue and select Edit Queue Details.

Edit Products

Default Product Categories appear in Autotask and on your Firebox. You can change Product Categories or create new ones. After you make changes to Service Desk Queues in Autotask, the Autotask configuration on your Firebox shows the changes.

To edit or create Products in Autotask:Closed
  1. On the Autotask dashboard, click the Autotask logo.
  2. Select Admin.
  3. Click Service Desk (Tickets).
  4. Click Products & Services.
  5. Click Product Categories.
    The Product Categories page appears.

Screen shot of the Product Categories page in Autotask

  1. To edit, add, or delete a Product Category, right-click a category in the navigation menu.
  2. Select Edit Product Category, add Product Category, or Delete Product Category.

Screen shot of Product Category options in Autotask

Give Us Feedback     Get Support     All Product Documentation     Technical Search

© 2018 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard logo, WatchGuard Dimension, Firebox, Core, Fireware, and LiveSecurity are registered trademarks or trademarks of WatchGuard Technologies in the United States and/or other countries.