Configure AWS monitoring for Cisco Secure Email

To monitor your Cisco Secure Email® environment, Arctic Wolf monitors an Amazon Web Services® (AWS) S3 bucket where Cisco Secure Email logs are forwarded. These steps describe how to configure AWS monitoring for Cisco Secure Email, for customers who do not already have AWS monitoring configured with Arctic Wolf.

Steps

1. Obtain your AWS account number.
2. Provide credentials to Arctic Wolf.

Step 1: Obtain your AWS account number

1. Sign in to the AWS Management console.

2. In the menu bar, click Support > Support Center.

3. Locate your Account Number.

   

4. Copy the Account Number value, and then paste it in a temporary text file.

Step 2: Provide credentials to Arctic Wolf

1. Sign in to the Arctic Wolf Unified Portal.

2. In the menu bar, click Telemetry Management > Connected Accounts.

3. Click Add Account +.

4. On the Add Account page, from the Account Type list, select Cloud Detection and Response.

5. From the list of cloud services, select Cisco Secure Email Free AWS.

6. On the Add Account page, complete these steps:

   1. Account Name — Enter a unique and descriptive name for the account.
   2. In the Account ID field, enter the AWS account number.
   3. Credential Expiry — (Optional) Enter the expiration date if the credentials have an expiry date.

7. Click Test and Submit Credentials.

   After your Concierge Security® Team (CST) enables security monitoring for this account, the connected account status changes to Healthy.

Next steps

Proceed to Cisco Secure Email monitoring to complete your Cisco Secure Email configuration.