IPS-Specific Configurations Using REST APIs
Creating the HC Policy
Copy
Request
POST api/v1/configuration/authentication/endpoint/host-checker/policies/policy HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"policy-name": "HC",
"regular": {
"platforms": {
"chromeos": {
"dashboard": {
"consider-for-reporting": "true"
},
"remediation": {
"custom-instructions": "",
"enable-custom-instructions": "false",
"send-reason-strings": "true"
}
},
"windows": {
"dashboard": {
"consider-for-reporting": "true"
},
"remediation": {
"custom-instructions": "",
"delete-files": "false",
"enable-custom-instructions": "false",
"files": null,
"kill-processes": "false",
"processes": null,
"send-reason-strings": "true"
},
"rule-expression": {
"custom-expression": "",
"requirement": "all"
},
"rules": {
"advancedRule": [],
"firewall-rules": {
"firewall-rule": [
{
"needs-monitoring": "false",
"product-list": null,
"product-selection-option": "specific",
"rule-name": "rule1",
"select-specific-product": "false",
"select-specific-vendor": "true",
"selected-product-list": {
"product-info": [
{
"product-name": "Windows Firewall (10.x)",
"turn-on-firewall": "true"
},
{
"product-name": "Windows Firewall (6.x)",
"turn-on-firewall": "false"
}
]
},
"turn-on-firewall-all": "false",
"vendor-list": [
"Microsoft Corporation"
]
}
]
}
}
}
}
}
}
Response
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Deleting the HC Policy
Copy
Request
DELETE api/v1/configuration/authentication/endpoint/host-checker/policies/policy/HC HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Creating the Infranet Enforcer
Copy
Request
POST api/v1/configuration/uac/infranet-enforcer/connections/infranet-enforcer HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"idp-for-local-sessions-only": "true",
"junos": {
"location-group": "- No 802.1X -",
"password-encrypted": "3u+UR6n8AgABAAAAofSnIBrU19vdwUslG5LG4cg1QH6CbXDSmY4ZW0x85HY="
},
"name": "SRX",
"serial-number": [
"ABCNWPWFS"
],
"severity-filter": "medium",
"use-idp": "false"
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting the Infranet Enforcer
Copy
Request
DELETE api/v1/configuration/uac/infranet-enforcer/connections/infranet-enforcer/SRX HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Creating the Infranet Enforcer (PAN)
GET API Key
Copy
RequestURL: https://<PAN-IP address>/api/?type=keygen&user=<PAN username>&password=<PAN password>
Response:
<response status = 'success'>
<result>
<key>LUFRPT10KzVWODYxTlM1bVBTWktDYmJlWGtzaTFXYzg9WU52QTMxYk1kNG1kZG40ZUV3WU1GYkhiM0ZxNjJuckJoWlJONzdoaHVzV0RmUHUyUk91b0tnSVZWVzVtY3FwSg==</key>
</result>
</response>Create Infranet enforcer using above PAN apikey
Copy
Request POST /api/v1/configuration/uac/infranet-enforcer/connections/infranet-enforcer/
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"idp-for-local-sessions-only": "false",
"name": "RESTAPI-PANIPv6",
"pan": {
"apikey-cleartext":
"LUFRPT03cVZtaDVCOVBFOHhML0tYM0JQMGFaZmRiTzA9WU52QTMxYk1kNG1kZG40ZUV3WU1GYkhiM0ZxNjJuckJoWlJONzdoaHVzVnhZd3d3NWQyYjBoUTZGN3UwV2traQ==",
"ipaddress": "xx.xx.xx.xx",
"use-secure-ssl": "false"
},
"serial-number": null,
"severity-filter": "info",
"use-idp": "false"
}
Response:
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Creating Auth Table Mapping Policy
Copy
Request POST /api/v1/configuration/uac/infranet-enforcer/auth-table-mapping-policies/auth-table-mapping-policy
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"NAT-support":"false",
"action":"always-provision-auth-table",
"apply":"all-roles",
"description":"RESTAPI-PANIPv6AuthTableMapping",
"device-group-support": "false",
"infranet-enforcer":
[
"RESTAPI-PANIPv6"
],
"name": "RESTAPI-PANIPv6AuthTableMapping",
"provision-userid": "false",
"roles": null,
"source-device-groups": null,
"vsys": ""
}
Response
{
"result":
{
"info":
[
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Creating a Resource Policy
Copy
Request
POST api/v1/configuration/uac/infranet-enforcer/resource-access-policies/resource-access-policy/ HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"action": "allow-access",
"apply": "all-roles",
"apply-ie-options": "all-options",
"deny-message": "",
"description": "",
"ie-options": [],
"infranet-enforcer": [
"(all)"
],
"name": "Resource Policy",
"resources": [
"<IP Address>/24:*"
],
"roles": null,
"vsys": ""
}
Deleting a Resource Policy
Copy
Request
DELETE api/v1/configuration/uac/infranet-enforcer/resource-access-policies/resource-access-policy/Resource%20Policy HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Creating a Resource Access Policy (PAN Firewall)
Copy
Request
POST api/v1/configuration/uac/infranet-enforcer/resource-access-policies/resource-access-policy/ HTTP/1.1
Host x.x.x.x
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"action": "allow-access",
"apply": "all-roles",
"apply-ie-options": "all-options",
"auto-update": "false",
"deny-message": "",
"description": "PAN_Resource",
"destination-zone": [
"untrust"
],
"device-group-support": "false",
"device-groups": null,
"device-manufacturer": null,
"device-port": "",
"device-protocol": null,
"device-types": null,
"enforcer-type": "palo-alto",
"filter-type": "none",
"ie-options": [],
"infranet-enforcer": [
"(all)"
],
"name": "PAN_Resource",
"pan-service": "any",
"resources": [
"x.x.x.x/x"
],
"resources-excluded": null,
"resources-v6": [
"2001:db8:123:1::/64"
],
"roles": null,
"source-device-groups": null,
"source-zone": [
"dmz"
],
"vsys": ""
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Creating a RADIUS Client
Copy
Request
POST /api/v1/configuration/uac/network-access/radius-clients/radius-client HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"coa-support": "false",
"description": "",
"disconnect-support": "true",
"dynamic-auth-port": "3799",
"enable": "true",
"gatewayid": "",
"ip-address": "10.204.88.12",
"ip-address-range": "1",
"kek-encrypted": "",
"key-wrap-format": "HEX",
"key-wrap-support": "false",
"location-group": "Default",
"mack-encrypted": "",
"make-model": "Ruckus Wireless",
"name": "Ruckus",
"ruckus-certificate-verification": "false",
"ruckus-password-encrypted": "",
"shared-secret-encrypted": "3u+UR6n8AgABAAAAofSnIBrU19vdwUslG5LG4cg1QH6CbXDSmY4ZW0x85HY="
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting a RADIUS Client
Copy
Request
Delete /api/v1/configuration/uac/network-access/radius-clients/radius-client/Ruckus HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Creating a RADIUS Attribute Policy
Copy
Request
POST /api/v1/configuration/uac/network-access/radius-attribute/radius-attributes-policies/radius-attribute-policy HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"apply": "all",
"description": "",
"location-group": [
"Guest"
],
"name": "Return Attribute policy",
"network-interface": "automatic",
"open-port": "false",
"return-attribute-flag": "false",
"return-attributes": {
"return-attribute": []
},
"roles": null,
"send-session-timeout-by-default": "false",
"send-termination-action-by-default": "false",
"vlan": "65",
"vlan-check": "true"
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting a RADIUS Attribute Policy
Copy
Request
DELETE /api/v1/configuration/uac/network-access/radius-attribute/radius-attributes-policies/radius-attribute-policy/Return%20Attribute%20policy/HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Creating SNMP Device
Copy
Request
POST /api/v1/configuration/uac/snmpEnforcement/clients/client HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"default-vlan": "0",
"description": "",
"enable": "true",
"ip-address": "<IP Address>",
"location-group": "none",
"model": "Ruckus Wireless",
"name": "ruckus",
"read-auth-password-encrypted": "",
"read-auth-protocol": "md5",
"read-priv-password-encrypted": "",
"read-priv-protocol": "",
"read-security-level": "auth",
"read-username": "public",
"snmp-enforcement": "false",
"snmp-version": "V2",
"ssh-passphrase-encrypted": "",
"ssh-port-number": "22",
"ssh-private-key-encrypted": "",
"ssh-user-name": "",
"ssh-user-password-encrypted": "",
"sys-contact": "https://support.ruckuswireless.com/contact_us",
"sys-description": "Ruckus Wireless ZD1200",
"sys-location": "350 West Java Dr. Sunnyvale, CA 94089 US",
"sys-name": "ruckus",
"trap-auth-password-encrypted": "",
"trap-auth-protocol": "md5",
"trap-priv-password-encrypted": "",
"trap-priv-protocol": "",
"trap-security-level": "auth",
"trap-username": "public",
"use-samecredential": "true",
"write-auth-password-encrypted": "",
"write-auth-protocol": "md5",
"write-priv-password-encrypted": "",
"write-priv-protocol": "",
"write-security-level": "auth",
"write-username": "public"
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting SNMP Device
Copy
Request
DELETE /api/v1/configuration/uac/snmpEnforcement/clients/client/ruckus/HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Creating SNMP Policy
Copy
Request
POST /api/v1/configuration/uac/snmpEnforcement/snmpPolicies/policy HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"apply-to-roles": "selected",
"description": "",
"location-group": "Guest Wired",
"name": "SNMP policy",
"roles": [
"Guest Wired Restricted"
],
"vlan": "65"
}
Response
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting SNMP Policy
Copy
Request
DELETE /api/v1/configuration/uac/snmpEnforcement/snmpPolicies/policy/SNMP%20policy HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json Creating Device Group - TACACS+
Copy
Request
POST /api/v1/configuration/uac/networkDeviceAdministration/groups/group/ HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"admin-realm": "Admin Users",
"description": "",
"name": "Device Group"
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting Device Group- TACACS+
Copy
Request
DELETE /api/v1/configuration/uac/networkDeviceAdministration/groups/group/Device%20Group HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonCreating TACACS+ Client
Copy
Request
POST api/v1/configuration/uac/networkDeviceAdministration/clients/client HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"description": "",
"deviceGroup": "Device Group",
"enable": "true",
"ipAddress": "<IP Address>",
"ipAddressRange": "1",
"name": "TACACS client",
"shared-secret-encrypted": "3u+UR6n8AgABAAAAofSnIBrU19vdwUslG5LG4cg1QH6CbXDSmY4ZW0x85HY="
}
Response
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Deleting TACACS+ Client
Copy
Request
DELETE /api/v1/configuration/uac/networkDeviceAdministration/clients/client/TACACS%20client HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Creating Shell Policies
Copy
Request
POST /api/v1/configuration/uac/networkDeviceAdministration/policies/policy HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"apply-action": "deny",
"apply-groups": "all",
"apply-roles": "all",
"commandSets": {
"command-set": []
},
"defaultPrivilege": "1",
"description": "",
"groups": null,
"maxPrivilege": "1",
"name": "TACACS policy",
"roles": null
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting Shell Policies
Copy
Request
DELETE /api/v1/configuration/uac/networkDeviceAdministration/policies/policy/TACACS%20policy HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Response
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Creating Admission Control Client
Copy
Request
POST /api/v1/configuration/uac/admissionControl/clients/client HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"description": "",
"enable": "true",
"ipAddress": "<IP Address>",
"name": "FORTINET",
"templateID": "fortigate-text.itmpl"
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting Admission Control Client
Copy
Request
DELETE /api/v1/configuration/uac/admissionControl/clients/client/FORTINET HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonCreating Admission Control Policy
Copy
Request
POST /api/v1/configuration/uac/admissionControl/policies/policy/ HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"action": "ignore",
"apply": "selected",
"count": "1",
"event": "utm:ips",
"name": "policy1",
"replacementRole": null,
"replacementType": "Permanent",
"roles": null,
"severity": "critical",
"templateID": "fortigate-text.itmpl"
}
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
Deleting Admission Control Policy
Copy
Request
DELETE /api/v1/configuration/uac/admissionControl/policies/policy/policy1 HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic
VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonGetting Authentication API Key
Copy
Request
GET <IPS-IP Address>/api/v1/auth
Response
"api_key": "NAIq3DNqOh7aDTsXJbZRUo4b+tILb1vpf5sasdasdfao="
Request
GET <IPS-IP Address>/api/v1/auth/profiler/auth
Response
"api_key": "NAIq3DNqOh7aDTsXJbZRUo4b+tILb1vpf5sasdasdfao="IPS Alert Based Admission Control APIs
Checking Status of IPS Server
Copy
Request
GET <IPS-IP Address>/api/v1/integration/status
Response
"{\"message\": \"API server is up\"}"Getting Session Details for Endpoint Based on IP Address
Copy
Request
GET <IPS-IP Address>/api/v1/integration/sessions/<endpoint-IP Address>
Response
{
"data": [
{
"ip": "xx.xxx.xx.xx",
"macaddr": "00-56-65-bf-0b-cx",
"switch_ip": "",
"switch_port": "",
"username": "user1"
}
]
}
Note: This sample response is for Juniper SDSN.Getting Session Details for Endpoint Based on MAC Address
Copy
Request
GET <IPS-IP Address>/api/v1/integration/sessions/<endpoint-MAC Address>
Response
{
"data": [
{
"macaddr": "00-56-65-bf-0b-cx",
"switch_ip": "",
"switch_port": "",
}
]
}
Sending Alert Event to IPS
Copy
Request
UT /api/v1/ integration/sessions
For example:
Sample PUT request Payload for Juniper SDSN is {"event-name":"block-endpoint", "srcip":"10.xxx.xx.xxx"}.
Note: The event-names and field to parse the source-IP from the event should be defined in the admission control template.
Response
HTTP/1.1 204 NO CONTENTProfiler REST APIs
Approving Devices
Copy
Request
PUT api/v1/profiler/endpoints/simplified/xx:xx:xx:xx:xx:xx HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"status": "approved"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"Successfully updated.”
}
Updating Device Attributes
Copy
Request
PUT api/v1/profiler/endpoints/simplified/xx:xx:xx:xx:xx:xx HTTP/1.1
Host xx.xx.xx.xx
Authorization: Basic VU9qSTlGTzNrYVk5d0t2aXpBN1dPZ0FyZlN1S3FmTkNnQUh0R0ZuR0xSbz06
Content-Type: application/json
{
"manufacturer": "Windows",
"os": "Windows"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"Successfully updated.”
}