Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- sophos [2025/02/06 09:51]
jango [API]
+++ sophos [2025/02/12 11:15] (aktuell)
jango [Network]
@@ Zeile 5: / Zeile 5: @@
 [[https://support.sophos.com/support/s/article/KBA-000002405?language=en_US|Reset]]
-Sophos Central ist ein zentrales Managment Tool in der Cloud.
+Sophos Central ist ein zentrales Managment Tool in der Cloud (für UTM9?).
-{{https://i.ibb.co/5Bph4D6/utm9.png}}
 <code>
@@ Zeile 43: / Zeile 41: @@
 <M> fw-akm:/root # cc get_objects network
 <M> fw-akm:/root # cc get_object "REF_xxxxxx"
+<M> fw-akm:/root # cc get packetfilter rules
+<M> fw-akm:/root # cc get packetfilter rules_auto
 </code>
@@ Zeile 49: / Zeile 50: @@
 Die API (Web Interface) ist unter https://sophos:4444/api erreichbar. [[https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.ashx|Documentation]]
+Parameter werden mit "Referenzen" verknüpft. Einträge die mit "REF_" beginnen sind Referenzen. Referenzen kann man leider nicht via REST API suchen, dazu muss man in der Shell das Tool cc verwenden.
+====AAA====
 <code>
-/api/objects/network/network
+# AAA
+/api/objects/aaa/user // Definitions & Users -> Users
+/api/objects/aaa/group // Definitions & Users -> Groups
+</code>
+====Authentication====
+<code>
+# Authentication
+/api/objects/authentication/adirectory // Definitions & Users -> Authentication Services -> Servers
+/api/objects/authentication/edirectory // Definitions & Users -> Authentication Services -> Servers
+/api/objects/authentication/group
+/api/objects/authentication/otp_token // Definitions & Users -> Authentication Services -> One-Time Passwords
+/api/objects/authentication/ldap // Definitions & Users -> Authentication Services -> Servers
+/api/objects/authentication/radius // Definitions & Users -> Authentication Services -> Servers
+/api/objects/authentication/tacacs // Definitions & Users -> Authentication Services -> Servers
+</code>
+====CA====
+<code>
+# Certificate authority
+/api/objects/ca/crl
+/api/objects/ca/csr
+/api/objects/ca/group
+/api/objects/ca/host_cert
+/api/objects/ca/host_key_cert
+/api/objects/ca/http_verification_ca
+/api/objects/ca/meta_crl
+/api/objects/ca/meta_x509
+/api/objects/ca/rsa
+/api/objects/ca/signing_ca
+/api/objects/ca/verification_ca
+</code>
+====Clientless VPN====
+<code>
+# Clientless VPN
+/api/objects/clientless_vpn/connection
+/api/objects/clientless_vpn/group
+</code>
+====Conditions====
+<code>
+# Conditions
+/api/objects/condition/group
+/api/objects/condition/objref
+</code>
+====DHCP====
+<code>
+# DHCP
+/api/objects/dhcp/group
+/api/objects/dhcp/option
+/api/objects/dhcp/option6
+/api/objects/dhcp/server
+/api/objects/dhcp/server6
+/api/objects/dhcp/stateless
+</code>
+====DNS====
+<code>
+# DNS
+/api/objects/dns/axfr
+/api/objects/dns/group
+/api/objects/dns/route
+</code>
+====Endpoint protection====
+<code>
+# Endpoint protection
+/api/objects/epp/av_exception
+/api/objects/epp/av_policy
+/api/objects/epp/dc_exception
+/api/objects/epp/dc_policy
+/api/objects/epp/device
+/api/objects/epp/endpoint
+/api/objects/epp/endpoints_group
+/api/objects/epp/group
+</code>
+====HTTP====
+====Interfaces====
+<code>
+# Interfaces
+/api/objects/interface/bridge
+/api/objects/interface/ethernet
+/api/objects/interface/group
+/api/objects/interface/ppp3g
+/api/objects/interface/pppmodem
+/api/objects/interface/pppoa
+/api/objects/interface/pppoe
+/api/objects/interface/tunnel
+/api/objects/interface/vlan
+</code>
+====Intrusion prevention====
+<code>
+# Intrusion prevention
+/api/objects/ips/exception
+/api/objects/ips/group
+/api/objects/ips/rule
+/api/objects/ips/rule_modifier
+</code>
+====IPSec====
+<code>
+# IPSec
+/api/objects/ipsec/group
+/api/objects/ipsec/policy
+/api/objects/ipsec/remote_gateway
+</code>
+====IPSec connection====
+<code>
+# IPSec connection
+/api/objects/ipsec_connection/amazon_vpc
+/api/objects/ipsec_connection/group
+/api/objects/ipsec_connection/l2tp
+/api/objects/ipsec_connection/roadwarrior_ca
+/api/objects/ipsec_connection/roadwarrior_cisco
+/api/objects/ipsec_connection/roadwarrior_psk
+/api/objects/ipsec_connection/roadwarrior_x509
+/api/objects/ipsec_connection/site2site
+</code>
+====IPSec Auth====
+<code>
+# IPSec Auth
+/api/objects/ipsec_remote_auth/ca
+/api/objects/ipsec_remote_auth/group
+/api/objects/ipsec_remote_auth/psk
+/api/objects/ipsec_remote_auth/rsa
+/api/objects/ipsec_remote_auth/x509
+</code>
+====Interface Hardware====
+<code>
+# Interface Hardware
+/api/objects/itfhw/awe_network
+/api/objects/itfhw/awe_network_group
+/api/objects/itfhw/bridge
+/api/objects/itfhw/ethernet
+/api/objects/itfhw/group
+/api/objects/itfhw/lag
+/api/objects/itfhw/red_client
+/api/objects/itfhw/red_server
+/api/objects/itfhw/serial
+/api/objects/itfhw/usbserial
+/api/objects/itfhw/virtual
+</code>
+====Interface Params====
+<code>
+/api/objects/itfparams/bridge_port
+/api/objects/itfparams/group
+/api/objects/itfparams/link_aggregation_group
+/api/objects/itfparams/primary
+/api/objects/itfparams/secondary
+</code>
+====MAC list====
+<code>
+#
+/objects/mac_list/group
+/objects/mac_list/mac_list
+</code>
+====Network====
+<code>
+# Network
+/api/objects/network/aaa (???)
+/api/objects/network/any
+/api/objects/network/availability_group
+/api/objects/network/dns_group
+/api/objects/network/dns_host
+/api/objects/network/group
+/api/objects/network/host
 /api/objects/network/interface_address
+/api/objects/network/interface_broadcast
 /api/objects/network/interface_network
+/api/objects/network/multicast
+/api/objects/network/network // Definitions & Users -> Network Definitions
+/api/objects/network/range
+</code>
-# User & Groups
+====Notification====
-/api/objects/aaa/user
+<code>
-/api/objects/group
+# Notification
+/api/objects/notification/group
+/api/objects/notification/notification
+</code>
-# Authentication
+====OSPF====
-/api/objects/authentication/adirectory
+<code>
-/api/objects/authentication/edirectory
+# OSPF
-/api/objects/authentication/group
+/api/objects/ospf/area
-/api/objects/authentication/otp_token
+/api/objects/ospf/group
-/api/objects/authentication/ldap
+/api/objects/ospf/interface
-/api/objects/authentication/radius
+/api/objects/ospf/message_digest_key
-/api/objects/authentication/tacacs
+</code>
-# Firewall services
+====Packetfilter====
-/api/objects/service/tcp
+<code>
-/api/objects/service/udp
+# Packetfilter
-/api/objects/service/tcpudp
+/api/objects/packetfilter/1to1nat
+/api/objects/packetfilter/generic_proxy
+/api/objects/packetfilter/group
+/api/objects/packetfilter/loadbalance
+/api/objects/packetfilter/mangle
+/api/objects/packetfilter/masq
+/api/objects/packetfilter/nat
+/api/objects/packetfilter/packetfilter
+/api/objects/packetfilter/ruleset
+</code>
-# Routes
+====QoS====
+<code>
+# QoS
+/api/objects/qos/application_selector
+/api/objects/qos/group
+/api/objects/qos/ingress_rule
+/api/objects/qos/interface
+/api/objects/qos/rule
+/api/objects/qos/traffic_selector
+/api/objects/qos/traffic_selector_group
+</code>
+====Remote Syslog====
+<code>
+# Remote Syslog
+/api/objects/remote_syslog/group
+/api/objects/remote_syslog/server
+</code>
+====Reverse proxy (virtual webserver====
+<code>
+/api/objects/reverse_proxy/auth_profile
+/api/objects/reverse_proxy/backend // Webserver Protection -> WAF -> Real Webservers
+/api/objects/reverse_proxy/blockpage
+/api/objects/reverse_proxy/exception
+/api/objects/reverse_proxy/filter
+/api/objects/reverse_proxy/form_template
+/api/objects/reverse_proxy/frontend // Webserver Protection -> WAF -> Virtual Webservers
+/api/objects/reverse_proxy/group
+/api/objects/reverse_proxy/location // Webserver Protection -> WAF -> Site Path Routing
+/api/objects/reverse_proxy/profile
+/api/objects/reverse_proxy/redirection
+/api/objects/reverse_proxy/threats_filter
+</code>
+====Rights====
+<code>
+# Rights
+/api/objects/right/group
+/api/objects/right/right
+</code>
+====Role====
+<code>
+# Role
+/api/objects/role/group
+/api/objects/role/role
+</code>
+====Route====
+<code>
+# Route
+/api/objects/route/group
 /api/objects/route/policy
 /api/objects/route/static
+</code>
-# Virtual webservers
+====Scheduler====
-/api/objects/reverse_proxy/frontend // Virtual webserver
+<code>
-/api/objects/reverse_proxy/backend // Real webservers
+# Scheduler
-/api/objects/reverse_proxy/location // site path routing
+/api/objects/scheduler/group
+/api/objects/scheduler/loadbalance
+/api/objects/scheduler/rule
+</code>
+====Services====
+<code>
+# Services (Firewall)
+/api/objects/service/ah
+/api/objects/service/any
+/api/objects/service/esp
+/api/objects/service/group
+/api/objects/service/icmp
+/api/objects/service/icmpv6
+/api/objects/service/ip
+/api/objects/service/tcp
+/api/objects/service/tcpudp
+/api/objects/service/udp
+</code>
+====SMTP====
+<code>
+# SMTP
+/api/objects/smtp/exception
+/api/objects/smtp/group
+/api/objects/smtp/header_operation
+/api/objects/smtp/profile
+</code>
+====SNMP====
+<code>
+# SNMP
+/api/objects/snmp/group
+/api/objects/snmp/trap
+</code>
+====SPX====
+<code>
+# SPX
+/api/objects/spx/group
+/api/objects/spx/template
+</code>
+====SSL VPN====
+<code>
+# SSL VPN
+/api/objects/ssl_vpn/client_connection
+/api/objects/ssl_vpn/group
+/api/objects/ssl_vpn/remote_access_profile
+/api/objects/ssl_vpn/server_connection
 </code>

MBCDN

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Unterschiede

Seiten-Werkzeuge