| Beide Seiten der vorigen Revision
Vorhergehende Überarbeitung
Nächste Überarbeitung
|
Vorhergehende Überarbeitung
|
sophos [2025/02/06 12:19]
jango [API] |
sophos [2025/02/12 11:15] (aktuell)
jango [Network] |
| [[https://support.sophos.com/support/s/article/KBA-000002405?language=en_US|Reset]] | [[https://support.sophos.com/support/s/article/KBA-000002405?language=en_US|Reset]] |
| |
| Sophos Central ist ein zentrales Managment Tool in der Cloud. | Sophos Central ist ein zentrales Managment Tool in der Cloud (für UTM9?). |
| | |
| {{https://i.ibb.co/5Bph4D6/utm9.png}} | |
| |
| <code> | <code> |
| <M> fw-akm:/root # cc get_objects network | <M> fw-akm:/root # cc get_objects network |
| <M> fw-akm:/root # cc get_object "REF_xxxxxx" | <M> fw-akm:/root # cc get_object "REF_xxxxxx" |
| | |
| | <M> fw-akm:/root # cc get packetfilter rules |
| | <M> fw-akm:/root # cc get packetfilter rules_auto |
| </code> | </code> |
| |
| Die API (Web Interface) ist unter https://sophos:4444/api erreichbar. [[https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.ashx|Documentation]] | Die API (Web Interface) ist unter https://sophos:4444/api erreichbar. [[https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.ashx|Documentation]] |
| |
| | Parameter werden mit "Referenzen" verknüpft. Einträge die mit "REF_" beginnen sind Referenzen. Referenzen kann man leider nicht via REST API suchen, dazu muss man in der Shell das Tool cc verwenden. |
| | |
| | ====AAA==== |
| <code> | <code> |
| # AAA | # AAA |
| /api/objects/aaa/user | /api/objects/aaa/user // Definitions & Users -> Users |
| /api/objects/aaa/group | /api/objects/aaa/group // Definitions & Users -> Groups |
| | </code> |
| |
| | ====Authentication==== |
| | <code> |
| # Authentication | # Authentication |
| /api/objects/authentication/adirectory | /api/objects/authentication/adirectory // Definitions & Users -> Authentication Services -> Servers |
| /api/objects/authentication/edirectory | /api/objects/authentication/edirectory // Definitions & Users -> Authentication Services -> Servers |
| /api/objects/authentication/group | /api/objects/authentication/group |
| /api/objects/authentication/otp_token | /api/objects/authentication/otp_token // Definitions & Users -> Authentication Services -> One-Time Passwords |
| /api/objects/authentication/ldap | /api/objects/authentication/ldap // Definitions & Users -> Authentication Services -> Servers |
| /api/objects/authentication/radius | /api/objects/authentication/radius // Definitions & Users -> Authentication Services -> Servers |
| /api/objects/authentication/tacacs | /api/objects/authentication/tacacs // Definitions & Users -> Authentication Services -> Servers |
| | </code> |
| |
| | ====CA==== |
| | <code> |
| # Certificate authority | # Certificate authority |
| /api/objects/ca/crl | /api/objects/ca/crl |
| /api/objects/ca/signing_ca | /api/objects/ca/signing_ca |
| /api/objects/ca/verification_ca | /api/objects/ca/verification_ca |
| | </code> |
| |
| | ====Clientless VPN==== |
| | <code> |
| # Clientless VPN | # Clientless VPN |
| /api/objects/clientless_vpn/connection´ | /api/objects/clientless_vpn/connection |
| /api/objects/clientless_vpn/group | /api/objects/clientless_vpn/group |
| | </code> |
| |
| | ====Conditions==== |
| | <code> |
| # Conditions | # Conditions |
| /api/objects/condition/group | /api/objects/condition/group |
| /api/objects/condition/objref | /api/objects/condition/objref |
| | </code> |
| |
| | ====DHCP==== |
| | <code> |
| # DHCP | # DHCP |
| /api/objects/dhcp/group | /api/objects/dhcp/group |
| /api/objects/dhcp/server6 | /api/objects/dhcp/server6 |
| /api/objects/dhcp/stateless | /api/objects/dhcp/stateless |
| | </code> |
| |
| | ====DNS==== |
| | <code> |
| # DNS | # DNS |
| /api/objects/dns/axfr | /api/objects/dns/axfr |
| /api/objects/dns/group | /api/objects/dns/group |
| /api/objects/dns/route | /api/objects/dns/route |
| | </code> |
| |
| | ====Endpoint protection==== |
| | <code> |
| # Endpoint protection | # Endpoint protection |
| /api/objects/epp/av_exception | /api/objects/epp/av_exception |
| /api/objects/epp/endpoints_group | /api/objects/epp/endpoints_group |
| /api/objects/epp/group | /api/objects/epp/group |
| | </code> |
| |
| # HTTP | ====HTTP==== |
| |
| | ====Interfaces==== |
| | <code> |
| # Interfaces | # Interfaces |
| /api/objects/interface/bridge | /api/objects/interface/bridge |
| /api/objects/interface/tunnel | /api/objects/interface/tunnel |
| /api/objects/interface/vlan | /api/objects/interface/vlan |
| | </code> |
| |
| | ====Intrusion prevention==== |
| | <code> |
| # Intrusion prevention | # Intrusion prevention |
| /api/objects/ips/exception | /api/objects/ips/exception |
| /api/objects/ips/rule | /api/objects/ips/rule |
| /api/objects/ips/rule_modifier | /api/objects/ips/rule_modifier |
| | </code> |
| |
| | ====IPSec==== |
| | <code> |
| # IPSec | # IPSec |
| /api/objects/ipsec/group | /api/objects/ipsec/group |
| /api/objects/ipsec/policy | /api/objects/ipsec/policy |
| /api/objects/ipsec/remote_gateway | /api/objects/ipsec/remote_gateway |
| | </code> |
| |
| | ====IPSec connection==== |
| | <code> |
| # IPSec connection | # IPSec connection |
| /api/objects/ipsec_connection/amazon_vpc | /api/objects/ipsec_connection/amazon_vpc |
| /api/objects/ipsec_connection/roadwarrior_x509 | /api/objects/ipsec_connection/roadwarrior_x509 |
| /api/objects/ipsec_connection/site2site | /api/objects/ipsec_connection/site2site |
| | </code> |
| |
| | ====IPSec Auth==== |
| | <code> |
| # IPSec Auth | # IPSec Auth |
| /api/objects/ipsec_remote_auth/ca | /api/objects/ipsec_remote_auth/ca |
| /api/objects/ipsec_remote_auth/rsa | /api/objects/ipsec_remote_auth/rsa |
| /api/objects/ipsec_remote_auth/x509 | /api/objects/ipsec_remote_auth/x509 |
| | </code> |
| |
| # WLAN ??? | ====Interface Hardware==== |
| | <code> |
| | # Interface Hardware |
| /api/objects/itfhw/awe_network | /api/objects/itfhw/awe_network |
| /api/objects/itfhw/awe_network_group | /api/objects/itfhw/awe_network_group |
| /api/objects/itfhw/usbserial | /api/objects/itfhw/usbserial |
| /api/objects/itfhw/virtual | /api/objects/itfhw/virtual |
| | </code> |
| |
| | ====Interface Params==== |
| | <code> |
| /api/objects/itfparams/bridge_port | /api/objects/itfparams/bridge_port |
| /api/objects/itfparams/group | /api/objects/itfparams/group |
| /api/objects/itfparams/primary | /api/objects/itfparams/primary |
| /api/objects/itfparams/secondary | /api/objects/itfparams/secondary |
| | </code> |
| |
| | ====MAC list==== |
| | <code> |
| # | # |
| /objects/mac_list/group | /objects/mac_list/group |
| /objects/mac_list/mac_list | /objects/mac_list/mac_list |
| | </code> |
| |
| | ====Network==== |
| | <code> |
| # Network | # Network |
| /api/objects/network/aaa | /api/objects/network/aaa (???) |
| /api/objects/network/any | /api/objects/network/any |
| /api/objects/network/availability_group | /api/objects/network/availability_group |
| /api/objects/network/interface_network | /api/objects/network/interface_network |
| /api/objects/network/multicast | /api/objects/network/multicast |
| /api/objects/network/network | /api/objects/network/network // Definitions & Users -> Network Definitions |
| /api/objects/network/range | /api/objects/network/range |
| | </code> |
| |
| | ====Notification==== |
| | <code> |
| # Notification | # Notification |
| /api/objects/notification/group | /api/objects/notification/group |
| /api/objects/notification/notification | /api/objects/notification/notification |
| | </code> |
| |
| | ====OSPF==== |
| | <code> |
| # OSPF | # OSPF |
| /api/objects/ospf/area | /api/objects/ospf/area |
| /api/objects/ospf/interface | /api/objects/ospf/interface |
| /api/objects/ospf/message_digest_key | /api/objects/ospf/message_digest_key |
| | </code> |
| |
| | ====Packetfilter==== |
| | <code> |
| # Packetfilter | # Packetfilter |
| /api/objects/packetfilter/1to1nat | /api/objects/packetfilter/1to1nat |
| /api/objects/packetfilter/packetfilter | /api/objects/packetfilter/packetfilter |
| /api/objects/packetfilter/ruleset | /api/objects/packetfilter/ruleset |
| | </code> |
| |
| | ====QoS==== |
| | <code> |
| # QoS | # QoS |
| /api/objects/qos/application_selector | /api/objects/qos/application_selector |
| /api/objects/qos/traffic_selector | /api/objects/qos/traffic_selector |
| /api/objects/qos/traffic_selector_group | /api/objects/qos/traffic_selector_group |
| | </code> |
| |
| | ====Remote Syslog==== |
| | <code> |
| # Remote Syslog | # Remote Syslog |
| /api/objects/remote_syslog/group | /api/objects/remote_syslog/group |
| /api/objects/remote_syslog/server | /api/objects/remote_syslog/server |
| | </code> |
| |
| # Reverse proxy (virtual webservers) | ====Reverse proxy (virtual webserver==== |
| | <code> |
| /api/objects/reverse_proxy/auth_profile | /api/objects/reverse_proxy/auth_profile |
| /api/objects/reverse_proxy/backend | /api/objects/reverse_proxy/backend // Webserver Protection -> WAF -> Real Webservers |
| /api/objects/reverse_proxy/blockpage | /api/objects/reverse_proxy/blockpage |
| /api/objects/reverse_proxy/exception | /api/objects/reverse_proxy/exception |
| /api/objects/reverse_proxy/filter | /api/objects/reverse_proxy/filter |
| /api/objects/reverse_proxy/form_template | /api/objects/reverse_proxy/form_template |
| /api/objects/reverse_proxy/frontend | /api/objects/reverse_proxy/frontend // Webserver Protection -> WAF -> Virtual Webservers |
| /api/objects/reverse_proxy/group | /api/objects/reverse_proxy/group |
| /api/objects/reverse_proxy/location | /api/objects/reverse_proxy/location // Webserver Protection -> WAF -> Site Path Routing |
| /api/objects/reverse_proxy/profile | /api/objects/reverse_proxy/profile |
| /api/objects/reverse_proxy/redirection | /api/objects/reverse_proxy/redirection |
| /api/objects/reverse_proxy/threats_filter | /api/objects/reverse_proxy/threats_filter |
| | </code> |
| |
| | ====Rights==== |
| | <code> |
| # Rights | # Rights |
| /api/objects/right/group | /api/objects/right/group |
| /api/objects/right/right | /api/objects/right/right |
| | </code> |
| |
| | ====Role==== |
| | <code> |
| # Role | # Role |
| /api/objects/role/group | /api/objects/role/group |
| /api/objects/role/role | /api/objects/role/role |
| | </code> |
| |
| | ====Route==== |
| | <code> |
| # Route | # Route |
| /api/objects/route/group | /api/objects/route/group |
| /api/objects/route/policy | /api/objects/route/policy |
| /api/objects/route/static | /api/objects/route/static |
| | </code> |
| |
| | ====Scheduler==== |
| | <code> |
| # Scheduler | # Scheduler |
| /api/objects/scheduler/group | /api/objects/scheduler/group |
| /api/objects/scheduler/loadbalance | /api/objects/scheduler/loadbalance |
| /api/objects/scheduler/rule | /api/objects/scheduler/rule |
| | </code> |
| |
| | ====Services==== |
| | <code> |
| # Services (Firewall) | # Services (Firewall) |
| /api/objects/service/ah | /api/objects/service/ah |
| /api/objects/service/tcpudp | /api/objects/service/tcpudp |
| /api/objects/service/udp | /api/objects/service/udp |
| | </code> |
| |
| | ====SMTP==== |
| | <code> |
| # SMTP | # SMTP |
| /api/objects/smtp/exception | /api/objects/smtp/exception |
| /api/objects/smtp/header_operation | /api/objects/smtp/header_operation |
| /api/objects/smtp/profile | /api/objects/smtp/profile |
| | </code> |
| |
| | ====SNMP==== |
| | <code> |
| # SNMP | # SNMP |
| /api/objects/snmp/group | /api/objects/snmp/group |
| /api/objects/snmp/trap | /api/objects/snmp/trap |
| | </code> |
| |
| | ====SPX==== |
| | <code> |
| # SPX | # SPX |
| /api/objects/spx/group | /api/objects/spx/group |
| /api/objects/spx/template | /api/objects/spx/template |
| | </code> |
| |
| | ====SSL VPN==== |
| | <code> |
| # SSL VPN | # SSL VPN |
| /api/objects/ssl_vpn/client_connection | /api/objects/ssl_vpn/client_connection |
