Sunday, July 1, 2018

Ansible REST API - Interacting with Cisco FirePower Management Center (FMC) - 01 - Introduction

Ansible is a very good tool for Network Automation. It has a lot of build-in modules for different vendor systems such as Cisco, Juniper & AWS.

However, besides of these vendor specified modules, we can utilise the "uri" module in Ansible to make different REST Calls. As long as the remote system supports REST API, we can write Ansible scripts to interact with them.

In the following POST series, I will use my Ansible script for Cisco FirePower Management Center (FMC) as an example to describe how Ansible's REST script works.

Cisco FirePower is a very good & widely used next-Gen firewall. Especially in the enterprise environment. However, comparing to the old Cisco ASA firwall, Cisco FirePower doesn't have the time-based ACL. So it's impossible for us to apply some time-based access rules in Cisco FMC.

But Cisco FMC does supports REST API. So we can use Ansible Script to talk to FMC and automate the policy enable/disable process and work congestion with Linux CRON job to provide policy schedule functions.

You can download my playbooks from my github repo:

https://github.com/dennisjian/Ansible-with-Cisco-FMC-API

Here are the table of content of this Ansible Cisco FMC REST API series:

  1. Introduction and Ansible playbook download
  2. Script flow charts
  3. Introduction of REST API and Cisco FMC API Explorer
  4. Script prerequisites
  5. Request Access Token 
  6. Get policy content, modify content and "PUT' in FMC - Part 1
  7. Get policy content, modify content and "PUT' in FMC - Part 2 
  8. Get deployable devices and deploy policy
In the following post (02 - Flow Charts of the scripts), I will show you the flow chart of the scripts.

8 comments:

  1. This is an awesome motivating article.I am practically satisfied with your great work.You put truly extremely supportive data. Keep it up. Continue blogging. Hoping to persuing your next post

    Data Science Training

    ReplyDelete
  2. Thanks for your comments. Happy to share more about my findings and experiences in the network automation. :-)

    ReplyDelete
  3. It's really a great and helpful bit of data that you have shared here. I'm glad that you just imparted this accommodating data to us. Kindly share these types of knowledge with us. Much thanks to you for sharing it CCNP Enarsi Training

    ReplyDelete
  4. This comment has been removed by a blog administrator.

    ReplyDelete
  5. This Birthday Cards item by SamfireHandmade has 14 favorites from Etsy shoppers. ... Happy Birthday From Your Better Half Funny Birthday Card image 1. Happy Birthday Better Half Images

    ReplyDelete
  6. Steps for Fulfilling Your Desires · 1. Ask for Guidance · 2. Focus Your Attention · 3. Set an Intention · 4. Release Your Desire · 5. Detach from.Manifest Your Desires Meaning

    ReplyDelete

NSX Load Balancer "Application Rules" Examples:

Load Balancing is one of the features provided by the NSX Edge Services Gateway (ESG). It can provide L7 Load Balancing by utilizing the HA...