Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 4 subscribers
  • Views 6706 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Will there ever be an API for Sophos UTM?

DriveRaider
There a few features that seem to be missing from UTM that would make it better either via API or just even management from the shell.

I would love to be able to add subscription snort and ETPRO rules to my UTM.  I would also love the ability to automate the blacklisting of domains and/or IPs.  There are multiple lists on the internet that get updated several times a day (sometimes every 30 mins) with malicious sites, malicious IPs, Tor nodes, etc. and there does not appear to be way to block them except by hand in the web interface.  At 7000+ IPs for tor alone, web gui doesn't work too well.  I am just asking too much of the UTM product?


This thread was automatically locked due to age.
  • 0
    For security considerations IMO yes...[:)]

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

  • 0 in reply to Scott_Klassen
    Technically, there is an API for the UTM

    confd-config or cc for short.

    Executing cc from a root shell allows you to 'programatically control' the UTM in a supported manner [;)]

    Like others have said, this won't be exposed externally of the localhost for security reasons...

    However, writing scripts with expect statements to handle the login process through to root and then executing your chained cc commands.

    ==

    When in doubt, Script it out.

  • 0
    cc/confd-client.plx can be used interactively, with command line arguments and batch mode (maybe more, I've never found public documentation).

    Bash is the only shell on-box. Perl is available and, as of 9.3, python is too.

    SSH keys can help avoid "expecting" your way to root.
  • 0 in reply to AzRoN
    Technically, there is an API for the UTM

    confd-config or cc for short.

    Executing cc from a root shell allows you to 'programatically control' the UTM in a supported manner [;)]

    Like others have said, this won't be exposed externally of the localhost for security reasons...

    However, writing scripts with expect statements to handle the login process through to root and then executing your chained cc commands.


    that's not true.  If you enter the shell and enter CC commands without the express guidance of support you void your support in all facets of the utm hardware and software.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

  • 0 in reply to teched_01
    cc/confd-client.plx can be used interactively, with command line arguments and batch mode (maybe more, I've never found public documentation).

    Bash is the only shell on-box. Perl is available and, as of 9.3, python is too.

    SSH keys can help avoid "expecting" your way to root.

    if this is a paid license have fun self-supporting.  Unless you get a directive from support doing this will void your hardware warranty and software technical support.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Unfiltered HTML