This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Will there ever be an API for Sophos UTM?

There a few features that seem to be missing from UTM that would make it better either via API or just even management from the shell.

I would love to be able to add subscription snort and ETPRO rules to my UTM. I would also love the ability to automate the blacklisting of domains and/or IPs. There are multiple lists on the internet that get updated several times a day (sometimes every 30 mins) with malicious sites, malicious IPs, Tor nodes, etc. and there does not appear to be way to block them except by hand in the web interface. At 7000+ IPs for tor alone, web gui doesn't work too well. I am just asking too much of the UTM product?

This thread was automatically locked due to age.

Parents

0 Scott_Klassen over 9 years ago

Feature request: UTM (Formerly ASG) Feature Requests: Hot (1991 ideas)

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 AzRoN over 9 years ago in reply to Scott_Klassen

Technically, there is an API for the UTM

confd-config or cc for short.

Executing cc from a root shell allows you to 'programatically control' the UTM in a supported manner [;)]

Like others have said, this won't be exposed externally of the localhost for security reasons...

However, writing scripts with expect statements to handle the login process through to root and then executing your chained cc commands.

==

When in doubt, Script it out.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 AzRoN over 9 years ago in reply to Scott_Klassen

Technically, there is an API for the UTM

confd-config or cc for short.

Executing cc from a root shell allows you to 'programatically control' the UTM in a supported manner [;)]

Like others have said, this won't be exposed externally of the localhost for security reasons...

However, writing scripts with expect statements to handle the login process through to root and then executing your chained cc commands.

==

When in doubt, Script it out.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 William Warren over 9 years ago in reply to AzRoN

Technically, there is an API for the UTM

confd-config or cc for short.

Executing cc from a root shell allows you to 'programatically control' the UTM in a supported manner [;)]

Like others have said, this won't be exposed externally of the localhost for security reasons...

However, writing scripts with expect statements to handle the login process through to root and then executing your chained cc commands.

that's not true. If you enter the shell and enter CC commands without the express guidance of support you void your support in all facets of the utm hardware and software.

Owner: Emmanuel Technology Consulting

http://etc-md.com

Former Sophos SG(Astaro) advocate/researcher/Silver Partner

PfSense w/Suricata, ntopng,

Other addons to follow
Cancel
Vote Up 0 Vote Down

Cancel