Cisco Cisco Security Manager 4.7 仕様ガイド
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 12
1.2 Changes since previous version
The NB API 1.1 is a successor of NB API 1.0. The following changes have been added in the 1.1 version of the API.
1.2.1 Unified Access Rules
This is a new policy, supported in this version.
1.2.2 Security Policy Object
This is a new policy object, supported in this version.
1.2.3 Network object
This object has been changed to represent its data elements as <ipData>, in place of <ipv4Data>, when API is used
for Unified Access Rules.
for Unified Access Rules.
1.2.4 Return user/ticket that last modified a config rule.
One of the use cases of API is to get configuration data from CSM for compliance checks. The configuration service
API now also returns information regarding users and tickets that modified a configuration rule.
API now also returns information regarding users and tickets that modified a configuration rule.
1.2.5 Add device status – up/down as part of the event service
Some Security Manager users have task threads that run daily and fetch changed configuration from the network
devices managed by Security Manager. For this they use the execDeviceReadOnlyCLICmds API call to get the
configuration from the Device.
devices managed by Security Manager. For this they use the execDeviceReadOnlyCLICmds API call to get the
configuration from the Device.
The execDeviceReadOnlyCLICmds API call hangs if the Device Status is down. Hence, users interested in this area
would like to do a Device Status up/down check before executing the execDeviceReadOnlyCLICmds API call.
would like to do a Device Status up/down check before executing the execDeviceReadOnlyCLICmds API call.
1.2.6 Exec command API call will be supporting custom
timeouts.
In the previous version of the API (version 1.0), execDeviceReadOnlyCliCmds has no timeout value, so it can run
for an infinite period of time and cause the API service to hang if a device is unresponsive. To prevent that problem,
the current version of the API (version 1.1) allows the method execDeviceReadOnlyCliCmds to take an optional
attribute in the Request. This optional attribute allows the API client to set an timeout for the
execDeviceReadOnlyCliCmds method call.
for an infinite period of time and cause the API service to hang if a device is unresponsive. To prevent that problem,
the current version of the API (version 1.1) allows the method execDeviceReadOnlyCliCmds to take an optional
attribute in the Request. This optional attribute allows the API client to set an timeout for the
execDeviceReadOnlyCliCmds method call.
1.2.7 API enhancement to return list of all the shared Policies
defined in CSM.
A new API has now been added in version 1.1 that returns the list of all shared policies in the system for a given
policy type.
policy type.