Retrieve security zones

The get_zones method retrieves a list of the Security Zone names and IP ranges for each zone listed in the Networks tab of the passed risk profile Excel spreadsheet. If the spreadsheet name is known, it is not necessary to call get_profiles_list.

Related screens in ASMS are the Security Zones section in AppViz > Administration > Customization and the Risk Profiles section in Firewall Analyzer> Administration > Compliance > Risk Profiles. For details, see Customizing AFA Risk Detection.

Resource Name: /afa/api/v1/security_zones/<risk_profile_excel_filename>/get_zones

Request Method: GET

Authentication: Cookie with session ID

Header Requirements:

Element Type Description

sessionID

Mandatory

String Session ID returned in Login request.

Response:

Element Type Description

data

Array of SecurityZoneObject

List of security zones, each with the list of IP address ranges for the zone.

status

String

One of the following:

  • true - Request succeeded.
  • false - Request failed.
message

String

An error message returned when the request fails.

Request example

curl --cookie "PHPSESSID=g4mgnv4cno9ivt7rclmhmejj27" https://<IP:Port>/afa/api/v1/security_zones/my_file_name.xlsx/get_zones

where my_file_name.xlsx is an item from the Retrieve a risk profile list response.

Response example

[ {
"name" : "Net1",
"addresses" : [ "10.21.0.2/24", "10.25.3.2/24" ]
}, {
"name" : "Net2",
"addresses" : [ "10.50.64.2/20" ]
}, {
"name" : "Net3",
"addresses" : [ "10.3.64.2/24" ]
}, {
"name" : "PartnerNet",
"addresses" : [ "10.120.46.2/28" ]
}, {
"name" : "PCIzone",
"addresses" : [ "10.176.50.2-10.176.60.255" ]
} ]