Add/update multiple devices in bulk

Relevant for: AFA Administrators

Add multiple new devices or update multiple existing devices in bulk by importing a pre-prepared CSV file. After importing, the new or updated devices appear in AFA like all others.

AFA enables you to do this via the Administration area in AFA or via CLI.

For more details, see the How to Import and Mange Devices in Bulk from a .CSV File AlgoPedia article.

In this topic:

Prepare your CSV file

Prepare your CSV file to import by using the sample provided in the AFA UI, or creating your own from scratch.

Access AFA's sample CSV file

Do the following:

1. Access the Devices Setup page. For details, see Access the DEVICES SETUP page.

2. Click Bulk and select Add/Update devices (CSV).

3. Click Download sample files.

   A zip file is downloaded with sample files for various device types.

   Add a line to the file for each device you want to add or update, as well as values that correspond to each header.

   For details, see CSV import file format.

Prepare a CSV file from scratch

Do the following:

1. Open a text or csv file, and add a list of comma separated column headers. Each column header supports a device property or option.

   For details about supported column headers, see CSV import file format.

2. For each device you want to add or update, add a new line with values that correspond to each header.

   Note the following:

   Adding or updating	Your CSV file can include either devices to add or update, but not both.
   Devices that must be handled on their own	The following device types cannot be listed in a CSV file together with other device types: Cisco IOS Cisco ASA and all types of Cisco firewalls Juniper Netscreen These devices must be added or updated using a CSV file of their own.
   Missing headers	If you are adding new devices, any headers not included in the CSV are assigned with default values. If you are updating existing devices, any headers not included in the CSV are ignored, and no changes are made for those properties in AFA.
   Syslog values for sub-systems	If you want to assign syslog identifiers for sub-systems, you must do this as part of an update CSV file. The parent device must already be defined in AFA.

3. Save the file and continue with Import your CSV file (UI).

Back to top

Import your CSV file (UI)

This procedure describes how to import a CSV file of device data into AFA via the Administration UI.

Do the following:

1. Ensure that the devices listed in your CSV file are online and accessible by AFA via SSH.

2. Access the Devices Setup page. For details, see Access the DEVICES SETUP page.

3. Click Bulk and select Add/Update devices (CSV).

4. Select to either Add New Devices or Update Devices.

5. Select your Device Type, and then browse to and select your prepared CSV file. For more details, see Prepare your CSV file.

   For example:

   

6. Click Add or Update.

   The configured devices are added to or updated in AFA, and a confirmation message is displayed.

Back to top

Import your CSV file (CLI)

This procedure describes how to import a CSV file of device data into AFA via CLI commands.

Do the following:

1. Ensure that the devices listed in your CSV file are online and accessible by AFA via SSH.

2. Log in to the AFA server as user afa and browse to the directory where the CSV file is saved.

3. Run the following command:

   import_devices -f <CSVFile> -t <deviceType> [-u ]

   Where:

   -f <CSVFile>	Defines the name of the CSV file. This file must be located in the current directory.
   -t <deviceType>	Defines the type of devices to import or update. Supported values include: ASA. A Cisco ASA device. IOS. A Cisco IOS Router. NSC. A Juniper NetScreen device. GEN. Any of the other supported device brands. In this case, specify the brand in the CSV brand column. For more details, see CSV import file format. For additional device types and configurations, see Bulk import support scope.
   -u	Determines that the script updates existing devices. When absent, the script imports the data as new devices.

The script runs and the devices described in your CSV file are added or updated in AFA.

Back to top

Bulk import support scope

Each CSV file can include the following types of device data:

• Device data for multiple devices to be added or updated.

  You cannot use the same CSV file to add new devices and update existing devices at the same time.

• Device data for multiple device types, except for the following:

  • Cisco IOS
  • Cisco ASA
  • Juniper Netscreen

  These device types must be added in CSV files with no other device types listed.

Additionally, the following types of devices and device options must be added or configured manually in the AFA

Device types

Add the following types of devices individually in the AFA Administration area: Management devices, including any device that manages other devices. For example, Juniper NSM, Check Point devices, cloud "device" accounts, and so on. Routing elements Cisco Firewall via a CSM Cisco Application Centric Infrastructure (ACI) H3c SECUI MF2

Device options

The following options must be configured manually in the AFA Administration area after importing: Enabling ActiveChange Enabling Learning mode for a VMware NSX device. Learning mode causes AFA to treat traffic that is not specified in a rule as blocked. Because the default behavior of an NSX Distributed Firewall is to allow all traffic that is not explicitly blocked, AFA provides this option to enable you to better understand the specific traffic that needs to be allowed on the device. Specifying the policy configuration method for a Symantec Blue Coat device to VPM. The default is CPL. Specifying a static URT file.

Back to top