Calculate Risk Check

Calculate risk checks for requested traffic.

This API can be used for the following Risk Types:

Risk type	Explanation
Traffic Queries - Relates to risks regarding traffic allowed through the device
D	Between internal networks.
I	From external networks to internal networks
O	From internal networks to external networks
U	User defined risks may be also returned by API: as long as the risk is similar to the supported risk types (D, I, O, C, and R)
C	Risk with specific IP addresses
Rules - Relates to risks regarding rule definitions.
R	Rule definition

Note:

Risks which include DMZ are not supported: J - from internal networks to DMZ, Z - from DMZ to internal networks, K - between DMZs, M - from DMZ to external networks.

By design the API will not return risks that are specific to device brand, such as F - access to Firewall or P - device properties.

For a detailed list of risk types, see Advanced risk editing.

Resource Name:

/api/v1/riskcheck/calculate

Controller: Risk Check External Controller

Request Method: POST

Request Query Parameters:

Element	Type	Description
riskprofile Mandatory	String	Risk profile for risk calculation. 2 options: Standard Risk profile name in format: [name].xml. For example, RiskProfile1.xml

Element

Type

Description

riskprofile

Mandatory

String

Risk profile for risk calculation. 2 options:

Standard
Risk profile name in format: [name].xml. For example, RiskProfile1.xml

Request Body Parameters:

Element	Type	Description
riskCheckRequest mandatory	array of requested traffic tuples entity	Each tuple consists of: id optional numeric Traffic ID destination mandatory: array of strings, accepts wildcard * for any, one or more IPs and IP ranges (comma separated) service mandatory: array of strings,accepts wildcard * for any source mandatory: array of strings,accepts wildcard * for any, one or more IPs and IP ranges (comma separated)

Element

Type

Description

riskCheckRequest

mandatory

array of requested traffic tuples entity

Each tuple consists of:

id optional numeric Traffic ID
destination mandatory: array of strings, accepts wildcard * for any, one or more IPs and IP ranges (comma separated)
service mandatory: array of strings,accepts wildcard * for any
source mandatory: array of strings,accepts wildcard * for any, one or more IPs and IP ranges (comma separated)

Response parameters

Element	Type	Description
riskprofile	String	Risk profile used for risk calculation.
risksIdToData	Map	Maps between risk internal ID (integer) and risk data.
code:	String	risk code.
description	String	Description of risk.
level	String	Risk severity level: High : String Susp_High: String (Suspected high risks) Medium: String Low: String
trafficIdToRisksIds	Map	Maps between provided ID (sequence ID if not provided) and found risk internal IDs. See in response example below: Request includes traffic ID 100 and 101. The API found two risks for 100: risk internal ID 1 and 2. The API found two risks for 101: risk internal ID 1.

Response:

Code	Description
200	Operation completed successfully
400	Bad request
401	Unauthorized
500	Internal server error

Request body examples in JSON Format

{

"traffic": [

{

"id" : "100",

"destination": ["1.2.3.4"],

"service": ["*"],

"source": ["10.1.1.1,2.2.2.2"]

} ,

{

"id" : "101",

"destination": ["10.1.1.1"],

"service": ["tcp/22" ],

"source": ["1.2.3.4"]

}

]

}

Response example in JSON Format

{

"riskProfile": "rp1.xml",

"risksIdToData": {

"1": {

"code": "I02",

"description": "TCP on all ports can enter your network",

"level": "High"

"2": {

"code": "I07",

"description": "Risky Microsoft services can enter your network",

"level": "High"

}

"trafficIdToRisksIds": {

"100": [

"101": [

]

}

Calculate Risk Check

Sorry about that

Want to tell us more?

Great!