terraform-provider-sdwan
terraform-provider-sdwan copied to clipboard
Published
20 hours ago •
CiscoDevNet
CiscoDevNet
Support for ZoneBased Firewall | Security Policies
We seek support for the "zoneBasedFW" profile under security policies.
Sample Configuration is as below
Path: /dataservice/template/policy/definition/zonebasedfw
{
"name": "TEST_ZBFW",
"type": "zoneBasedFW",
"description": "ZBFW",
"definition": {
"defaultAction": {
"type": "pass"
},
"sequences": [
{
"sequenceId": 1,
"sequenceName": "Rule 1",
"baseAction": "inspect",
"sequenceType": "zoneBasedFW",
"match": {
"entries": [
{
"field": "sourceFqdnList",
"ref": "fec95470-b03c-4288-863f-5a24f63317d9"
},
{
"field": "sourceDataPrefixList",
"ref": "12799083-999e-46e7-8c0d-c347d950d14f"
},
{
"field": "sourceGeoLocationList",
"ref": "72e2eb54-b6fc-42f1-a837-53bad7b5b9d1"
},
{
"field": "sourcePortList",
"ref": "03064981-23e5-4fad-aebc-22259d71650e"
},
{
"field": "destinationFqdnList",
"ref": "fec95470-b03c-4288-863f-5a24f63317d9"
},
{
"field": "destinationPortList",
"ref": "03064981-23e5-4fad-aebc-22259d71650e"
},
{
"field": "appList",
"ref": "997102f4-f672-46ce-8483-6217ea76a85c"
}
]
},
"actions": [
{
"type": "connectionEvents",
"parameter": ""
}
]
},
{
"sequenceId": 11,
"sequenceName": "Rule 2",
"baseAction": "inspect",
"sequenceType": "zoneBasedFW",
"ruleset": true,
"match": {
"entries": [
{
"field": "ruleSetList",
"ref": "26feaefb-1ecc-4f13-bd79-235363128e2d"
},
{
"field": "appList",
"ref": "d679b6c5-d2d3-4bf3-8784-2f92994114c0"
}
]
},
"actions": []
}
],
"entries": [
{
"sourceZone": "self",
"destinationZone": "72b61e73-8737-40ff-aa6b-15f7e9a87b90"
}
]
},
"mode": "security",
"optimized": "false"
}
