pan-os-python
PAN-IPSEC-Creator
pan-os-python | PAN-IPSEC-Creator | |
---|---|---|
6 | 3 | |
330 | 1 | |
1.2% | - | |
6.5 | 3.6 | |
20 days ago | over 3 years ago | |
Python | Python | |
ISC License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pan-os-python
-
What's your favorite/most useful feature of the Firewall/Panorama?
Lately? Pan-OS Python by a mile. Makes it so easy to create custom integrations and you can pretty much touch every useful configuration on the firewall.
- Automatically assign and/or quick method to multiple ( 500+ ) security policies the log forwarding profile.
- PAN-OS CLI "set commands" do not accept "double whitespaces" in object/rule name
-
Static route Automations ?
Palo Alto supplies the python module for it. I have a script for automating VPNs where I create a static route as part of the process.
-
How to get CLI commands from XML / config file
You can also use the PAN-OS-SDK for Python from the CLI: https://github.com/PaloAltoNetworks/pan-os-python
-
Fortinet versus Palo Alto - main differences
PANOS provides a full featured API on every device that's both powerful and simple to use. They also publish a number of SDKs on Github - i.e. https://github.com/PaloAltoNetworks/pan-os-python - that leverage the API.
PAN-IPSEC-Creator
-
need a little help with pan-os-python!
I'm not sure how your script is written, but you can take a look at my IPSEC script as an example of how I did things. I have a private git version where I include tags. The version on github does not have tags, but it was easy to implement. You can look at my security rules section of create_vpns.py starting on line 140. A Nat rule will look similar to a security rule.
-
Static route Automations ?
Palo Alto supplies the python module for it. I have a script for automating VPNs where I create a static route as part of the process.
-
Problem adding address objects in bulk
I like to create CSVs when I'm looping through stuff like that. My main language is python, though. PA's python module is top notch. pan-os-python + csv is great. Example
What are some alternatives?
DirectFire_Converter - DirectFire Firewall Converter - Network Security, Next-Generation Firewall Configuration Conversion, Firewall Syntax Translation and Firewall Migration Tool - supports Cisco ASA, Fortinet FortiGate (FortiOS), Juniper SRX (JunOS), SSG / Netscreen (ScreenOS) and WatchGuard (support for further devices in development). Similar to FortiConverter, SmartMove, Expedition etc.
interfax-python - Fax send and receive in Python with the InterFAX REST API
pan-os-ansible - Ansible collection for easy automation of Palo Alto Networks next generation firewalls and Panorama, in both physical and virtual form factors.
vycontrol - vyos frontend
flytekit - Extensible Python SDK for developing Flyte tasks and workflows. Simple to get started and learn and highly extensible.
Applaud - App Store Connect API client library.
msgraph-sdk-python-core - Microsoft Graph client library for Python
azure - VM-Series ARM Templates for Microsoft Azure
fmcapi - A Python package designed to help users of Cisco's FMC interface with its API.
Splunk-Apps - Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
palo_alto_firewall_analyzer - Python scripts for reviewing Palo Alto Firewall configurations