Sophos Firewall
Sophos XG Firewall Pack.#
This Integration is part of theOn-Premise firewall by Sophos enables you to manage your firewall, respond to threats, and monitor what’s happening on your network.
#
Configure Sophos Firewall in CortexParameter | Description | Required |
---|---|---|
server_url | Server URL | True |
credentials | User Credentials | True |
insecure | Trust any certificate (not secure) | False |
proxy | Use system proxy settings | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
sophos-firewall-rule-listLists all firewall rules. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-rule-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicy.Name | String | Name of the rule. |
SophosFirewall.SecurityPolicy.Description | String | Description of the rule. |
SophosFirewall.SecurityPolicy.Status | String | Status of the rule. |
SophosFirewall.SecurityPolicy.PolicyType | String | Policy type of the rule. |
SophosFirewall.SecurityPolicy.IPFamily | String | IP family of the security policy. Either IPv4 or IPv6. |
SophosFirewall.SecurityPolicy.AttachIdentity | String | Rule attach identity status. |
SophosFirewall.SecurityPolicy.Action | String | Current rule action. |
SophosFirewall.SecurityPolicy.LogTraffic | Number | Rule traffic logging code. |
#
Command Example!sophos-firewall-rule-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 SecurityPolicy objects out of 8
Name Description Status PolicyType IPFamily Action LogTraffic Auto added firewall policy for MTA This rule was added automatically by SFOS MTA. However you could edit this policy based on network requirement. Enable PublicNonHTTPPolicy IPv4 Disable [example] Traffic to DMZ A disabled Firewall rule with the destination zone as DMZ. Such rules would be added to Traffic to DMZ group on the first match basis if user selects automatic grouping option. Disable User IPv4 Drop Enable [example] Traffic to WAN A disabled Firewall rule with the destination zone as WAN. Such rules would be added to Traffic to WAN group on the first match basis if user selects automatic grouping option. Disable Network IPv4 Drop Enable [example] Traffic to Internal Zones Enable Network IPv4 Drop Disable Blocked IPs Enable Network IPv4 Drop Disable after Enable Network IPv4 Drop Disable
#
sophos-firewall-rule-getGets a single firewall rule by name.
#
Base Commandsophos-firewall-rule-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the rule to get. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicy.Name | String | Name of the rule. |
SophosFirewall.SecurityPolicy.Description | String | Description of the rule. |
SophosFirewall.SecurityPolicy.Status | String | Status of the rule. |
SophosFirewall.SecurityPolicy.PolicyType | String | Policy type of the rule. |
SophosFirewall.SecurityPolicy.IPFamily | String | IP family of the security policy. Either IPv4 or IPv6. |
SophosFirewall.SecurityPolicy.AttachIdentity | String | Rule attach identity status. |
SophosFirewall.SecurityPolicy.Action | String | Current rule action. |
SophosFirewall.SecurityPolicy.LogTraffic | Number | Rule traffic logging code. |
#
Command Example!sophos-firewall-rule-get name=user_rule
#
Context Example#
Human Readable Output#
SecurityPolicy Object details
Name Status PolicyType IPFamily Action LogTraffic user_rule Enable Network IPv4 Drop Enable
#
sophos-firewall-rule-addAdds a new firewall rule.
#
Base Commandsophos-firewall-rule-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the new rule. | Required |
description | Description of the new rule. | Optional |
status | Whether the rule is enabled. Possible values: "Enable" and "Disable". Default is "Enable". | Optional |
ip_family | The IP family. Possible values: "IPv4" and "IPv6". Default is "IPv4". | Optional |
position | Whether the rule should be at the "top" or "bottom" of the list, or "before" or\ \ "after" a specific rule? IMPORTANT: If "before" or "after" is selected, provide the\ \ position_policy_name parameter. | Required |
position_policy_name | The name of the policy that the rule should be created before or after. REQUIRED: When the position is "before" or "after". | Optional |
policy_type | Type of the new rule (policy). Possible values: "User" and "Network". | Required |
source_zones | Source zones to add to the rule. Possible values: "Any", "LAN". "WAN", "VPN", "DMZ", "WiFi". | Optional |
source_networks | Source networks to add to the rule. | Optional |
destination_zones | Destination zones to add to the rule. Possible values: "Any", "LAN". "WAN", "VPN", "DMZ", "WiFi". | Optional |
destination_networks | Destination networks to add to the rule. | Optional |
services | Destination services to add to the rule. | Optional |
schedule | The schedule for the rule. Possible values: "All the time", "Work hours (5 Day week)", "Work hours (6 Day week)", "All Time on Weekdays", "All Time on Weekends", "All Time on Sunday", "All Days 10:00 to 19:00". IMPORTANT: Creating a new schedule is available from the web console. | Optional |
log_traffic | Whether to enable traffic logging for the policy. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
match_identity | Whether to check if the specified user/user group from the\ \ selected zone is allowed to access the selected service. Possible values: "Enable" and "Disable". Default is "Disable". IMPORTANT: When enabling match_identity, the members argument is required. | Optional |
show_captive_portal | Whether to accept traffic from unknown users. Captive portal page\ \ is displayed to the user where the user can login to access the Internet.\ \ Possible values: "Enable" and "Disable". Default is "Disable". IMPORTANT: MatchIdentity must be Enabled. PARAMETER OF: UserPolicy. | Optional |
members | An existing user(s) or group(s) to add to the rule. REQUIRED when match_identity is enabled. | Optional |
action | Action for the rule traffic. Possible values: "Accept", "Reject", and "Drop". Default is "Drop". | Optional |
dscp_marking | The DSCP marking level to classify the flow of packets based on the Traffic Shaping policy. | Optional |
primary_gateway | The primary gateway. Applicable only in case of multiple gateways. | Optional |
backup_gateway | The backup gateway. Applicable only in case of multiple gateways. | Optional |
application_control | The Application Filter policy for the rule. Default is "Allow All". | Optional |
application_based_qos_policy | Whether to limit the bandwidth for the applications categorized\ \ under the Application category. This tag is only applicable when\ \ an application_control is selected. Possible values: "Apply" and "Revoke". Default is "Revoke". | Optional |
web_filter | The Web Filter policy for the rule. Default is "Allow All". | Optional |
web_category_base_qos_policy | Whether to limit the bandwidth for the URLs categorized under the Web\ \ category. This tag is only applicable when any web_filter is defined." Possible values: "Apply" and "Revoke". Default is "Revoke". | Optional |
traffic_shaping_policy | The Traffic Shaping policy for the rule. Default is "None". | Optional |
scan_http | Whether to enable virus and spam scanning for HTTP protocol. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
scan_https | Whether to enable virus and spam scanning for HTTPS protocol. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
sandstorm | Whether to enable sandstorm analysis. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
block_quick_quic | Whether to enable Google websites to use HTTP/s instead of QUICK QUIC. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
scan_ftp | Whether to enable scanning of FTP traffic. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
data_accounting | Whether to exclude a user's network traffic from data accounting. This option is available only if the parameter "Match rule-based on user identity" is enabled. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
rewrite_source_address | Whether to enable the NAT policy. Possible values: "Enable" and "Disable". Default is "Enable". | Optional |
web_filter_internet_scheme | Whether to enable the internet scheme to apply the user-based Web Filter policy for the rule. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
application_control_internet_scheme | Whether to enable the internet scheme to apply user-based Application Filter Policy for the rule. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
override_gateway_default_nat_policy | Whether to override the gateway of the default NAT policy. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
source_security_heartbeat | Whether to enable the source security heartbeat. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
destination_security_heartbeat | Whether to enable the destination security heartbeat. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
outbound_address | The NAT policy to be applied. Default is "MASQ". | Optional |
minimum_source_hb_permitted | The minimum source health status permitted. Default is "No Restriction". | Optional |
minimum_destination_hb_permitted | The minimum destination health status permitted. Default is "No Restriction". | Optional |
intrusion_prevention | The IPS policy for the rule. Default is "generalpolicy". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicy.Name | String | Name of the rule. |
SophosFirewall.SecurityPolicy.Description | String | Description of the rule. |
SophosFirewall.SecurityPolicy.Status | String | Status of the rule. |
SophosFirewall.SecurityPolicy.PolicyType | String | Policy type of the rule. |
SophosFirewall.SecurityPolicy.IPFamily | String | IP family of the security policy. Either IPv4 or IPv6. |
SophosFirewall.SecurityPolicy.AttachIdentity | String | Rule attach identity status. |
SophosFirewall.SecurityPolicy.Action | String | Current rule action. |
SophosFirewall.SecurityPolicy.LogTraffic | Number | Rule traffic logging code. |
#
Command Example!sophos-firewall-rule-add name=user_rule action=Accept ip_family=IPv4 log_traffic=Disable policy_type=User position=bottom match_identity=Enable show_captive_portal=Enable destination_zones=LAN members="Guest Group"
#
Context Example#
Human Readable Output#
SecurityPolicy Object details
Name Status PolicyType IPFamily Action LogTraffic user_rule Enable User IPv4 Accept Disable
#
sophos-firewall-rule-updateUpdates an existing firewall rule.
#
Base Commandsophos-firewall-rule-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the new rule. | Required |
description | Description of the new rule. | Optional |
status | Whether the rule is enabled. Possible values: "Enable" and "Disable". Default is "Enable". | Optional |
ip_family | The IP family. Possible values: "IPv4" and "IPv6". Default is "IPv4". | Optional |
position | Whether the rule should be at the "top" or "bottom" of the list, or "before" or\ \ "after" a specific rule? IMPORTANT: If "before" or "after" is selected, provide the\ \ position_policy_name parameter. | Optional |
position_policy_name | The name of the policy that the rule should be created before or after. REQUIRED: When the position is "before" or "after". | Optional |
policy_type | Type of the new rule (policy). Possible values: "User" and "Network". | Optional |
source_zones | Source zones to add to the rule. Possible values: "Any", "LAN". "WAN", "VPN", "DMZ", "WiFi". | Optional |
source_networks | Source networks to add to the rule. | Optional |
destination_zones | Destination zones to add to the rule. Possible values: "Any", "LAN". "WAN", "VPN", "DMZ", "WiFi". | Optional |
destination_networks | Destination networks to add to the rule. | Optional |
services | Destination services to add to the rule. | Optional |
schedule | The schedule for the rule. Possible values: "All the time", "Work hours (5 Day week)", "Work hours (6 Day week)", "All Time on Weekdays", "All Time on Weekends", "All Time on Sunday", "All Days 10:00 to 19:00". IMPORTANT: Creating a new schedule is available in the web console. | Optional |
log_traffic | Whether to enable traffic logging for the policy. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
match_identity | Whether to check if the specified user/user group from the\ \ selected zone is allowed to access the selected service. Possible values: "Enable" and "Disable". Default is "Disable". IMPORTANT: When enabling match_identity, the members argument is required. | Optional |
show_captive_portal | Whether to accept traffic from unknown users. Captive portal page\ \ is displayed to the user where the user can login to access the Internet.\ \ Possible values: "Enable" and "Disable". Default is "Disable". IMPORTANT: MatchIdentity must be Enabled. PARAMETER OF: UserPolicy. | Optional |
members | An existing user(s) or group(s) to add to the rule. REQUIRED when match_identity is enabled. | Optional |
action | Action for the rule traffic. Possible values: "Accept", "Reject", and "Drop". Default is "Drop". | Optional |
dscp_marking | The DSCP marking level to classify the flow of packets based on the Traffic Shaping policy. | Optional |
primary_gateway | The primary gateway. Applicable only in case of multiple gateways. | Optional |
backup_gateway | The backup gateway. Applicable only in case of multiple gateways. | Optional |
application_control | The Application Filter policy for the rule. Default is "Allow All". | Optional |
application_based_qos_policy | Whether to limit the bandwidth for the applications categorized\ \ under the Application category. This tag is only applicable when\ \ an application_control is selected. Possible values: "Apply" and "Revoke". Default is "Revoke". | Optional |
web_filter | The Web Filter policy for the rule. Default is "Allow All". | Optional |
web_category_base_qos_policy | Whether to limit the bandwidth for the URLs categorized under the Web\ \ category. This tag is only applicable when any web_filter is defined." Possible values: "Apply" and "Revoke". Default is "Revoke". | Optional |
traffic_shaping_policy | The Traffic Shaping policy for the rule. Default is "None". | Optional |
scan_http | Whether to enable virus and spam scanning for HTTP protocol. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
scan_https | Whether to enable virus and spam scanning for HTTPS protocol. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
sandstorm | Whether to enable sandstorm analysis. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
block_quick_quic | Whether to enable Google websites to use HTTP/s instead of QUICK QUIC. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
scan_ftp | Whether to enable scanning of FTP traffic. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
data_accounting | Whether to exclude a user's network traffic from data accounting. This option is available only if the parameter "Match rule-based on user identity" is enabled. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
rewrite_source_address | Whether to enable the NAT policy. Possible values: "Enable" and "Disable". Default is "Enable". | Optional |
web_filter_internet_scheme | Whether to enable the internet scheme to apply the user-based Web Filter policy for the rule. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
application_control_internet_scheme | Whether to enable the internet scheme to apply user-based Application Filter Policy for the rule. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
override_gateway_default_nat_policy | Whether to override the gateway of the default NAT policy. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
source_security_heartbeat | Whether to enable the source security heartbeat. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
destination_security_heartbeat | Whether to enable the destination security heartbeat. Possible values: "Enable" and "Disable". Default is "Disable". | Optional |
outbound_address | The NAT policy to be applied. Default is "MASQ". | Optional |
minimum_source_hb_permitted | The minimum source health status permitted. Default is "No Restriction". | Optional |
minimum_destination_hb_permitted | The minimum destination health status permitted. Default is "No Restriction". | Optional |
intrusion_prevention | The IPS policy for the rule. Default is "generalpolicy". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicy.Name | String | Name of the rule. |
SophosFirewall.SecurityPolicy.Description | String | Description of the rule. |
SophosFirewall.SecurityPolicy.Status | String | Status of the rule. |
SophosFirewall.SecurityPolicy.PolicyType | String | Policy type of the rule. |
SophosFirewall.SecurityPolicy.IPFamily | String | IP family of the security policy. Either IPv4 or IPv6. |
SophosFirewall.SecurityPolicy.AttachIdentity | String | Rule attach identity status. |
SophosFirewall.SecurityPolicy.Action | String | Current rule action. |
SophosFirewall.SecurityPolicy.LogTraffic | Number | Rule traffic logging code. |
#
Command Example!sophos-firewall-rule-update name=user_rule log_traffic=Enable source_zones=LAN
#
Context Example#
Human Readable Output#
SecurityPolicy Object details
Name Status PolicyType IPFamily Action LogTraffic user_rule Enable Network IPv4 Drop Enable
#
sophos-firewall-rule-deleteDeletes an existing firewall rule.
#
Base Commandsophos-firewall-rule-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the rule. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicy.Name | String | Name of the rule. |
SophosFirewall.SecurityPolicy.IsDeleted | Bool | Whether the rule is deleted. |
#
Command Example!sophos-firewall-rule-delete name=user_rule
#
Context Example#
Human Readable Output#
Deleting SecurityPolicy Objects Results
Name IsDeleted user_rule true
#
sophos-firewall-rule-group-listLists all firewall rule groups. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-rule-group-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicyGroup.Name | String | Name of the group. |
SophosFirewall.SecurityPolicyGroup.Description | String | Description of the group. |
SophosFirewall.SecurityPolicyGroup.SecurityPolicyList.SecurityPolicy | String | Rules contained inside the group. |
SophosFirewall.SecurityPolicyGroup.SourceZones.Zone | String | Source zone in the group. |
SophosFirewall.SecurityPolicyGroup.DestinationZones.Zone | String | Destination zone in the group. |
SophosFirewall.SecurityPolicyGroup.PolicyType | Number | Type of the rules in the group. |
#
Command Example!sophos-firewall-rule-group-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 SecurityPolicyGroup objects out of 8
Name Description SecurityPolicyList DestinationZones Traffic to DMZ Inbound traffic to DMZ. Firewall rules with the destination zone as DMZ would be added to this group on the first match basis if user selects automatic grouping option. This is the default group. SecurityPolicy: [example] Traffic to DMZ Zone: DMZ hi forunitest Traffic to WAN Outbound traffic to WAN. Firewall rules with the destination zone as WAN would be added to this group on the first match basis if user selects automatic grouping option. This is the default group. SecurityPolicy: [example] Traffic to WAN Zone: WAN unitest unitest2 For testing only
#
sophos-firewall-rule-group-getGets a single firewall rule group by name.
#
Base Commandsophos-firewall-rule-group-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the firewall rule group. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicyGroup.Name | String | Name of the group. |
SophosFirewall.SecurityPolicyGroup.Description | String | Description of the group. |
SophosFirewall.SecurityPolicyGroup.SecurityPolicyList.SecurityPolicy | String | Rules contained inside the group. |
SophosFirewall.SecurityPolicyGroup.SourceZones.Zone | String | Source zone in the group. |
SophosFirewall.SecurityPolicyGroup.DestinationZones.Zone | String | Destination zone in the group. |
SophosFirewall.SecurityPolicyGroup.PolicyType | Number | Type of the rules in the group. |
#
Command Example!sophos-firewall-rule-group-get name=rulegroup
#
Context Example#
Human Readable Output#
SecurityPolicyGroup Object details
Name Description SecurityPolicyList rulegroup rulegroup for user/network rules SecurityPolicy: network_rule,
user_rule
#
sophos-firewall-rule-group-addAdds a new firewall rule group.
#
Base Commandsophos-firewall-rule-group-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the rule group. | Required |
description | Description of the rule group. | Optional |
policy_type | Type of the rules (policies) inside the group. Possible values: "Any", "User/network rule", "User rule", "Business application rule". | Optional |
rules | Rules contained in the group. | Optional |
source_zones | Source zones contained in the group. Possible values: "Any", "LAN", "WAN", "VPN", "DMZ", "WiFi. | Optional |
destination_zones | Destination zones contained in the group. Possible values: "Any", "LAN", "WAN", "VPN", "DMZ", "WiFi. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicyGroup.Name | String | Name of the group. |
SophosFirewall.SecurityPolicyGroup.Description | String | Description of the group. |
SophosFirewall.SecurityPolicyGroup.SecurityPolicyList.SecurityPolicy | String | Rules contained in the group. |
SophosFirewall.SecurityPolicyGroup.SourceZones.Zone | String | Source zone in the group. |
SophosFirewall.SecurityPolicyGroup.DestinationZones.Zone | String | Destination zone in the group. |
SophosFirewall.SecurityPolicyGroup.PolicyType | Number | Type of the rules in the group. |
#
Command Example!sophos-firewall-rule-group-add name=rulegroup policy_type="User/network rule" rules=user_rule,network_rule
#
Context Example#
Human Readable Output#
SecurityPolicyGroup Object details
Name SecurityPolicyList rulegroup SecurityPolicy: user_rule,
network_rule
#
sophos-firewall-rule-group-updateUpdates an existing firewall rule group.
#
Base Commandsophos-firewall-rule-group-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the rule group. | Required |
description | Description of the rule group. | Optional |
policy_type | Type of the rules (policies) inside the group. Possible values: "Any", "User/network rule", "User rule", "Business application rule". | Optional |
rules | Rules contained in the group. | Optional |
source_zones | Source zones contained in the group. Possible values: "Any", "LAN", "WAN", "VPN", "DMZ", "WiFi. | Optional |
destination_zones | Destination zones contained in the group. Possible values: "Any", "LAN", "WAN", "VPN", "DMZ", "WiFi. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicyGroup.Name | String | Name of the group. |
SophosFirewall.SecurityPolicyGroup.Description | String | Description of the group. |
SophosFirewall.SecurityPolicyGroup.SecurityPolicyList.SecurityPolicy | String | Rules contained in the group. |
SophosFirewall.SecurityPolicyGroup.SourceZones.Zone | String | Source zone in the group. |
SophosFirewall.SecurityPolicyGroup.DestinationZones.Zone | String | Destination zone in the group. |
SophosFirewall.SecurityPolicyGroup.PolicyType | Number | Type of the rules in the group. |
#
Command Example!sophos-firewall-rule-group-update name=rulegroup description="rulegroup for user/network rules"
#
Context Example#
Human Readable Output#
SecurityPolicyGroup Object details
Name Description SecurityPolicyList rulegroup rulegroup for user/network rules SecurityPolicy: network_rule,
user_rule
#
sophos-firewall-rule-group-deleteDeletes an existing firewall group.
#
Base Commandsophos-firewall-rule-group-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the group. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.SecurityPolicyGroup.Name | String | Name of the group. |
SophosFirewall.SecurityPolicyGroup.IsDeleted | Bool | Whether the group is deleted. |
#
Command Example!sophos-firewall-rule-group-delete name=rulegroup
#
Context Example#
Human Readable Output#
Deleting SecurityPolicyGroup Objects Results
Name IsDeleted rulegroup true
#
sophos-firewall-url-group-listLists all URL groups. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-url-group-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterURLGroup.Name | String | Name of the URL group. |
SophosFirewall.WebFilterURLGroup.Description | String | Description of the URL group. |
SophosFirewall.WebFilterURLGroup.URLlist.URL | String | URL in the group. |
#
Command Example!sophos-firewall-url-group-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 WebFilterURLGroup objects out of 12
Name Description URLlist 1 1desc URL: www.x.com,
www.y.com2 URL: www.z.com URL: www.google.com urlgroup1 URL: www.blockthisurl.com forunitest URL: badwebsite.com forunitest2 URL: badwebsite2.com
#
sophos-firewall-url-group-getGets a single URL group by name.
#
Base Commandsophos-firewall-url-group-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the group. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterURLGroup.Name | String | Name of the URL group. |
SophosFirewall.WebFilterURLGroup.Description | String | Description of the URL group. |
SophosFirewall.WebFilterURLGroup.URLlist.URL | String | URL contained in the group. |
#
Command Example!sophos-firewall-url-group-get name=urlgroup
#
Context Example#
Human Readable Output#
WebFilterURLGroup Object details
Name URLlist urlgroup URL: www.example.com,
www.another-example.com
#
sophos-firewall-url-group-addAdds a new URL group.
#
Base Commandsophos-firewall-url-group-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the group. | Required |
description | Description of the group. | Optional |
urls | URLs to add to the group. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterURLGroup.Name | String | Name of the URL group. |
SophosFirewall.WebFilterURLGroup.Description | String | Description of the URL group. |
SophosFirewall.WebFilterURLGroup.URLlist.URL | String | URL contained in the group. |
#
Command Example!sophos-firewall-url-group-add name=urlgroup urls=www.example.com
#
Context Example#
sophos-firewall-url-group-updateUpdates an existing URL group.
#
Base Commandsophos-firewall-url-group-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the group. | Required |
description | Description of the group. | Optional |
urls | URLs to add to the group. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterURLGroup.Name | String | Name of the URL group. |
SophosFirewall.WebFilterURLGroup.Description | String | Description of the URL group. |
SophosFirewall.WebFilterURLGroup.URLlist.URL | String | URL contained in the group. |
#
Command Example!sophos-firewall-url-group-update name=urlgroup urls=www.another-example.com
#
Context Example#
Human Readable Output#
WebFilterURLGroup Object details
Name URLlist urlgroup URL: www.example.com,
www.another-example.com
#
sophos-firewall-url-group-deleteDeletes an existing URL group or groups.
#
Base Commandsophos-firewall-url-group-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the group(s). | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterURLGroup.Name | String | Name of the URL group. |
SophosFirewall.WebFilterURLGroup.IsDeleted | Bool | Whether the URL group is deleted. |
#
Command Example!sophos-firewall-url-group-delete name=urlgroup
#
Context Example#
Human Readable Output#
Deleting WebFilterURLGroup Objects Results
Name IsDeleted urlgroup true
#
sophos-firewall-ip-host-listLists all IP hosts. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-ip-host-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHost.Name | String | Name of the IP host. |
SophosFirewall.IPHost.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
SophosFirewall.IPHost.HostType | String | Type of the host. |
#
Command Example!sophos-firewall-ip-host-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 IPHost objects out of 13
Name IPFamily HostType ##ALL_RW IPv4 System Host ##ALL_IPSEC_RW IPv4 System Host ##ALL_SSLVPN_RW IPv4 System Host ##ALL_RW6 IPv6 System Host ##ALL_SSLVPN_RW6 IPv6 System Host ##ALL_IPSEC_RW6 IPv6 System Host
#
sophos-firewall-ip-host-getGets a single IP host by name.
#
Base Commandsophos-firewall-ip-host-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the IP host. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHost.Name | String | Name of the IP host. |
SophosFirewall.IPHost.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
SophosFirewall.IPHost.HostType | String | Type of the host. |
#
Command Example!sophos-firewall-ip-host-get name=iphost
#
Context Example#
Human Readable Output#
IPHost Object details
Name IPFamily HostType iphost IPv4 IP
#
sophos-firewall-ip-host-addAdds a new IP host.
#
Base Commandsophos-firewall-ip-host-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the IP host. | Required |
host_type | Type of the host. Possible values: "IP", "Network", "IPRange", "IPList". | Required |
ip_family | The IP family. Possible values: "IPv4" and "IPv6". Default is "IPv4". | Optional |
ip_address | IP address if IP or network was the chosen type. | Optional |
subnet_mask | Subnet mask if network was the chosen type. | Optional |
start_ip | Start of the IP range if IPRange was chosen. | Optional |
end_ip | End of the IP range if IPRange was chosen. | Optional |
ip_addresses | List of IP addresses if IPList was chosen. | Optional |
host_group | Select the host group to which the host belongs. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHost.Name | String | Name of the IP host. |
SophosFirewall.IPHost.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
SophosFirewall.IPHost.HostType | String | Type of the host. |
#
Command Example!sophos-firewall-ip-host-add name=iphost host_type=IP ip_address=1.1.1.1
#
Context Example#
Human Readable Output#
IPHost Object details
Name IPFamily HostType iphost IPv4 IP
#
sophos-firewall-ip-host-updateUpdates an existing IP host.
#
Base Commandsophos-firewall-ip-host-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the IP host. | Required |
host_type | Type of the host. Possible values: "IP", "Network", "IPRange", "IPList". | Optional |
ip_family | The IP family. Possible values: "IPv4" and "IPv6". Default is "IPv4". | Optional |
ip_address | IP address if IP or network was the chosen type. | Optional |
subnet_mask | Subnet mask if network was the chosen type. | Optional |
start_ip | Start of the IP range if IPRange was chosen. | Optional |
end_ip | End of the IP range if IPRange was chosen. | Optional |
ip_addresses | List of IP addresses if IPList was chosen. | Optional |
host_group | Select the host group to which the host belongs. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHost.Name | String | Name of the IP host. |
SophosFirewall.IPHost.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
SophosFirewall.IPHost.HostType | String | Type of the host. |
#
Command Example!sophos-firewall-ip-host-update name=iphost ip_address=2.2.2.2
#
Context Example#
Human Readable Output#
IPHost Object details
Name IPFamily HostType iphost IPv4 IP
#
sophos-firewall-ip-host-deleteDeletes an existing IP host.
#
Base Commandsophos-firewall-ip-host-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the host. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHost.Name | String | Name of the IP host. |
SophosFirewall.IPHost.IsDeleted | Bool | Whether the IP host is deleted. |
#
Command Example!sophos-firewall-ip-host-delete name=iphost
#
Context Example#
Human Readable Output#
Deleting IPHost Objects Results
Name IsDeleted iphost true
#
sophos-firewall-ip-host-group-listLists all IP host groups. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-ip-host-group-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHostGroup.Name | String | Name of the IP host group. |
SophosFirewall.IPHostGroup.description | String | Description of the IP host group. |
SophosFirewall.IPHostGroup.HostList.Host | String | Host contained in the host group. |
SophosFirewall.IPHostGroup.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
#
Command Example!sophos-firewall-ip-host-group-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 3 IPHostGroup objects out of 3
Name Description IPFamily HostList Blocked by Playbook IPv4 Host: 1.2.3.4,
8.8.8.8unitest2 FOR TESTING IPv4 Noam-Test IPv4
#
sophos-firewall-ip-host-group-getGets a single IP host group by name.
#
Base Commandsophos-firewall-ip-host-group-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the IP host group. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHostGroup.Name | String | Name of the IP host group. |
SophosFirewall.IPHostGroup.description | String | Description of the IP host group. |
SophosFirewall.IPHostGroup.HostList.Host | String | Host contained inside the host group. |
SophosFirewall.IPHostGroup.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
#
Command Example!sophos-firewall-ip-host-group-get name=iphostgroup
#
Context Example#
Human Readable Output#
IPHostGroup Object details
Name IPFamily HostList iphostgroup IPv4 Host: iphost
#
sophos-firewall-ip-host-group-addAdds a new IP host group.
#
Base Commandsophos-firewall-ip-host-group-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the IP host group. | Required |
description | Description of the IP host group. | Optional |
ip_family | The IP family. Possible values: "IPv4" and "IPv6". | Optional |
hosts | IP hosts contained in the group. Must be hosts already existing in the system. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHostGroup.Name | String | Name of the IP host group. |
SophosFirewall.IPHostGroup.description | String | Description of the IP host group. |
SophosFirewall.IPHostGroup.HostList.Host | String | Host contained in the host group. |
SophosFirewall.IPHostGroup.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
#
Command Example!sophos-firewall-ip-host-group-add name=iphostgroup
#
Context Example#
Human Readable Output#
IPHostGroup Object details
Name IPFamily iphostgroup IPv4
#
sophos-firewall-ip-host-group-updateUpdates an existing IP host group.
#
Base Commandsophos-firewall-ip-host-group-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the IP host group. | Required |
description | Description of the IP host group. | Optional |
ip_family | The IP family. Possible values: "IPv4" and "IPv6". | Optional |
hosts | IP hosts contained in the group. Must be hosts already existing in the system. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHostGroup.Name | String | Name of the IP host group. |
SophosFirewall.IPHostGroup.description | String | Description of the IP host group. |
SophosFirewall.IPHostGroup.HostList.Host | String | Host contained inside the host group. |
SophosFirewall.IPHostGroup.IPFamily | String | IP family of the host group. Either IPv4 or IPv6. |
#
Command Example!sophos-firewall-ip-host-group-update name=iphostgroup hosts=iphost
#
Context Example#
Human Readable Output#
IPHostGroup Object details
Name IPFamily HostList iphostgroup IPv4 Host: iphost
#
sophos-firewall-ip-host-group-deleteDeletes an existing IP host group.
#
Base Commandsophos-firewall-ip-host-group-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the group. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.IPHostGroup.Name | String | Name of the IP host group. |
SophosFirewall.IPHostGroup.IsDeleted | Bool | Whether the IP host group is deleted. |
#
Command Example!sophos-firewall-ip-host-group-delete name=iphostgroup
#
Context Example#
Human Readable Output#
Deleting IPHostGroup Objects Results
Name IsDeleted iphostgroup true
#
sophos-firewall-services-listLists all firewall services. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-services-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.Services.Name | String | Name of the firewall service. |
SophosFirewall.Services.Type | String | Type of the firewall service. |
SophosFirewall.Services.ServiceDetails.ServiceDetail | String | Details about the service. |
#
Command Example!sophos-firewall-services-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 Services objects out of 63
Name Type ServiceDetails AH IP ServiceDetail: {"ProtocolName": "AH"} AOL TCPorUDP ServiceDetail: {"SourcePort": "1:65535", "DestinationPort": "5190:5194", "Protocol": "TCP"} BGP TCPorUDP ServiceDetail: {"SourcePort": "1:65535", "DestinationPort": "179", "Protocol": "TCP"} DHCP TCPorUDP ServiceDetail: {"SourcePort": "67:68", "DestinationPort": "67:68", "Protocol": "UDP"} DNS TCPorUDP ServiceDetail: {'SourcePort': '1:65535', 'DestinationPort': '53', 'Protocol': 'TCP'},
{'SourcePort': '1:65535', 'DestinationPort': '53', 'Protocol': 'UDP'}ESP IP ServiceDetail: {"ProtocolName": "ESP"}
#
sophos-firewall-services-getGets a single service by name.
#
Base Commandsophos-firewall-services-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the firewall service. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.Services.Name | String | Name of the firewall service. |
SophosFirewall.Services.Type | String | Type of the firewall service. |
SophosFirewall.Services.ServiceDetails.ServiceDetail | String | Details about the service. |
#
Command Example!sophos-firewall-services-get name=service
#
Context Example#
Human Readable Output#
Services Object details
Name Type ServiceDetails service IP ServiceDetail: {'ProtocolName': 'Compaq-Peer'},
{'ProtocolName': 'AH'}
#
sophos-firewall-services-addAdds a new firewall service.
#
Base Commandsophos-firewall-services-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the firewall service. | Required |
service_type | Type of service. Possible values: "TCPorUDP", "IP", "ICMP", "ICMPv6". | Required |
protocol | The protocol for the service if service_type is TCPorUDP. Possible values: "TCP" and "UDP". | Optional |
source_port | Source port if service_type is TCPorUDP. | Optional |
destination_port | Destination port if service_type is TCPorUDP. | Optional |
protocol_name | Protocol name if service_type is IP. | Optional |
icmp_type | ICMP type if service_type is ICMP. | Optional |
icmp_code | ICMP code if service_type is ICMP. | Optional |
icmp_v6_type | ICMPv6 type if service_type is ICMPv6. | Optional |
icmp_v6_code | ICMPv6 code if service_type is ICMPv6. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.Services.Name | String | Name of the firewall service. |
SophosFirewall.Services.Type | String | Type of the firewall service. |
SophosFirewall.Services.ServiceDetails.ServiceDetail | String | Details about the service. |
#
Command Example!sophos-firewall-services-add name=service service_type=IP protocol_name="Compaq-Peer"
#
Context Example#
Human Readable Output#
Services Object details
Name Type ServiceDetails service IP ServiceDetail: {"ProtocolName": "Compaq-Peer"}
#
sophos-firewall-services-updateUpdates an existing firewall service.
#
Base Commandsophos-firewall-services-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the firewall service. | Required |
service_type | Type of service. Possible values: "TCPorUDP", "IP", "ICMP", "ICMPv6". | Optional |
protocol | The protocol for the service if service_type is TCPorUDP. Possible values: "TCP" and "UDP". | Optional |
source_port | Source port if service_type is TCPorUDP. | Optional |
destination_port | Destination port if service_type is TCPorUDP. | Optional |
protocol_name | Protocol name if service_type is IP. | Optional |
icmp_type | ICMP type if service_type is ICMP. | Optional |
icmp_code | ICMP code if service_type is ICMP. | Optional |
icmp_v6_type | ICMPv6 type if service_type is ICMPv6. | Optional |
icmp_v6_code | ICMPv6 code if service_type is ICMPv6. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.Services.Name | String | Name of the firewall service. |
SophosFirewall.Services.Type | String | Type of the firewall service. |
SophosFirewall.Services.ServiceDetails.ServiceDetail | String | Details about the service. |
#
Command Example!sophos-firewall-services-update name=service service_type=IP protocol_name=AH
#
Context Example#
Human Readable Output#
Services Object details
Name Type ServiceDetails service IP ServiceDetail: {'ProtocolName': 'Compaq-Peer'},
{'ProtocolName': 'AH'}
#
sophos-firewall-services-deleteDeletes an existing firewall service.
#
Base Commandsophos-firewall-services-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the service. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.Services.Name | String | Name of the firewall service. |
SophosFirewall.Services.IsDeleted | Bool | Whether the firewall service is deleted. |
#
Command Example!sophos-firewall-services-delete name=service
#
Context Example#
Human Readable Output#
Deleting Services Objects Results
Name IsDeleted service true
#
sophos-firewall-user-listLists all users. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-user-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.User.Name | String | Name of the user. |
SophosFirewall.User.Username | String | Username of the user. |
SophosFirewall.User.Description | String | Description of the user. |
SophosFirewall.User.EmailList.EmailID | String | Email of the user. |
SophosFirewall.User.Group | String | Group of the user. |
SophosFirewall.User.UserType | String | User type of the user. |
SophosFirewall.User.Status | String | Status of the user. |
#
Command Example!sophos-firewall-user-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 User objects out of 8
Username Name Description EmailList Group UserType Status user new user_new EmailID: test@test.com Open Group User Active sg sg This is sg desc EmailID: test@test.com Guest Group Administrator Active 1 1 1 Guest Group User Active sg1 sg new desc Guest Group User Active unitestuser unitest2 EmailID: test@test.test Guest Group User Active unitestuser2 unitest3 EmailID: test@test.test Guest Group User Active
#
sophos-firewall-user-getGets a single user by name.
#
Base Commandsophos-firewall-user-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the user. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.User.Name | String | Name of the user. |
SophosFirewall.User.Username | String | Username of the user. |
SophosFirewall.User.Description | String | Description of the user. |
SophosFirewall.User.EmailList.EmailID | String | Email of the user. |
SophosFirewall.User.Group | String | Group of the user. |
SophosFirewall.User.UserType | String | User type of the user. |
SophosFirewall.User.Status | String | Status of the user. |
#
Command Example!sophos-firewall-user-get name=user
#
Context Example#
Human Readable Output#
User Object details
Username Name Description Group UserType Status user user Description for the user Guest Group User Active
#
sophos-firewall-user-addAdds a new user.
#
Base Commandsophos-firewall-user-add
#
InputArgument Name | Description | Required |
---|---|---|
username | Username of the user. | Required |
name | Name of the user. | Required |
description | Description of the user. | Optional |
Email of the user. | Required | |
group | Group of the user. Default is "Guest Group". | Optional |
password | The password of the user. | Required |
user_type | The type of the user. Possible values: "Administrator" and "User". Default is "User". | Optional |
profile | Profile of the administrator if user_type is Administrator. Possible values: "Administrator", "Crypto Admin", "Security Admin", "Audit Admin", "HAProfile". IMPORTANT: You can add more types in the web console. | Optional |
surfing_quota_policy | The Surfing Quota policy. Default is "Unlimited Internet Access". | Optional |
access_time_policy | The Access Time policy. Default is "Allowed all the time". | Optional |
ssl_vpn_policy | The SSL VPN policy. Default is "No Policy Applied". | Optional |
clientless_policy | The clientless policy. Default is "No Policy Applied". | Optional |
data_transfer_policy | The Data Transfer policy. Default is: "100 MB Total Data Transfer policy". | Optional |
simultaneous_logins_global | Whether to enable simultaneous logins global. Possible values: "Enable" and "Disable". Default is "Eanble". | Optional |
schedule_for_appliance_access | The schedule for appliance access. Default is "All The Time". IMPORTANT: This option\ \ is available only for Administrators. | Optional |
qos_policy | The QoS policy. Default is "High Guarantee User". | Optional |
login_restriction | The login restriction option. Possible values: "AnyNode" and "UserGroupNode". Default is "UserGroupNode". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.User.Name | String | Name of the user. |
SophosFirewall.User.Username | String | Username of the user. |
SophosFirewall.User.Description | String | Description of the user. |
SophosFirewall.User.EmailList.EmailID | String | Email of the user. |
SophosFirewall.User.Group | String | Group of the user. |
SophosFirewall.User.UserType | String | User type of the user. |
SophosFirewall.User.Status | String | Status of the user. |
#
Command Example!sophos-firewall-user-add name=user username=user password=1234 email=user@mail.com
#
Context Example#
Human Readable Output#
User Object details
Username Name EmailList Group UserType Status user user EmailID: user@mail.com Guest Group User Active
#
sophos-firewall-user-updateUpdates a user.
#
Base Commandsophos-firewall-user-update
#
InputArgument Name | Description | Required |
---|---|---|
username | Username of the user. | Required |
name | Name of the user. | Required |
description | Description of the user. | Optional |
Email of the user. | Optional | |
group | Group of the user. Default is "Guest Group". | Optional |
password | The password of the user. | Optional |
user_type | The type of the user. Possible values: "Administrator" and "User". Default is "User". | Optional |
profile | Profile of the administrator if user_type is Administrator. Possible values: "Administrator", "Crypto Admin", "Security Admin", "Audit Admin", "HAProfile". IMPORTANT: You can add more types in the web console. | Optional |
surfing_quota_policy | The Surfing Quota policy. Default is "Unlimited Internet Access". | Optional |
access_time_policy | The Access Time policy. Default is "Allowed all the time". | Optional |
ssl_vpn_policy | The SSL VPN policy. Default is "No Policy Applied". | Optional |
clientless_policy | The clientless policy. Default is "No Policy Applied". | Optional |
data_transfer_policy | The Data Transfer policy. Default is: "100 MB Total Data Transfer policy". | Optional |
simultaneous_logins_global | Whether to enable simultaneous logins global. Possible values: "Enable" and "Disable". Default is "Eanble". | Optional |
schedule_for_appliance_access | The schedule for appliance access. Default is "All The Time".IMPORTANT: This option\ \ is available only for Administrators. | Optional |
qos_policy | The QoS policy. Default is "High Guarantee User". | Optional |
login_restriction | The login restriction option. Possible values: "AnyNode" and "UserGroupNode". Default is "UserGroupNode". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.User.Name | String | Name of the user. |
SophosFirewall.User.Username | String | Username of the user. |
SophosFirewall.User.Description | String | Description of the user. |
SophosFirewall.User.EmailList.EmailID | String | Email of the user. |
SophosFirewall.User.Group | String | Group of the user. |
SophosFirewall.User.UserType | String | User type of the user. |
SophosFirewall.User.Status | String | Status of the user. |
#
Command Example!sophos-firewall-user-update name=user username=user description="Description for the user"
#
Context Example#
Human Readable Output#
User Object details
Username Name Description Group UserType Status user user Description for the user Guest Group User Active
#
sophos-firewall-user-deleteDeletes an existing user.
#
Base Commandsophos-firewall-user-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the user. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.User.Name | String | Name of the user. |
SophosFirewall.User.IsDeleted | Bool | Whether the user is deleted. |
#
Command Example!sophos-firewall-user-delete name=user
#
Context Example#
Human Readable Output#
Deleting User Objects Results
Name IsDeleted user true
#
sophos-firewall-app-policy-listLists all app policies. IMPORTANT: Listing starst at 0 (not 1)!
#
Base Commandsophos-firewall-app-policy-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterPolicy.Name | String | Name of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.Description | String | Description of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.MicroAppSupport | String | Whether the policy support microapps. |
SophosFirewall.ApplicationFilterPolicy.DefaultAction | String | Default action the policy executes. |
SophosFirewall.ApplicationFilterPolicy.RuleList.Rule | String | Details of the rule. |
#
Command Example!sophos-firewall-app-policy-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 ApplicationFilterPolicy objects out of 12
Name Description MicroAppSupport DefaultAction RuleList Allow All Allow All Policy. True Allow Block filter avoidance apps Drops traffic from applications that tunnels other apps, proxy and tunnel apps, and from apps that can bypass firewall policy. These applications allow users to anonymously browse Internet by connecting to servers on the Internet via encrypted SSL tunnels. This, in turn, enables users to bypass network security measures. True Allow Rule: {'SelectAllRule': 'Enable', 'CategoryList': {'Category': 'Proxy and Tunnel'}, 'SmartFilter': None, 'ApplicationList': {'Application': 'test'}, 'Action': 'Deny', 'Schedule': 'All The Time'} Block generally unwanted apps Drops generally unwanted applications traffic. This includes file transfer apps, proxy & tunnel apps, risk prone apps, peer to peer networking (P2P) apps and apps that causes loss of productivity. True Allow Rule: {'SelectAllRule': 'Enable', 'CategoryList': {'Category': 'P2P'}, 'SmartFilter': None, 'ApplicationList': {'Application': ['test']}, 'Action': 'Deny', 'Schedule': 'All The Time'} Block high risk (Risk Level 4 and 5) apps Drops traffic that are classified under high risk apps (Risk Level- 4 and 5). True Allow Rule: {'SelectAllRule': 'Enable', 'RiskList': {'Risk': 'High'}, 'SmartFilter': None, 'ApplicationList': {'Application': ['test']}, 'Action': 'Deny', 'Schedule': 'All The Time'} Block peer to peer (P2P) networking apps Drops traffic from applications that are categorized as P2P apps. P2P could be a mechanism for distributing Bots, Spywares, Adware, Trojans, Rootkits, Worms and other types of malwares. It is generally advised to have P2P application blocked in your network. True Allow Rule: {"SelectAllRule": "Enable", "CategoryList": {"Category": "P2P"}, "SmartFilter": null, "ApplicationList": {"Application": ["test"]}, "Action": "Deny", "Schedule": "All The Time"} Block very high risk (Risk Level 5) apps Drops traffic that are classified under very high risk apps (Risk Level- 5). True Allow Rule: {"SelectAllRule": "Enable", "RiskList": {"Risk": "Very High"}, "SmartFilter": null, "ApplicationList": {"Application": ["test]}, "Action": "Deny", "Schedule": "All The Time"}
#
sophos-firewall-app-policy-getGets a single app policy by name.
#
Base Commandsophos-firewall-app-policy-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterPolicy.Name | String | Name of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.Description | String | Description of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.MicroAppSupport | String | Does the policy support microapps. |
SophosFirewall.ApplicationFilterPolicy.DefaultAction | String | Default action the policy executes. |
SophosFirewall.ApplicationFilterPolicy.RuleList.Rule | String | Details of the rule. |
#
Command Example!sophos-firewall-app-policy-get name=apppolicy
#
Context Example#
Human Readable Output#
ApplicationFilterPolicy Object details
Name Description MicroAppSupport DefaultAction apppolicy Description for app policy object True Allow
#
sophos-firewall-app-policy-addAdds a new app policy.
#
Base Commandsophos-firewall-app-policy-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy. | Required |
description | Description of the policy. | Optional |
micro_app_support | Whether microapp support is enabled. Possible values: "true" and "false". | Optional |
default_action | Default action for the policy. Possible values: "Allow" and "Deny". | Optional |
select_all | Whether to enable the select all rule. Possible values: "Enable" and "Disable". | Optional |
categories | Categories to add to the rule. | Optional |
risks | Risks to add to the rule. | Optional |
applications | Applications to add to the rule. | Optional |
characteristics | Characteristics to add to the rule. | Optional |
technologies | Technologies to add to the rule. | Optional |
classifications | Classifications to add to the rule. | Optional |
action | Action for the rule. Possible values: "Allow" and "Deny". | Optional |
schedule | The schedule for the rule. Possible values: "All the time", "Work hours (5 Day week)", "Work hours (6 Day week)", "All Time on Weekdays", "All Time on Weekends", "All Time on Sunday", "All Days 10:00 to 19:00". IMPORTANT: Creating a new schedule is available in the web console. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterPolicy.Name | String | Name of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.Description | String | Description of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.MicroAppSupport | String | Whether the policy supports microapps. |
SophosFirewall.ApplicationFilterPolicy.DefaultAction | String | Default action the policy executes. |
SophosFirewall.ApplicationFilterPolicy.RuleList.Rule | String | Details of the rule. |
#
Command Example!sophos-firewall-app-policy-add name=apppolicy
#
Context Example#
Human Readable Output#
ApplicationFilterPolicy Object details
Name MicroAppSupport DefaultAction apppolicy True Allow
#
sophos-firewall-app-policy-updateUpdates an existing app policy.
#
Base Commandsophos-firewall-app-policy-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy. | Required |
description | Description of the policy. | Optional |
micro_app_support | Whether microapp support is enabled. Possible values: "true" and "false". | Optional |
default_action | Default action for the policy. Possible values: "Allow" and "Deny". | Optional |
select_all | Whether to enable the select all rule. Possible values: "Enable" and "Disable". | Optional |
categories | Categories to add to the rule. | Optional |
risks | Risks to add to the rule. | Optional |
applications | Applications to add to the rule. | Optional |
characteristics | Characteristics to add to the rule. | Optional |
technologies | Technologies to add to the rule. | Optional |
classifications | Classifications to add to the rule. | Optional |
action | Action for the rule. Possible values: "Allow" and "Deny". | Optional |
schedule | The schedule for the rule. Possible values: "All the time", "Work hours (5 Day week)", "Work hours (6 Day week)", "All Time on Weekdays", "All Time on Weekends", "All Time on Sunday", "All Days 10:00 to 19:00". IMPORTANT: Creating a new schedule is available in the web console. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterPolicy.Name | String | Name of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.Description | String | Description of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.MicroAppSupport | String | Whether the policy supports microapps. |
SophosFirewall.ApplicationFilterPolicy.DefaultAction | String | Default action the policy executes. |
SophosFirewall.ApplicationFilterPolicy.RuleList.Rule | String | Details of the rule. |
#
Command Example!sophos-firewall-app-policy-update name=apppolicy description="Description for app policy object"
#
Context Example#
Human Readable Output#
ApplicationFilterPolicy Object details
Name Description MicroAppSupport DefaultAction apppolicy Description for app policy object True Allow
#
sophos-firewall-app-policy-deleteDeletes an existing app policy.
#
Base Commandsophos-firewall-app-policy-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterPolicy.Name | String | Name of the firewall app policy. |
SophosFirewall.ApplicationFilterPolicy.IsDeleted | Bool | Whether the firewall app policy is deleted. |
#
Command Example!sophos-firewall-app-policy-delete name=apppolicy
#
Context Example#
Human Readable Output#
Deleting ApplicationFilterPolicy Objects Results
Name IsDeleted apppolicy true
#
sophos-firewall-app-category-listLists all app filter categories. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-app-category-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterCategory.Name | String | Name of the app category. |
SophosFirewall.ApplicationFilterCategory.Description | String | Description of the app category. |
SophosFirewall.ApplicationFilterCategory.QoSPolicy | String | QoS policy of the category. |
SophosFirewall.ApplicationFilterCategory.BandwidthUsageType | String | Bandwidth usage type of the category. |
#
Command Example!sophos-firewall-app-category-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 ApplicationFilterCategory objects out of 25
Name Description QoSPolicy BandwidthUsageType Conferencing Conferencing None Desktop Mail Desktop Mail None Download Applications Database Applications None E-commerce E-commerce None File Transfer File Transfer None Gaming Gaming Sites and Applications policy Individual
#
sophos-firewall-app-category-getGets a single app filter category by name.
#
Base Commandsophos-firewall-app-category-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the app category. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterCategory.Name | String | Name of the app category. |
SophosFirewall.ApplicationFilterCategory.Description | String | Description of the app category. |
SophosFirewall.ApplicationFilterCategory.QoSPolicy | String | QoS policy of the category. |
SophosFirewall.ApplicationFilterCategory.BandwidthUsageType | String | Bandwidth usage type of the category. |
#
Command Example!sophos-firewall-app-category-get name=Gaming
#
Context Example#
Human Readable Output#
ApplicationFilterCategory Object details
Name Description QoSPolicy BandwidthUsageType Gaming Gaming Sites and Applications policy Individual
#
sophos-firewall-app-category-updateUpdates an existing app filter category.
#
Base Commandsophos-firewall-app-category-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the app category. | Required |
description | The description of the category. | Optional |
qos_policy | QoS policy of the category. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.ApplicationFilterCategory.Name | String | Name of the app category. |
SophosFirewall.ApplicationFilterCategory.Description | String | Description of the app category. |
SophosFirewall.ApplicationFilterCategory.QoSPolicy | String | QoS policy of the category. |
SophosFirewall.ApplicationFilterCategory.BandwidthUsageType | String | Bandwidth usage type of the category. |
#
Command Example!sophos-firewall-app-category-update name=Gaming qos_policy=policy
#
Context Example#
Human Readable Output#
ApplicationFilterCategory Object details
Name Description QoSPolicy BandwidthUsageType Gaming Gaming Sites and Applications policy Individual
#
sophos-firewall-web-filter-listLists all web filter policies. IMPORTANT: Listing starts at 0 (not 1)!
#
Base Commandsophos-firewall-web-filter-list
#
InputArgument Name | Description | Required |
---|---|---|
start | The start index for the rules to list, e.g: 5. Default is "0". | Optional |
end | The end index for the rules to list, e.g: 20. Default is "50". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterPolicy.Name | String | Name of the policy. |
SophosFirewall.WebFilterPolicy.DefaultAction | String | Default action for the web filter policy. |
SophosFirewall.WebFilterPolicy.Description | String | Description of the rule. |
SophosFirewall.WebFilterPolicy.EnableReporting | String | Whether the policy reports events. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestriction | Number | Maximum file size that can be downloaded. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestrictionEnabled | String | Whether the file size restriction is active. |
SophosFirewall.WebFilterPolicy.RuleList.Rule | String | Rule list information. |
#
Command Example!sophos-firewall-web-filter-list start=0 end=6
#
Context Example#
Human Readable Output#
Showing 0 to 6 WebFilterPolicy objects out of 12
Name Description DefaultAction EnableReporting DownloadFileSizeRestrictionEnabled DownloadFileSizeRestriction RuleList No Web Mail or Chat Deny access to web mail and online chat sites Allow Enable 0 0 Rule: {'CategoryList': {'Category': {'ID': 'Web E-Mail', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Online Chat', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'}No Web Mail Deny access to web mail sites Allow Enable 0 0 Rule: {"CategoryList": {"Category": {"ID": "Web E-Mail", "type": "WebCategory"}}, "HTTPAction": "Deny", "HTTPSAction": "Deny", "FollowHTTPAction": "1", "ExceptionList": {"FileTypeCategory": null}, "Schedule": "All The Time", "PolicyRuleEnabled": "1", "CCLRuleEnabled": "0"} No Online Chat Deny access to online chat sites Allow Enable 0 0 Rule: {"CategoryList": {"Category": {"ID": "Online Chat", "type": "WebCategory"}}, "HTTPAction": "Deny", "HTTPSAction": "Deny", "FollowHTTPAction": "1", "ExceptionList": {"FileTypeCategory": null}, "Schedule": "All The Time", "PolicyRuleEnabled": "1", "CCLRuleEnabled": "0"} No web uploads Restrict users from uploading content to any site Allow Enable 0 0 Rule: {"CategoryList": {"Category": {"ID": "HTTPUpload", "type": "DynamicCategory"}}, "HTTPAction": "Deny", "HTTPSAction": "Deny", "FollowHTTPAction": "1", "ExceptionList": {"FileTypeCategory": null}, "Schedule": "All The Time", "PolicyRuleEnabled": "1", "CCLRuleEnabled": "0"} Default Workplace Policy Deny access to categories most commonly unwanted in professional environments Allow Enable 0 0 Rule: {'CategoryList': {'Category': {'ID': 'Weapons', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Extreme', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Phishing & Fraud', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Militancy & Extremist', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Gambling', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Criminal Activity', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Pro-Suicide & Self-Harm', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Intellectual Piracy', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Marijuana', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Controlled substances', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Legal highs', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Hunting & Fishing', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Anonymizers', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Sexually Explicit', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': 'Nudity', 'type': 'WebCategory'}}, 'HTTPAction': 'Deny', 'HTTPSAction': 'Deny', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All The Time', 'PolicyRuleEnabled': '1', 'CCLRuleEnabled': '0'}No Explicit Content Deny access to sexually explicit sites Allow Enable 0 0 Rule: {"CategoryList": {"Category": {"ID": "Sexually Explicit", "type": "WebCategory"}}, "HTTPAction": "Deny", "HTTPSAction": "Deny", "FollowHTTPAction": "1", "ExceptionList": {"FileTypeCategory": null}, "Schedule": "All The Time", "PolicyRuleEnabled": "1", "CCLRuleEnabled": "0"}
#
sophos-firewall-web-filter-getGets a single web filter policy by name.
#
Base Commandsophos-firewall-web-filter-get
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterPolicy.Name | String | Name of the policy. |
SophosFirewall.WebFilterPolicy.DefaultAction | String | Default action for the web filter policy. |
SophosFirewall.WebFilterPolicy.Description | String | Description of the rule. |
SophosFirewall.WebFilterPolicy.EnableReporting | String | Whether the policy reports events. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestriction | Number | Maximum file size that can be downloaded. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestrictionEnabled | String | Whether the file size restriction is active. |
SophosFirewall.WebFilterPolicy.RuleList.Rule | String | Rule list information. |
#
Command Example!sophos-firewall-web-filter-get name=webfilter
#
Context Example#
Human Readable Output#
WebFilterPolicy Object details
Name Description DefaultAction EnableReporting DownloadFileSizeRestrictionEnabled DownloadFileSizeRestriction RuleList webfilter Description for web filter Allow Enable 1 300 Rule: {'CategoryList': {'Category': {'ID': 'Blocked URLs for Default Policy', 'type': 'URLGroup'}}, 'HTTPAction': 'Allow', 'HTTPSAction': 'Allow', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All Time on Sunday', 'PolicyRuleEnabled': '0', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': '1', 'type': 'URLGroup'}}, 'HTTPAction': 'Allow', 'HTTPSAction': 'Allow', 'FollowHTTPAction': '0', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All Time on Sunday', 'PolicyRuleEnabled': '0', 'CCLRuleEnabled': '0'}
#
sophos-firewall-web-filter-addAdds a new web filter policy.
#
Base Commandsophos-firewall-web-filter-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy | Required |
description | Description of the policy. | Optional |
default_action | Default action for the policy. Possible values: "Allow" and "Deny". | Required |
download_file_size_restriction_enabled | Whether the max download file size is enabled. Possible values: "0" and "1". | Optional |
download_file_size_restriction | Maximum file size to enable downloading in MB. | Optional |
goog_app_domain_list_enabled | Enable to specify domains allowed to access google service. Possible values: "0" and "1". | Optional |
goog_app_domain_list | The domains allowed to access google service. | Optional |
youtube_filter_enabled | Whether to enable YouTube Restricted Mode to restrict the content that is accessible. Possible values: "0" and "1". | Optional |
youtube_filter_is_strict | Whether to adjust the policy used for YouTube Restricted Mode. Possible values: "0" and "1". | Optional |
enforce_safe_search | Enable to block websites containing pornography and explicit sexual content from appearing in the search results of Google, Yahoo, Bing search results. Possible values: "0" and "1". | Optional |
enforce_image_licensing | Whether to further limit inappropriate content by enforcing search engine filters for Creative Commons licensed images. Possible values: "0" and "1". | Optional |
url_group_names | Comma-separted list of URL groups to block, allow, warn, or log. | Optional |
http_action | The HTTP action. Possible values: "Deny", "Allow", "Warn", and "Log". | Optional |
https_action | The HTTPs action. Possible values: "Deny", "Allow", "Warn", and "Log". | Optional |
schedule | The schedule for the rule. Possible values: "All the time", "Work hours (5 Day week)", "Work hours (6 Day week)", "All Time on Weekdays", "All Time on Weekends", "All Time on Sunday", "All Days 10:00 to 19:00". IMPORTANT: Creating a new schedule is available in the web console. | Optional |
policy_rule_enabled | Whether to enable the policy rule. Possible values: "1" and "0". | Optional |
user_names | A comma-separated list of users who this rule will apply to. | Optional |
ccl_names | A comma-separated list of CCL names. REQUIRED: When ccl_rule_enabled is ON. | Optional |
ccl_rule_enabled | Whether to enable the CCL rule. Possible values: "0" and "1". IMPORTANT: If enabled, ccl_name is required. | Optional |
follow_http_action | Whether to enable the HTTP action. Possible values: "0" and "1". | Optional |
enable_reporting | Whether to enable reporting of the policy. Possible values: "Enable" and "Disable". Default is "Enable". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterPolicy.Name | String | Name of the policy. |
SophosFirewall.WebFilterPolicy.DefaultAction | String | Default action for the web filter policy. |
SophosFirewall.WebFilterPolicy.Description | String | Description of the rule. |
SophosFirewall.WebFilterPolicy.EnableReporting | String | Whether the policy reports events. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestriction | Number | Maximum file size that can be downloaded. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestrictionEnabled | String | Whether the file size restriction is active. |
SophosFirewall.WebFilterPolicy.RuleList.Rule | String | Rule list information. |
#
Command Example!sophos-firewall-web-filter-add name=webfilter default_action=Allow enable_reporting=Enable download_file_size_restriction=300 download_file_size_restriction_enabled=1 enforce_image_licensing=1 enforce_safe_search=1 goog_app_domain_list=gmail.com goog_app_domain_list_enabled=1 http_action=Allow https_action=Allow schedule="All Time on Sunday" youtube_filter_enabled=1 youtube_filter_is_strict=1 ccl_rule_enabled=0 follow_http_action=1 policy_rule_enabled=0 url_group_names="Blocked URLs for Default Policy"
#
Context Example#
Human Readable Output#
WebFilterPolicy Object details
Name DefaultAction EnableReporting DownloadFileSizeRestrictionEnabled DownloadFileSizeRestriction RuleList webfilter Allow Enable 1 300 Rule: {"CategoryList": {"Category": {"ID": "Blocked URLs for Default Policy", "type": "URLGroup"}}, "HTTPAction": "Allow", "HTTPSAction": "Allow", "FollowHTTPAction": "1", "ExceptionList": {"FileTypeCategory": null}, "Schedule": "All Time on Sunday", "PolicyRuleEnabled": "0", "CCLRuleEnabled": "0"}
#
sophos-firewall-web-filter-updateUpdates an existing web filter policy.
#
Base Commandsophos-firewall-web-filter-update
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy. | Required |
description | Description of the policy. | Optional |
default_action | Default action for the policy. Possible values: "Allow" and "Deny". | Required |
download_file_size_restriction_enabled | Whether the maximum download file size is enabled. Possible values: "0" and "1". | Optional |
download_file_size_restriction | The maximum file size to enable downloading in MB. | Optional |
goog_app_domain_list_enabled | Whether to enable specifying domains allowed to access the Google service. Possible values: "0" and "1". | Optional |
goog_app_domain_list | Comma-separated list of domains allowed to access google service. | Optional |
youtube_filter_enabled | Whether to enable YouTube Restricted Mode to restrict the content that is accessible. Possible values: "0" and "1". | Optional |
youtube_filter_is_strict | Whether to adjust the policy used for YouTube Restricted Mode. Possible values: "0" and "1". | Optional |
enforce_safe_search | Whether to enable blocking websites containing pornography and explicit sexual content from appearing in the search results of Google, Yahoo, and Bing search results. Possible values: "0" and "1". | Optional |
enforce_image_licensing | Whether to further limit inappropriate content by enforcing search engine filters for Creative Commons licensed images. Possible values: "0" and "1". | Optional |
url_group_names | Comma-separated list of URL groups to block, allow, warn, or log. | Optional |
http_action | The HTTP action. Possible values: "Deny", "Allow", "Warn", and "Log". | Optional |
https_action | The HTTPs action. Possible values: "Deny", "Allow", "Warn", and "Log". | Optional |
schedule | The schedule for the rule. Possible values: "All the time", "Work hours (5 Day week)", "Work hours (6 Day week)", "All Time on Weekdays", "All Time on Weekends", "All Time on Sunday", "All Days 10:00 to 19:00". IMPORTANT: Creating a new schedule is available in the web console. | Optional |
policy_rule_enabled | Whether to enable the policy rule. Possible values: "1" and "0". | Optional |
user_names | A comma-separated list of users who this rule will apply to. | Optional |
ccl_names | A comma-separated list of CCL names. REQUIRED: when ccl_rule_enabled is ON | Optional |
ccl_rule_enabled | Whether to enable the CCL rule. Possible values: "0" and "1". IMPORTANT: If enabled, ccl_name is required. | Optional |
follow_http_action | Whether to enable the HTTP action. Possible values: "0" and "1". | Optional |
enable_reporting | Whether to enable reporting of the policy. Possible values: "Enable" and "Disable". Default is "Enable". | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterPolicy.Name | String | Name of the policy. |
SophosFirewall.WebFilterPolicy.DefaultAction | String | Default action for the web filter policy. |
SophosFirewall.WebFilterPolicy.Description | String | Description of the rule. |
SophosFirewall.WebFilterPolicy.EnableReporting | String | Whether the policy reports events. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestriction | Number | Maximum file size that can be downloaded. |
SophosFirewall.WebFilterPolicy.DownloadFileSizeRestrictionEnabled | String | Whether the file size restriction is active. |
SophosFirewall.WebFilterPolicy.RuleList.Rule | String | Rule list information. |
#
Command Example!sophos-firewall-web-filter-update name=webfilter default_action=Allow enable_reporting=Enable download_file_size_restriction=300 download_file_size_restriction_enabled=1 enforce_image_licensing=0 enforce_safe_search=1 goog_app_domain_list=gmail.com goog_app_domain_list_enabled=1 http_action=Allow https_action=Allow schedule="All Time on Sunday" youtube_filter_enabled=1 youtube_filter_is_strict=0 ccl_rule_enabled=0 follow_http_action=0 policy_rule_enabled=0 url_group_names=1 description="Description for web filter"
#
Context Example#
Human Readable Output#
WebFilterPolicy Object details
Name Description DefaultAction EnableReporting DownloadFileSizeRestrictionEnabled DownloadFileSizeRestriction RuleList webfilter Description for web filter Allow Enable 1 300 Rule: {'CategoryList': {'Category': {'ID': 'Blocked URLs for Default Policy', 'type': 'URLGroup'}}, 'HTTPAction': 'Allow', 'HTTPSAction': 'Allow', 'FollowHTTPAction': '1', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All Time on Sunday', 'PolicyRuleEnabled': '0', 'CCLRuleEnabled': '0'},
{'CategoryList': {'Category': {'ID': '1', 'type': 'URLGroup'}}, 'HTTPAction': 'Allow', 'HTTPSAction': 'Allow', 'FollowHTTPAction': '0', 'ExceptionList': {'FileTypeCategory': None}, 'Schedule': 'All Time on Sunday', 'PolicyRuleEnabled': '0', 'CCLRuleEnabled': '0'}
#
sophos-firewall-web-filter-deleteDeletes an existing web filter policy.
#
Base Commandsophos-firewall-web-filter-delete
#
InputArgument Name | Description | Required |
---|---|---|
name | Name of the policy. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
SophosFirewall.WebFilterPolicy.Name | String | Name of the policy. |
SophosFirewall.WebFilterPolicy.IsDeleted | Bool | Whether the policy is deleted. |
#
Command Example!sophos-firewall-web-filter-delete name=webfilter
#
Context Example#
Human Readable Output#
Deleting WebFilterPolicy Objects Results
Name IsDeleted webfilter true