Hello,
Either using DNA center or APIC EM, I want to block or quarantine an end-point using REST API.
Can someone please teach me how this could be done?
I'm expecting that Policy programming will work for this scenario.
I've tried a POST call like below, but couldn't make it work.
/api/v0/policy POST
[{"actions" : ["DENY"],
"policyOwner" : "admin",
"policyName" : "deny_all",
"networkUser" : {
"userIdentifiers" : ["10.2.1.17"]},
"actionProperty" : {
"destinations" : ["10.2.1.22"]} }]
# I have a switch whose ip address is 10.2.1.17 and the endpoint 10.2.1.22.
# In this scenario, detection of malware will be done by a different tool. I want to configure this tool so that it will send a POST request to APIC EM or DNA center to block or quarantine the end-point once malware is detected.
# I had a look at the following documents but didn't work for me.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/basic-configuration/Cisco-APIC-Basic-Configuration-Guide-401/Cisco-APIC-Basic-Configuration-Guide-401_chapter_0101.html
https://learninglabs.cisco.com/modules/dnac-rest-apis
Thank you very much in advance.