Update Firewall Rule in FirePower using RESTAPI , Python ?

MSJ1 · ‎08-08-2023

I have a firewall policy where I have 500+ around rules , need to update a new IPS Policy NAME and Default set in each rule within a Policy ( FirePower Policy ) through FMC.

Can you give me some high level guideline , using restapi or any other means , how can I do that rather than doing it manually from GUI ?

Jonatan Jonasson · ‎08-08-2023

On a very high-level:

If you log in to the FMC api explorer (using the https://FMCIP/api/api-explorer) and scroll down to the Policy section, you would be focusing on the ..policy/accesspolicies/{containerUUID}/accessrules/... section to fetch and modify and re-post(put) the access-rules.

There are a few items you need to find first, such as the containerUUID for the access-policy, as well as the domainUUID for this installation. The api-explorer can help you out a bit with this, but you can also look at the rest api quick start guide for your version, see list here:
https://www.cisco.com/c/en/us/support/security/defense-center/products-programming-reference-guides-list.html

And I believe there still are some resources on DevNet (labs and sandbox) that could be helpful as well.
(Also libraries available for python for firepower, you can look through some of the examples on DevNet Code exchange

---
Please mark helpful answers & solutions
---

Jonatan Jonasson · ‎08-08-2023

Another item that's worth mentioning.
If you're on a recent version of FMC (7+) and you have the option to use the new UI (by clicking on the "Try New UI Layout" slider), you can mass select rules, and select "edit" in the "Select Bulk Actions" drop down list to edit common features such as logging and intrusion policy.
So you don't need to edit each individual policy entry. (See screenshot below)

---
Please mark helpful answers & solutions
---