diff --git a/Auditing/Security Services - CompareSettings.ps1 b/Auditing/Security Services - CompareSettings.ps1
new file mode 100644
index 0000000..fd3e686
--- /dev/null
+++ b/Auditing/Security Services - CompareSettings.ps1
@@ -0,0 +1,306 @@
+Param(
+ [int32]$ITGClientID,
+ [int32]$FlexID,
+ [string]$CompanyName
+ )
+
+#############################################################################################################################################
+# Access Key Vault for ITGlue API Key
+$connectionName = "AzureRunAsConnection"
+try
+{
+ # Get the connection "AzureRunAsConnection "
+ $servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
+
+ Add-AzureRmAccount `
+ -ServicePrincipal `
+ -TenantId $servicePrincipalConnection.TenantId `
+ -ApplicationId $servicePrincipalConnection.ApplicationId `
+ -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
+}
+catch {
+ if (!$servicePrincipalConnection)
+ {
+ $ErrorMessage = "Connection $connectionName not found."
+ throw $ErrorMessage
+ } else{
+ Write-Error -Message $_.Exception
+ throw $_.Exception
+ }
+}
+#############################################################################################################################################
+# Azure Variable Set
+$Az_KeyValut_Secret_Name = "ITG-API-KEY"
+$Az_KeyValut_Secret_Username = "CWM-API-Username"
+$Az_KeyValut_Secret_Password = "CWM-API-Password"
+# Created Baseline unique ITGlue ID
+$ITG_Baseline_ID = "123123123"
+
+#############################################################################################################################################
+# Clean Company Name to make compatible with URL encoding
+$URL_CompanyName = [uri]::EscapeDataString($CompanyName)
+$URL_CompanyName|Write-Output
+
+#############################################################################################################################################
+# Connectwise Manage Variables
+$CMW_API_Auth_Prefix = "company+"
+$SW_MGMT_Port = "1234"
+$ITG_SW_SOP_URL = "https://company.itglue.com/11111/docs/111111"
+$CWM_API_Base_URI = "https://cw.company.com/v4_6_release/apis/3.0"
+$CWM_Service_Board_Name = "Incoming"
+
+#############################################################################################################################################
+# Getting ITGLUE API Key
+$ITG_API_KEY = (Get-AzureKeyVaultSecret -VaultName EntechInternalKeyVault -Name "$Az_KeyValut_Secret_Name").SecretValueText
+
+#############################################################################################################################################
+# Getting ConnectWise Manage API Keys
+$CWM_API_Username_Key = (Get-AzureKeyVaultSecret -VaultName EntechInternalKeyVault -Name "$Az_KeyValut_Secret_Username").SecretValueText
+$CWM_API_Password_Key = (Get-AzureKeyVaultSecret -VaultName EntechInternalKeyVault -Name "$Az_KeyValut_Secret_Password").SecretValueText
+
+#############################################################################################################################################
+# Building ITGlue Headers
+$ITGlue_Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
+$ITGlue_Headers.Add("Content-Type", 'application/vnd.api+json')
+$ITGlue_Headers.Add('x-api-key', $ITG_API_Key)
+
+#############################################################################################################################################
+# Building ConnectWise Manage Headers
+# First need to convert credentials to Base64, accepted by CWM API
+# Need to add entech+ to the username
+$CWM_API_Username_Key = "$CMW_API_Auth_Prefix" + $CWM_API_Username_Key
+
+$CWM_credPair = "$($CWM_API_Username_Key):$($CWM_API_Password_Key)"
+$CWM_encodedCredentials = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($CWM_credPair))
+
+$CWM_Headers = @{ Authorization = "Basic $CWM_encodedCredentials" }
+
+
+# Search URI for Company ID by using the name of the company. Company name should be synced with ITGlue EXACTLY so shouldn't have an issue here.
+$CWM_Get_ID_URI = "https://cw.entechus.com/v4_6_release/apis/3.0/company/companies?conditions=name=""$URL_CompanyName"" and status/id in (1, 18)"
+$CWM_Get_ID_URI|Write-Output
+
+$CWM_API_Results = Invoke-RestMethod -Method Get -Uri $CWM_Get_ID_URI -Headers $CWM_headers
+$CWM_API_Results|Write-Output
+
+$CWM_Company_Identifier = $CWM_API_Results.identifier
+$CWM_Company_Identifier|Write-Output
+#############################################################################################################################################
+# Building Compare Object Properties Function
+Function Compare-ObjectProperties {
+ Param(
+ [PSObject]$ReferenceObject,
+ [PSObject]$DifferenceObject
+ )
+ $objprops = $ReferenceObject | Get-Member -MemberType Property,NoteProperty | % Name
+ $objprops += $DifferenceObject | Get-Member -MemberType Property,NoteProperty | % Name
+ $objprops = $objprops | Sort | Select -Unique
+ $diffs = @()
+ foreach ($objprop in $objprops) {
+ $diff = Compare-Object $ReferenceObject $DifferenceObject -Property $objprop
+ if ($diff) {
+ $diffprops = @{
+ SettingName=$objprop
+ SOPSetting=($diff | ? {$_.SideIndicator -eq '<='} | % $($objprop))
+ SonicwallSetting=($diff | ? {$_.SideIndicator -eq '=>'} | % $($objprop))
+ }
+ $diffs += New-Object PSObject -Property $diffprops
+ }
+ }
+ if ($diffs) {return ($diffs | Select SettingName,SOPSetting,SonicwallSetting)}
+}
+
+#############################################################################################################################################
+# Querying ITGlue for Baseline Settings and Current Sonicwall Settings
+
+$SWSS_Baseline_Settings = Invoke-RestMethod -Method Get -Uri "https://api.itglue.com/flexible_assets/$ITG_Baseline_ID" -Headers $ITGlue_Headers
+$SWSS_Baseline_Settings = $SWSS_Baseline_Settings.data.attributes.traits
+$SWSS_Current_Client = Invoke-RestMethod -Method Get -Uri "https://api.itglue.com/flexible_assets/$FlexID" -Headers $ITGlue_Headers
+$SWSS_Current_Client_Settings = $SWSS_Current_Client.data.attributes.traits
+
+$Current_Flex_Uri = $SWSS_Current_Client.data.attributes.'resource-url'
+$Current_Org_Name = $SWSS_Current_Client.data.attributes.'organization-name'
+$Current_Ext_IP = $SWSS_Current_client.data.attributes.traits.'external-ip'
+$SW_SerialNumber = $SWSS_Current_Client.data.attributes.traits.'sonicwall-serial-number'
+$SW_Tagged_Config_URL = $SWSS_Current_Client.data.attributes.traits.sonicwall.values.'resource-url'
+$SW_Tagged_Config_Name = $SWSS_Current_Client.data.attributes.traits.sonicwall.values.name
+
+$Differences = Compare-ObjectProperties -ReferenceObject $SWSS_Baseline_Settings -DifferenceObject $SWSS_Current_Client_Settings
+
+
+# Excludes all properties from the object that we don't want the difference of, could be modified to pull only the settings we want.
+$SS_Dif = $Differences | Where-Object {
+ $_.SettingName -ne 'sonicwall' -and
+ $_.SettingName -ne 'sonicwall-model' -and
+ $_.SettingName -ne 'sonicwall-serial-number' -and
+ $_.SettingName -ne 'allowed-countries' -and
+ $_.SettingName -ne 'blocked-countries' -and
+ $_.SettingName -ne 'last-modified-date' -and
+ $_.SettingName -ne 'sonicwall-firmware-version' -and
+ $_.SettingName -ne 'up-time' -and
+ $_.SettingName -ne 'external-ip' -and
+ $_.SettingName -ne 'log-low-danger-spyware' -and
+ $_.SettingName -ne 'log-medium-danger-spyware' -and
+ $_.SettingName -ne 'log-high-danger-spyware' -and
+ $_.SettingName -ne 'log-high-priority-attacks' -and
+ $_.SettingName -ne 'log-medium-priority-attacks' -and
+ $_.SettingName -ne 'log-low-priority-attacks'
+}
+
+# Only Include Settings with Enabled in it, Calling Primary as it will not include sub settings for each security service.
+$SS_Dif2 = $Differences | Where-Object {$_.SettingName -like "*Enabled*"}
+
+# Pirmary Settings, onlly major security services were compared
+$SS_Dif_List_Primary_Settings = ($SS_Dif2|fl|Out-String).Trim()
+# All settings excluding the obvious ones that are always going to be different, such as model and serial number.
+$SS_Dif_List_All_Settings = ($SS_dif|fl|Out-String).Trim()
+
+#############################################################################################################################################
+# Checking the length of the differences returned, 0 means no setting were found outside of SOP, which means we don't need to report on it.
+
+if (
+ $SS_Dif_List_All_Settings.length -ne 0
+) {
+
+#############################################################################################################################################
+# Checking to see if there is an open ticket for this Sonicwall already. If there is then we'll update that ticket instead of making a new one.
+# Building the API requests to ConnectWise Manage
+$CWM_Ticket_Search_URI = "$CWM_API_Base_URI" + "/service/tickets/search"
+
+# Building the json request body to search for ticket
+$CWM_Ticket_Search_Body = New-Object PSObject -Property @{
+ conditions = "summary = '$SW_SerialNumber - Sonicwall Settings not to SOP' and ClosedFlag = False"
+}
+
+# Building API api call to actually search for the ticket
+$CWM_Ticket_Search_Response = Invoke-RestMethod -Method Post -Uri $CWM_Ticket_Search_URI -Body (ConvertTo-Json -InputObject $CWM_Ticket_Search_Body -Depth 100) -Headers $CWM_Headers -ContentType "application/json"
+$CWM_Ticket_Search_Response
+#############################################################################################################################################
+# Building variables to use in the ConnectWise Manage Ticket
+$SW_MGMT_IP = $Current_Ext_IP + ":" + "$SW_MGMT_Port"
+$Last_Mod_Date = $SWSS_Current_Client.data.attributes.traits.'last-modified-date'
+$SW_Model = $SWSS_Current_Client.data.attributes.traits.'sonicwall-model'
+$SW_UpTime = $SWSS_Current_Client.data.attributes.traits.'up-time'
+
+# Running If condition to see if any tickets were returned
+if (
+ $CWM_Ticket_Search_Response.count -eq 0
+ ) {
+ # No open tickets were found, Going to make a new one.
+#############################################################################################################################################
+ # POST to ConnectWise Manage to Make new ticket.
+ $CWM_New_Ticket_URI = "$CWM_API_Base_URI" + "/service/tickets"
+
+ # Building New Ticket Object, will be converted to JSON
+ $NewTicketData = New-Object PSObject -Property @{
+ summary = "$SW_SerialNumber - Sonicwall Settings not to SOP"
+ company = [ordered]@{
+ identifier = "$CWM_Company_Identifier"
+ }
+ board = [ordered]@{
+ name = "$CWM_Service_Board_Name"
+ }
+ priority = [ordered]@{
+ id = 18
+ }
+ initialDescription = "
+$SW_Tagged_Config_Name at the IP $Current_Ext_IP is not to SOP
+Below are the settings to review and resolve:
+
+----------------------------------------------------
+
+$SS_Dif_List_All_Settings
+
+----------------------------------------------------
+
+LEGEND
+SettingName - Name of the Security service setting or sub setting that is flagged as non-sop
+SOPSetting - The setting that the security service SHOULD be
+SonicwallSetting - The reported sonicwall setting
+
+----------------------------------------------------
+
+Notify NOC if reports are incorrect or if an exception needs to be made for $CompanyName
+Entech's Sonicwall SOP: $ITG_SW_SOP_URL
+ITGlue Asset = $Current_Flex_Uri
+
+-------SonicWALL Info-------
+
+Serial Number: $SW_SerialNumber
+External IP: $Current_Ext_IP
+SW External Access: https://$SW_MGMT_IP
+Last Modified Date: $Last_Mod_Date
+SonicWALL Up Time: $SW_UpTime
+SonicWALL ITGlue Config: $SW_Tagged_Config_URL
+"
+ }
+ $NewTicketData|Write-Output
+
+ $OutPut = Invoke-RestMethod -Method Post -Uri $CWM_New_Ticket_URI -Headers $CWM_headers -ContentType 'application/json' -Body (ConvertTo-Json -InputObject $NewTicketData -Depth 100)
+
+ $OutPut
+ Remove-variable -Name NewTicketData,output,SWSS_Current_Client
+} else {
+$Date = Get-Date
+$Date = [System.TimeZoneInfo]::ConvertTimeBySystemTimeZoneId($Date, [System.TimeZoneInfo]::Local.Id, 'Eastern Standard Time')
+
+ "There is a ticket! Update it!"
+ Foreach ($ticket in $CWM_Ticket_Search_Response) {
+#############################################################################################################################################
+ $CWM_Ticket_ID = $ticket.id
+ # POST to ConnectWise Manage to Update open ticket/s.
+ $CWM_Update_Ticket_URI = "$CWM_API_Base_URI" + "/service/tickets/$CWM_Ticket_ID/notes"
+
+# Building ticket update objecct, will be converted to JSON
+$UpdateTicketData = New-Object PSObject -Property @{
+ detailDescriptionFlag = $false
+ internalFlag = $true
+ customerUpdatedFlag = $false
+ internalAnalysisFlag = $true
+ resolutionFlag = $false
+ text = "
+Ticket Updated:
+$Date
+
+----------------------------------------------------
+
+$SW_Tagged_Config_Name at the IP $Current_Ext_IP is not to SOP
+Below are the settings to review and resolve:
+
+----------------------------------------------------
+
+$SS_Dif_List_All_Settings
+
+----------------------------------------------------
+
+LEGEND
+SettingName - Name of the Security service setting or sub setting that is flagged as non-sop
+SOPSetting - The setting that the security service SHOULD be
+SonicwallSetting - The reported sonicwall setting
+
+----------------------------------------------------
+
+Notify NOC if reports are incorrect or if an exception needs to be made for $CompanyName
+Entech's Sonicwall SOP: $ITG_SW_SOP_URL
+ITGlue Asset = $Current_Flex_Uri
+
+-------SonicWALL Info-------
+
+Serial Number: $SW_SerialNumber
+External IP: $Current_Ext_IP
+SW External Access: https://$SW_MGMT_IP
+Last Modified Date: $Last_Mod_Date
+SonicWALL Up Time: $SW_UpTime
+SonicWALL ITGlue Config: $SW_Tagged_Config_URL
+"
+}
+
+ $OutPut = Invoke-RestMethod -Method Post -Uri $CWM_Update_Ticket_URI -Headers $CWM_headers -ContentType 'application/json' -Body (ConvertTo-Json -InputObject $UpdateTicketData -Depth 100)
+
+ $OutPut
+ Remove-variable -Name UpdateTicketData,output,SWSS_Current_Client
+ }
+}
+} else {
+ "Sonicwall To SOP No Ticket Created" | Write-Output
+}
\ No newline at end of file
diff --git a/Auditing/Security Services - PullBaselineSettings.ps1 b/Auditing/Security Services - PullBaselineSettings.ps1
new file mode 100644
index 0000000..dde7ee6
--- /dev/null
+++ b/Auditing/Security Services - PullBaselineSettings.ps1
@@ -0,0 +1,69 @@
+###################################################################################################################################
+# Access Key Vault for ITGlue API Key
+$connectionName = "AzureRunAsConnection"
+try
+{
+ # Get the connection "AzureRunAsConnection "
+ $servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
+
+ Add-AzureRmAccount `
+ -ServicePrincipal `
+ -TenantId $servicePrincipalConnection.TenantId `
+ -ApplicationId $servicePrincipalConnection.ApplicationId `
+ -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
+}
+catch {
+ if (!$servicePrincipalConnection)
+ {
+ $ErrorMessage = "Connection $connectionName not found."
+ throw $ErrorMessage
+ } else{
+ Write-Error -Message $_.Exception
+ throw $_.Exception
+ }
+}
+#############################################################################################################################################
+# Baseline Variable, add your respective IDs
+$ITG_Baseline_ID = "123456789"
+$ITG_Flex_Asset_Type_ID = "1111222"
+
+# Setting Azure Runbook Variables
+$Az_Baseline_Check_Runbook = "Azure_Baseline_Check_Name" # Running "Security Services - CompareSettings.ps1"
+$Az_Resource_Group = "Azure_Resource_Group"
+$Az_Automation_Account = "Azure_Automation_Account_Name"
+$Az_KeyVault_ITG_Key_Name = "ITG-API-Key-Name"
+#############################################################################################################################################
+# Getting ITGLUE API Key
+$ITG_API_KEY = (Get-AzureKeyVaultSecret -VaultName EntechInternalKeyVault -Name "$Az_KeyVault_ITG_Key_Name").SecretValueText
+
+#############################################################################################################################################
+# Building ITGlue Headers
+$ITGlue_Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
+$ITGlue_Headers.Add("Content-Type", 'application/vnd.api+json')
+$ITGlue_Headers.Add('x-api-key', $ITG_API_Key)
+
+#############################################################################################################################################
+
+$Data = Invoke-RestMethod -Method Get -Uri "https://api.itglue.com/flexible_assets/?filter[flexible_asset_type_id]=$ITG_Flex_Asset_Type_ID&page[size]=1000" -Headers $ITGlue_Headers
+
+$SW_Security_Assets = $data.data
+
+# Excluding the baseline Flexible Asset from the list of Sonicwalls to Check, add extra lines with the IDs that we need to exclude for future baselines.
+$SW_Security_Assets = $SW_Security_Assets|Where-Object -Property id -NE -Value $ITG_Baseline_ID
+
+$SW_Security_Assets | ForEach-Object {
+ # Starts Next Script/Runbook and compares
+ # Taking Properties out of the current flexible asset
+ $Current_Flex_Asset_ID = $_.id
+ $Current_Company_Name = $_.attributes.'organization-name'
+ $Current_Company_ITG_ID = $_.attributes.'organization-id'
+
+ # Building Paramters to Pass to Next Runbook
+ $Param_Pass = @{"ITGClientID"="$Current_Company_ITG_ID";"FlexID"="$Current_Flex_Asset_ID";"CompanyName"="$Current_Company_Name"}
+
+ # Starting The Next Runbook
+ Start-AzureRmAutomationRunbook -Wait -Parameters $Param_Pass -Name "$Az_Baseline_Check_Runbook" -ResourceGroupName "$Az_Resource_Group" -MaxWaitSeconds 1000 -AutomationAccountName "$Az_Automation_Account"
+
+ # Clean up variables
+ Remove-Variable -Name Current_Flex_Asset_ID,Current_Company_Name,Current_Company_ITG_ID
+}
\ No newline at end of file
diff --git a/DataCollection/GeoIPCountries.csv b/DataCollection/GeoIPCountries.csv
new file mode 100644
index 0000000..f50fbb5
--- /dev/null
+++ b/DataCollection/GeoIPCountries.csv
@@ -0,0 +1,254 @@
+CountryName,Allowed
+"""Anonymous Proxy""",No
+"""Satellite Provider""",No
+Andorra,No
+"""United Arab Emirates""",No
+Afghanistan,No
+"""Antigua and Barbuda""",No
+Anguilla,No
+Albania,No
+Armenia,No
+"""Netherlands Antilles""",No
+Angola,No
+"""Asia/Pacific Region""",No
+Antarctica,No
+Argentina,No
+"""American Samoa""",No
+Austria,No
+Australia,Yes
+Aruba,No
+"""Aland Islands""",No
+Azerbaijan,No
+"""Bosnia and Herzegovina""",No
+Barbados,No
+Bangladesh,No
+Belgium,No
+"""Burkina Faso""",No
+Bulgaria,No
+Bahrain,No
+Burundi,No
+Benin,No
+Bermuda,No
+"""Brunei Darussalam""",No
+Bolivia,No
+Brazil,No
+Bahamas,No
+Bhutan,No
+"""Bouvet Island""",No
+Botswana,No
+Belarus,No
+Belize,No
+Canada,Yes
+"""Cocos (Keeling) Islands""",No
+"""Congo, The Democratic Republic of the""",No
+"""Central African Republic""",No
+Congo,No
+Switzerland,Yes
+"""Cote d'Ivoire""",No
+"""Cook Islands""",No
+Chile,No
+Cameroon,No
+China,No
+Colombia,No
+"""Costa Rica""",No
+Cuba,No
+"""Cape Verde""",No
+"""Christmas Island""",No
+Cyprus,No
+"""Czech Republic""",No
+Germany,Yes
+Djibouti,No
+Denmark,No
+Dominica,No
+"""Dominican Republic""",No
+Algeria,No
+Ecuador,No
+Estonia,No
+Egypt,No
+"""Western Sahara""",No
+Eritrea,No
+Spain,No
+Ethiopia,No
+Europe,Yes
+Finland,No
+Fiji,No
+"""Falkland Islands (Malvinas)""",No
+"""Micronesia, Federated States of""",No
+"""Faroe Islands""",No
+France,No
+Gabon,No
+"""United Kingdom""",Yes
+Grenada,No
+Georgia,No
+"""French Guiana""",No
+Guernsey,No
+Ghana,No
+Gibraltar,No
+Greenland,No
+Gambia,No
+Guinea,No
+Guadeloupe,No
+"""Equatorial Guinea""",No
+Greece,No
+"""South Georgia and the South Sandwich Islands""",No
+Guatemala,No
+Guam,No
+Guinea-Bissau,No
+Guyana,No
+"""Hong Kong""",No
+"""Heard Island and McDonald Islands""",No
+Honduras,No
+Croatia,No
+Haiti,No
+Hungary,No
+Indonesia,No
+Ireland,Yes
+Israel,No
+"""Isle of Man""",No
+India,No
+"""British Indian Ocean Territory""",No
+Iraq,No
+"""Iran, Islamic Republic of""",No
+Iceland,No
+Italy,No
+Jersey,No
+Jamaica,No
+Jordan,No
+Japan,Yes
+Kenya,No
+Kyrgyzstan,No
+Cambodia,No
+Kiribati,No
+Comoros,No
+"""Saint Kitts and Nevis""",No
+"""Korea, Democratic People's Republic of""",No
+"""Korea, Republic of""",No
+Kuwait,No
+"""Cayman Islands""",No
+Kazakhstan,No
+"""Lao People's Democratic Republic""",No
+Lebanon,No
+"""Saint Lucia""",No
+Liechtenstein,No
+"""Sri Lanka""",No
+Liberia,No
+Lesotho,No
+Lithuania,No
+Luxembourg,No
+Latvia,No
+"""Libyan Arab Jamahiriya""",No
+Morocco,No
+Monaco,No
+"""Moldova, Republic of""",No
+Montenegro,No
+Madagascar,No
+"""Marshall Islands""",No
+Macedonia,No
+Mali,No
+Myanmar,No
+Mongolia,No
+Macao,No
+"""Northern Mariana Islands""",No
+Martinique,No
+Mauritania,No
+Montserrat,No
+Malta,No
+Mauritius,No
+Maldives,No
+Malawi,No
+Mexico,No
+Malaysia,No
+Mozambique,No
+Namibia,No
+"""New Caledonia""",No
+Niger,No
+"""Norfolk Island""",No
+Nigeria,No
+Nicaragua,No
+Netherlands,Yes
+Norway,No
+Nepal,No
+Nauru,No
+Niue,No
+"""New Zealand""",Yes
+"""Other Country""",No
+Oman,No
+Panama,No
+Peru,No
+"""French Polynesia""",No
+"""Papua New Guinea""",No
+Philippines,No
+Pakistan,No
+Poland,No
+"""Saint Pierre and Miquelon""",No
+"""Puerto Rico""",No
+"""Palestinian Territory""",No
+Portugal,No
+Palau,No
+Paraguay,No
+Qatar,No
+Reunion,No
+Romania,No
+Serbia,No
+"""Russian Federation""",No
+Rwanda,No
+"""Saudi Arabia""",No
+"""Solomon Islands""",No
+Seychelles,No
+Sudan,No
+Sweden,No
+Singapore,No
+"""Saint Helena""",No
+Slovenia,No
+"""Svalbard and Jan Mayen""",No
+Slovakia,No
+"""Sierra Leone""",No
+"""San Marino""",No
+Senegal,No
+Somalia,No
+Suriname,No
+"""Sao Tome and Principe""",No
+"""El Salvador""",No
+"""Syrian Arab Republic""",No
+Swaziland,No
+"""Turks and Caicos Islands""",No
+Chad,No
+"""French Southern Territories""",No
+Togo,No
+Thailand,No
+Tajikistan,No
+Tokelau,No
+Turkmenistan,No
+Tunisia,No
+Tonga,No
+Turkey,No
+"""Trinidad and Tobago""",No
+Tuvalu,No
+Taiwan,No
+"""Tanzania, United Republic of""",No
+Ukraine,No
+Uganda,No
+"""United States Minor Outlying Islands""",No
+"""United States""",Yes
+Uruguay,No
+Uzbekistan,No
+"""Holy See (Vatican City State)""",No
+"""Saint Vincent and the Grenadines""",No
+Venezuela,No
+"""Virgin Islands, British""",No
+"""Virgin Islands, U.S.""",No
+Vietnam,No
+Vanuatu,No
+"""Wallis and Futuna""",No
+Samoa,No
+Yemen,No
+Mayotte,No
+"""South Africa""",No
+Zambia,No
+Zimbabwe,No
+"""Saint Martin""",No
+Pitcairn,No
+Timor-Leste,No
+Curacao,No
+"""Sint Maarten""",No
+"""Bonaire, Saint Eustatius and Saba""",No
diff --git a/DataCollection/RB-CollectSWData.ps1 b/DataCollection/RB-CollectSWData.ps1
new file mode 100644
index 0000000..d5ac884
--- /dev/null
+++ b/DataCollection/RB-CollectSWData.ps1
@@ -0,0 +1,723 @@
+Param(
+ [string]$IP,
+ [int32]$ITGClientID,
+ [string]$encodedCredentials,
+ [string]$Client_Name,
+ [string]$Client_Location_Name
+ )
+# Declaring fucntion we will use to calculate the network suffix
+function Convert-IpAddressToMaskLength([string] $dottedIpAddressString)
+{
+ $result = 0;
+ # ensure we have a valid IP address
+ [IPAddress] $ip = $dottedIpAddressString;
+ $octets = $ip.IPAddressToString.Split('.');
+ foreach($octet in $octets)
+ {
+ while(0 -ne $octet)
+ {
+ $octet = ($octet -shl 1) -band [byte]::MaxValue
+ $result++;
+ }
+ }
+ return $result;
+}
+#############################################################################################################################################
+# Allow Untrusted Certificates in this script session most sonicwalls are using self signed certs.
+add-type @"
+ using System.Net;
+ using System.Security.Cryptography.X509Certificates;
+ public class TrustAllCertsPolicy : ICertificatePolicy {
+ public bool CheckValidationResult(
+ ServicePoint srvPoint, X509Certificate certificate,
+ WebRequest request, int certificateProblem) {
+ return true;
+ }
+ }
+"@
+[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+
+#############################################################################################################################################
+# Setting Client ID Variable From Input Parameter
+$ITG_Client_ID = "$ITGClientID"
+$ITG_FLEX_TYPE_ID_SS = "112233"
+$ITG_FLEX_TYPE_ID_AO = "112244"
+$ITG_FLEX_TYPE_ID_AG = "112255"
+$ITG_FLEX_TYPE_ID_SO = "112266"
+$ITG_FLEX_TYPE_ID_SG = "112277"
+$ITG_FLEX_TYPE_ID_AR = "112288"
+#############################################################################################################################################
+$SW_MGMT_Port = "1234"
+$SW_IP = "$IP" + ":" + "$SW_MGMT_Port"
+$API_Auth_URI = "https://$SW_IP/api/sonicos/auth"
+$API_Base_URI = "https://$SW_IP/api/sonicos/"
+# Adding Client's Encoded Creds to the Header
+$headers = @{ Authorization = "Basic $encodedCredentials" }
+# Connecting to Sonicwall using Basic Auth
+$ConnectStatus = Invoke-RestMethod -Uri "$API_Auth_URI" -Method Post -Headers $headers -UseBasicParsing
+$ConnectStatus = $connectstatus.status.success
+
+#############################################################################################################################################
+# Importing CSV with country list of allowed and blocked countries GEO-IP Filtering according to your SOP
+
+ $GEO_BaseLine_CSV = Import-Csv 'C:\Safe\GeoIPCountries.csv'
+
+#############################################################################################################################################
+# Checks to see if connecting to the sonicwall was successful
+If ($ConnectStatus -eq $true) {
+Remove-Variable encodedCredentials
+
+#############################################################################################################################################
+
+# The the commands we are going to run on the sonicwall, this will be in the body of the API request.
+$API_GW_CLI = 'show gateway-antivirus'
+$API_IPS_CLI = 'show intrusion-prevention'
+$API_GEO_CLI = 'show geo-ip'
+$API_APP_CLI = 'show app-control'
+$API_RBL_CLI = 'show rbl'
+$API_BNET_CLI = 'show botnet'
+$API_INFO_CLI = "show status"
+
+# URI with the IP added, specifially for the accessing the CLI 'console'
+$API_URI = "https://$SW_IP/api/sonicos/direct/cli"
+
+# Special Header to return Text Output and not json object from request, specifically for Geo-IP at the moment due to bug in reporting from Json.
+$TextHeader = @{ Accept = "text/plain" }
+
+
+# Performs the API request and stores output, Sonicwall general info, for model, serial number and other items.
+$SW_Info_Repsonse = Invoke-RestMethod -Method POST -Uri $API_URI -Body "$API_INFO_CLI" -ContentType "Text/Plain"
+
+#############################################################################################################################################
+# Performs the API Request and stores output, Gateway AV
+$API_GW_Response = Invoke-RestMethod -Uri $API_URI -Body "$API_GW_CLI" -Method Post -ContentType "Text/plain"
+
+
+# Performs the API Request and stores output, IPS
+$API_IPS_Response = Invoke-RestMethod -Uri $API_URI -Body "$API_IPS_CLI" -Method Post -ContentType "Text/plain"
+
+
+# Performs the API Request and stores output, Geo IP Filter
+$API_GEO_Response = Invoke-RestMethod -Uri $API_URI -Body "$API_GEO_CLI" -Method Post -ContentType "Text/plain" -Headers $TextHeader
+
+
+# Performs the API Request and stores output, App Control
+$API_APP_Response = Invoke-RestMethod -Uri $API_URI -Body "$API_APP_CLI" -Method Post -ContentType "Text/plain"
+
+
+# Performs the API Request and stores output, Real Time Black List
+$API_RBL_Response = Invoke-RestMethod -Uri $API_URI -Body "$API_RBL_CLI" -Method Post -ContentType "Text/plain"
+
+
+# Performs the API Request and stores output, Bot Net
+$API_BNET_Response = Invoke-RestMethod -Uri $API_URI -Body "$API_BNET_CLI" -Method Post -ContentType "Text/plain"
+
+
+#############################################################################################################################################
+# First parsing API response for the genral info, creating variables for each setting we care about.
+# Since the return is text, we need to convert the text to an powershell object to parse through it more easliy, basically making each line it's own property "`n" denotes new line.
+$Obj_SW_Info = ConvertFrom-String -InputObject $SW_Info_Repsonse -Delimiter "`n"
+ # Filing each variable for the setting we care about for now, have to drill down the PSObject to filtering for the values we care about, remove the Real propery name and trim the extra space to only have the value.
+ $SW_Model = $SW_Info_Repsonse.model
+ $SW_SerialNumber = $SW_Info_Repsonse.serial_number
+ $SW_UpTime = $SW_Info_Repsonse.up_time
+ $SW_ProdCode = $SW_Info_Repsonse.product_code
+ $SW_RegCode = $SW_Info_Repsonse.registration_code
+ $SW_FW_Ver = $SW_Info_Repsonse.firmware_version
+ $SW_Mod_Date = $SW_Info_Repsonse.last_modified_by
+
+#############################################################################################################################################
+
+# Checking each setting in the SOP to check if it is enabled
+# First, checking Gateway AV is enabled
+ $GW_Enabled = $API_GW_Response.gateway_antivirus.enable
+
+# Checking that gateway av is enabled for http, ftp, etc.
+# InBound Settings
+ $GW_IB_HTTP_Enabled = $API_GW_Response.gateway_antivirus.inbound_inspection.http
+
+ $GW_IB_FTP_Enabled = $API_GW_Response.gateway_antivirus.inbound_inspection.ftp
+
+ $GW_IB_IMAP_Enabled = $API_GW_Response.gateway_antivirus.inbound_inspection.imap
+
+ $GW_IB_SMTP_Enabled = $API_GW_Response.gateway_antivirus.inbound_inspection.smtp
+
+ $GW_IB_POP3_Enabled = $API_GW_Response.gateway_antivirus.inbound_inspection.pop3
+
+ $GW_IB_CIFS_Enabled = $API_GW_Response.gateway_antivirus.inbound_inspection.cifs_netbios
+
+ $GW_IB_TCP_Enabled = $API_GW_Response.gateway_antivirus.inbound_inspection.tcp_stream
+
+# Checking that gateway av is enabled for http, ftp, etc.
+# OutBound Settings
+
+ $GW_OB_HTTP_Enabled = $API_GW_Response.gateway_antivirus.outbound_inspection.http
+
+ $GW_OB_FTP_Enabled = $API_GW_Response.gateway_antivirus.outbound_inspection.ftp
+
+ $GW_OB_SMTP_Enabled = $API_GW_Response.gateway_antivirus.outbound_inspection.smtp
+
+ $GW_OB_TCP_Enabled = $API_GW_Response.gateway_antivirus.outbound_inspection.tcp_stream
+
+# Checking each sub setting for each protocal
+# HTTP Sub Settings
+
+ $GW_HTTP_PWZIP_Enabled = $API_GW_Response.gateway_antivirus.restrict.password_protected_zip.http
+
+ $GW_HTTP_PKEXE_Enabled = $API_GW_Response.gateway_antivirus.restrict.packed_executables.http
+
+ $GW_HTTP_Macros_Enabled = $API_GW_Response.gateway_antivirus.restrict.ms_office_macros.http
+
+
+# Checking each sub setting for each protocal
+# FTP Sub Settings
+
+ $GW_FTP_PWZIP_Enabled = $API_GW_Response.gateway_antivirus.restrict.password_protected_zip.ftp
+
+ $GW_FTP_PKEXE_Enabled = $API_GW_Response.gateway_antivirus.restrict.packed_executables.ftp
+
+ $GW_FTP_Macros_Enabled = $API_GW_Response.gateway_antivirus.restrict.ms_office_macros.ftp
+
+# Checking each sub setting for each protocal
+# IMAP Sub Settings
+
+ $GW_IMAP_PWZIP_Enabled = $API_GW_Response.gateway_antivirus.restrict.password_protected_zip.imap
+
+ $GW_IMAP_PKEXE_Enabled = $API_GW_Response.gateway_antivirus.restrict.packed_executables.imap
+
+ $GW_IMAP_Macros_Enabled = $API_GW_Response.gateway_antivirus.restrict.ms_office_macros.imap
+
+# Checking each sub setting for each protocal
+# SMTP Sub Settings
+
+ $GW_SMTP_PWZIP_Enabled = $API_GW_Response.gateway_antivirus.restrict.password_protected_zip.smtp
+
+ $GW_SMTP_PKEXE_Enabled = $API_GW_Response.gateway_antivirus.restrict.packed_executables.smtp
+
+ $GW_SMTP_Macros_Enabled = $API_GW_Response.gateway_antivirus.restrict.ms_office_macros.smtp
+
+# Checking each sub setting for each protocal
+# POP3 Sub Settings
+
+ $GW_POP3_PWZIP_Enabled = $API_GW_Response.gateway_antivirus.restrict.password_protected_zip.pop3
+
+ $GW_POP3_PKEXE_Enabled = $API_GW_Response.gateway_antivirus.restrict.packed_executables.pop3
+
+ $GW_POP3_Macros_Enabled = $API_GW_Response.gateway_antivirus.restrict.ms_office_macros.pop3
+
+# Checking each sub setting for each protocal
+# CIFS-NetBios Sub Settings
+
+ $GW_CIFS_PWZIP_Enabled = $API_GW_Response.gateway_antivirus.restrict.password_protected_zip.cifs_netbios
+
+ $GW_CIFS_PKEXE_Enabled = $API_GW_Response.gateway_antivirus.restrict.packed_executables.cifs_netbios
+
+ $GW_CIFS_Macros_Enabled = $API_GW_Response.gateway_antivirus.restrict.ms_office_macros.cifs_netbios
+
+#############################################################################################################################################
+
+# IPS Section
+
+# Checking if IPS is enabled
+
+ $IPS_Enabled = $API_IPS_Response.intrusion_prevention.enable
+
+# High Priority Attacks
+
+ $IPS_High_Prevent = $API_IPS_Response.intrusion_prevention.signature_group.high_priority.prevent_all
+
+ $IPS_High_Detect = $API_IPS_Response.intrusion_prevention.signature_group.high_priority.detect_all
+
+IF ($API_IPS_Response.intrusion_prevention.signature_group.high_priority.log_redundancy -eq 0) {
+ $IPS_High_Log = $false
+ }else {
+ $IPS_High_Log = $true
+ }
+
+
+# Medium Priority Attacks
+
+$IPS_Medium_Prevent = $API_IPS_Response.intrusion_prevention.signature_group.medium_priority.prevent_all
+
+$IPS_Medium_Detect = $API_IPS_Response.intrusion_prevention.signature_group.medium_priority.detect_all
+
+IF ($API_IPS_Response.intrusion_prevention.signature_group.medium_priority.log_redundancy -eq 0) {
+$IPS_Medium_Log = $false
+}else {
+$IPS_Medium_Log = $true
+}
+
+
+# Low Priority Attacks
+
+$IPS_Low_Prevent = $API_IPS_Response.intrusion_prevention.signature_group.Low_priority.prevent_all
+
+$IPS_Low_Detect = $API_IPS_Response.intrusion_prevention.signature_group.Low_priority.detect_all
+
+IF ($API_IPS_Response.intrusion_prevention.signature_group.Low_priority.log_redundancy -eq 0) {
+$IPS_Low_Log = $false
+}else {
+$IPS_Low_Log = $true
+}
+
+#############################################################################################################################################
+# App Control Section
+
+# API Request Specifically for App Control Signatures
+# Encyped Key Exchange, Sig 7
+$API_APP_EKE_URI = "$API_Base_URI" + "app-control/applications/id/2900"
+$API_APP_EKE_SIG7_URI = "$API_Base_URI" + "app-control/signatures/id/7"
+$API_APP_EKE_SIG5_URI = "$API_Base_URI" + "app-control/signatures/id/5"
+# Tor
+$API_APP_TOR_CLI = 'show app-control category id 27 application id 467'
+
+################################
+
+# Making request for above APP Control Signatures
+$API_APP_EKE_Response = Invoke-RestMethod -Uri $API_APP_EKE_URI -Method Get
+
+# Checking to see if Encrypted Key Exchange is set to anything other than default, which would be what Proxy Access is set to.
+# Depending on the sonicwall version, finding out if EKE is using the category setting will return one of two results, -or operator is added to if statement to account for that.
+if ($API_APP_EKE_Response.app_control.application.block.category -eq $true -or $API_APP_EKE_Response.status.info.message -eq "App Control not found.") {
+ # Using Category Settings which is not blocked Now need to Check if Signature 7 and 5 are the same.
+ # Setting Results for Encrypted Key Exchange
+ $APP_EKE_Enabled = $false
+ # Checking Settings for Signature 7 and 5
+ $API_APP_EKE_SIG7_Response = Invoke-RestMethod -Uri $API_APP_EKE_SIG7_URI -Method Get
+ $API_APP_EKE_SIG5_Response = Invoke-RestMethod -Uri $API_APP_EKE_SIG5_URI -Method Get
+
+ # Checking Signature 7
+ if ($API_APP_EKE_SIG7_Response.status.info.message -eq "App Control not found.") {
+ $APP_EKE_Sig7 = $false
+ } else {
+ if ($API_APP_EKE_SIG7_Response.app_control.signature.block.enable -eq $true) {
+ $APP_EKE_Sig7 = $true
+ } else {
+ $APP_EKE_Sig7 = $false
+ }
+ }
+
+ # Checking Signature 5
+ if ($API_APP_EKE_SIG5_Response.status.info.message -eq "App Control not found.") {
+ $APP_EKE_Sig5 = $false
+ } else {
+ if ($API_APP_EKE_SIG5_Response.app_control.signature.block.enable -eq $true) {
+ $APP_EKE_Sig5 = $true
+ } else {
+ $APP_EKE_Sig5 = $false
+ }
+ }
+} else {
+ if ($API_APP_EKE_Response.app_control.application.block.enable -eq $true) {
+ $APP_EKE_Enabled = $true
+ $API_APP_EKE_SIG7_Response = Invoke-RestMethod -Uri $API_APP_EKE_SIG7_URI -Method Get
+ $API_APP_EKE_SIG5_Response = Invoke-RestMethod -Uri $API_APP_EKE_SIG5_URI -Method Get
+
+ # Checking Signature 7
+ if ($API_APP_EKE_SIG7_Response.status.info.message -eq "App Control not found.") {
+ $APP_EKE_Sig7 = $true
+ } else {
+ if ($API_APP_EKE_SIG7_Response.app_control.signature.block.enable -eq $true) {
+ $APP_EKE_Sig7 = $true
+ } else {
+ $APP_EKE_Sig7 = $false
+ }
+ }
+
+ # Checking Signature 5
+ if ($API_APP_EKE_SIG5_Response.status.info.message -eq "App Control not found.") {
+ $APP_EKE_Sig5 = $true
+ } else {
+ if ($API_APP_EKE_SIG5_Response.app_control.signature.block.enable -eq $true) {
+ $APP_EKE_Sig5 = $true
+ } else {
+ $APP_EKE_Sig5 = $false
+ }
+ }
+ }
+}
+
+
+################################
+
+# Making request for above APP Control Signatures
+$API_APP_TOR_Response = Invoke-RestMethod -Uri $API_URI -Body "$API_APP_TOR_CLI" -Method Post -ContentType "Text/plain"
+# $API_APP_TOR_Response = $API_APP_TOR_Response.content
+
+# Checking if Tor is set to blocked
+if ($API_APP_TOR_Response -like "*no block*") {
+ $APP_TOR = $false
+} else {
+ $APP_TOR = $true
+}
+
+################################
+# Check if App Control is Enabled
+ $APP_Enabled = $API_APP_Response.app_control.enable
+
+
+#############################################################################################################################################
+# Checking Real Time Black List
+ $RBL_Enabled = $API_RBL_Response.rbl.enable
+
+#############################################################################################################################################
+# Checking BotNet Filter
+if ($API_BNET_Response.botnet.block.connections.all -eq $true) {
+ $BNET_Enabled = $true
+} else {
+ $BNET_Enabled = $false
+}
+
+#############################################################################################################################################
+# Checking Geo IP settings
+
+$GEO_Allowed_Countries = @()
+$GEO_Blocked_Countries = @()
+
+($GEO_BaseLine_CSV).CountryName|ForEach-Object {
+ if ($API_GEO_Response -like "*$_*") {
+ $GEO_Blocked_Countries += "$_"
+ } else {
+ $GEO_Allowed_Countries += "$_"
+ }
+}
+
+
+if ($API_GEO_Response -like "*no block connections*") {
+ $GEO_Enabled = $false
+} else {
+ $GEO_Enabled = $true
+}
+
+################################
+
+$ITG_GEO_Allowed_Countries = $GEO_Allowed_Countries -replace ","
+$ITG_GEO_Blocked_Countries = $GEO_Blocked_Countries -replace ","
+
+
+
+
+#############################################################################################################################################
+# Anti-SpyWare Section
+# Building Commands and URIs
+$API_SPY_URI = "$API_Base_URI" + "anti-spyware/global"
+
+$API_SPY_Response = Invoke-RestMethod -Uri $API_SPY_URI -Method Get
+
+$SPY_Enabled = $API_SPY_Response.anti_spyware.enable
+
+$SPY_High_Prevent = $API_SPY_Response.anti_spyware.signature_group.high_danger.prevent_all
+
+$SPY_High_Detect = $API_SPY_Response.anti_spyware.signature_group.high_danger.detect_all
+
+IF ($API_SPY_Response.anti_spyware.signature_group.high_danger.log_redundancy -eq 0) {
+ $SPY_High_Log = $false
+ }else {
+ $SPY_High_Log = $true
+ }
+
+
+$SPY_medium_Prevent = $API_SPY_Response.anti_spyware.signature_group.medium_danger.prevent_all
+
+$SPY_medium_Detect = $API_SPY_Response.anti_spyware.signature_group.medium_danger.detect_all
+
+IF ($API_SPY_Response.anti_spyware.signature_group.medium_danger.log_redundancy -eq 0) {
+ $SPY_medium_Log = $false
+ }else {
+ $SPY_medium_Log = $true
+ }
+
+
+$SPY_low_Prevent = $API_SPY_Response.anti_spyware.signature_group.low_danger.prevent_all
+
+$SPY_low_Detect = $API_SPY_Response.anti_spyware.signature_group.low_danger.detect_all
+
+IF ($API_SPY_Response.anti_spyware.signature_group.low_danger.log_redundancy -eq 0) {
+ $SPY_low_Log = $false
+ }else {
+ $SPY_low_Log = $true
+ }
+
+#############################################################################################################################################
+# Building Json Object to send to ITGlue in the format it accepts.
+$SecurityServiceData = New-Object PSObject -Property @{
+ data = [ordered]@{
+ type = "flexible-assets"
+ attributes = [ordered]@{
+ "organization-id" = $ITG_Client_ID
+ "flexible-asset-type-id" = $ITG_FLEX_TYPE_ID_SS
+ traits = [ordered]@{
+ "sonicwall" = $ITG_SW_CONFIG_ID
+ "sonicwall-model" = $SW_Model
+ "sonicwall-serial-number" = $SW_SerialNumber
+ "sonicwall-firmware-version" = $SW_FW_Ver
+ "up-time" = $SW_UpTime
+ "last-modified-date" = $SW_Mod_Date
+ "external-ip" = $IP
+ "gateway-anti-virus-enabled" = $GW_Enabled
+ "gateway-av-http-inbound-inspection" = $GW_IB_HTTP_Enabled
+ "gateway-av-http-outbound-inspection" = $GW_OB_HTTP_Enabled
+ "gateway-av-http-password-zip-files-inspection" = $GW_HTTP_PWZIP_Enabled
+ "gateway-av-http-packed-exe-files-inspection" = $GW_HTTP_PKEXE_Enabled
+ "gateway-av-http-marco-files-inspection" = $GW_HTTP_Macros_Enabled
+ "gateway-av-ftp-inbound-inspection" = $GW_IB_FTP_Enabled
+ "gateway-av-ftp-outbound-inspection" = $GW_OB_FTP_Enabled
+ "gateway-av-ftp-password-zip-file-inspection" = $GW_FTP_PWZIP_Enabled
+ "gateway-av-ftp-packed-exe-file-inspection" = $GW_FTP_PKEXE_Enabled
+ "gateway-av-ftp-marco-file-inspection" = $GW_FTP_Macros_Enabled
+ "gateway-av-imap-inbound-inspection" = $GW_IB_IMAP_Enabled
+ "gateway-av-imap-password-zip-file-inspection" = $GW_IMAP_PWZIP_Enabled
+ "gateway-av-imap-packed-exe-file-inspection" = $GW_IMAP_PKEXE_Enabled
+ "gateway-av-imap-marco-file-inspecition" = $GW_IMAP_Macros_Enabled
+ "gateway-av-smtp-inbound-inspection" = $GW_IB_SMTP_Enabled
+ "gateway-av-smtp-outbound-inspection" = $GW_OB_SMTP_Enabled
+ "gateway-av-smtp-password-zip-file-inspection" = $GW_SMTP_PWZIP_Enabled
+ "gateway-av-smtp-packed-exe-file-inspection" = $GW_SMTP_PKEXE_Enabled
+ "gateway-av-smtp-marco-file-inspection" = $GW_SMTP_Macros_Enabled
+ "gateway-av-pop3-inbound-inspection" = $GW_IB_POP3_Enabled
+ "gateway-av-pop3-password-zip-file-inspection" = $GW_POP3_PWZIP_Enabled
+ "gateway-av-pop3-packed-exe-file-inspection" = $GW_POP3_PKEXE_Enabled
+ "gateway-av-pop3-macro-file-inspection" = $GW_POP3_Macros_Enabled
+ "gateway-av-cifs-inbound-inspection" = $GW_IB_CIFS_Enabled
+ "gateway-av-cifs-password-zip-file-inspection" = $GW_CIFS_PWZIP_Enabled
+ "gateway-av-cifs-packed-exe-file-inspection" = $GW_CIFS_PKEXE_Enabled
+ "gateway-av-cifs-macro-file-inspection" = $GW_CIFS_Macros_Enabled
+ "gateway-av-tcp-stream-inbound-inspection" = $GW_IB_TCP_Enabled
+ "gateway-av-tcp-stream-outbound-inspection" = $GW_OB_TCP_Enabled
+ "intrusion-prevention-system-enabled" = $IPS_Enabled
+ "prevent-high-priority-attacks" = $IPS_High_Prevent
+ "detect-high-priority-attacks" = $IPS_High_Detect
+ "log-high-priority-attacks" = $IPS_High_Log
+ "prevent-medium-priority-attacks" = $IPS_Medium_Prevent
+ "detect-medium-priority-attacks" = $IPS_Medium_Detect
+ "log-medium-priority-attacks" = $IPS_Medium_Log
+ "prevent-low-priority-attacks" = $IPS_Low_Prevent
+ "detect-low-priority-attacks" = $IPS_Low_Detect
+ "log-low-priority-attacks" = $IPS_Low_Log
+ "app-control-enabled" = $APP_Enabled
+ "encrypted-key-exchange-blocked" = $APP_EKE_Enabled
+ "tor-blocked" = $APP_TOR
+ "encrypted-key-exchange-signature-7-blocked" = $APP_EKE_Sig7
+ "encrypted-key-exchange-signature-5-blocked" = $APP_EKE_Sig5
+ "realTime-black-list-enabled" = $RBL_Enabled
+ "anti-spyware-enabled" = $SPY_Enabled
+ "prevent-high-danger-spyware" = $SPY_High_Prevent
+ "detect-high-danger-spyware" = $SPY_High_Detect
+ "log-high-danger-spyware" = $SPY_High_Log
+ "prevent-medium-danger-spyware" = $SPY_medium_Prevent
+ "detect-medium-danger-spyware" = $SPY_medium_Detect
+ "log-medium-danger-spyware" = $SPY_medium_Log
+ "prevent-low-danger-spyware" = $SPY_low_Prevent
+ "detect-low-danger-spyware" = $SPY_low_Detect
+ "log-low-danger-spyware" = $SPY_low_Log
+ "botNet-filter-enabled" = $BNET_Enabled
+ "geo-ip-filtering-enabled" = $GEO_Enabled
+ "allowed-countries" = "" + ((($ITG_GEO_Allowed_Countries) -replace '"') -join '
') + ""
+ "blocked-countries" = "" + ((($ITG_GEO_Blocked_Countries) -replace '"') -join '
') + ""
+ }
+ }
+
+ }
+}
+#############################################################################################################################################
+# Gathering Address Objects
+# Pull all Address Objects from Sonicwall
+# IPv4 Address Objects URL
+$SW_IPv4_AddObj_URI = $API_Base_URI + "address-objects/ipv4"
+$API_SW_AO_Results = Invoke-RestMethod -Method Get -Uri "$SW_IPv4_AddObj_URI"
+
+# Pull all Address Objects from Sonicwall
+# FQDN Address Objects URL
+$SW_FQDN_AddObj_URI = $API_Base_URI + "address-objects/fqdn"
+$API_SW_AO_Results_FQDN = Invoke-RestMethod -Method Get -Uri "$SW_FQDN_AddObj_URI"
+
+# Pull all Address Objects from Sonicwall
+# MAC Address Objects URL
+$SW_MAC_AddObj_URI = $API_Base_URI + "address-objects/mac"
+$API_SW_AO_Results_MAC = Invoke-RestMethod -Method Get -Uri "$SW_MAC_AddObj_URI"
+
+
+# Break out the output into separate variables, hosts, networks (subnets) and Ranges
+$AllHosts = $API_SW_AO_Results.address_objects.ipv4|Where-Object -Property host -ne -value $null
+$AllNetworks = $API_SW_AO_Results.address_objects.ipv4|Where-Object -Property network -ne -value $null
+$AllRanges = $API_SW_AO_Results.address_objects.ipv4|Where-Object -Property range -ne -value $null
+
+# FQDN
+$AllFQDN = $API_SW_AO_Results_FQDN.address_objects.fqdn
+
+# MAC
+$AllMAC = $API_SW_AO_Results_MAC.address_objects.mac
+
+# Clean up results to remove any objects without a zone assigned
+$AllHosts = $AllHosts|Where-Object -Property zone -ne -value $null
+$AllNetworks = $AllNetworks|Where-Object -Property zone -ne -value $null
+$AllRanges = $AllRanges|Where-Object -Property zone -ne -value $null
+$AllFQDN = $AllFQDN|Where-Object -Property zone -ne -value $null
+$AllMAC = $AllMAC|Where-Object -Property zone -ne -value $null
+
+# Creating empty arrays to use to segment in the AddressObjects array.
+$arrAddressObjects = @()
+$arrAOHosts = @()
+$arrAONetworks = @()
+$arrAORanges = @()
+$arrAOFQDN = @()
+$arrAOMAC = @()
+
+
+# Create Json Object for each Host in a format that ITGlue will accept
+ForEach ($object in $AllHosts) {
+
+
+ $AddressObjectData = New-Object PSObject -Property @{
+ data = [ordered]@{
+ type = "flexible-assets"
+ attributes = [ordered]@{
+ "organization-id" = $ITG_Client_ID
+ "flexible-asset-type-id" = $ITG_FLEX_TYPE_ID_AO
+ traits = [ordered]@{
+ "sonicwall" = $ITG_SW_CONFIG_ID
+ "address-object-name" = $object.Name
+ "uuid" = $object.uuid
+ "zone" = $object.zone
+ "object-type" = "Host"
+ "object-value" = $object.host.ip
+ }
+ }
+ }
+ }
+$arrAOHosts += $AddressObjectData
+Remove-Variable AddressObjectData
+}
+
+
+# Create Json Object for each Network in a format that ITGlue will accept
+ForEach ($object in $AllNetworks) {
+ # Calculate the network suffix to add to the subnet
+ $objMask = $object.network.mask
+ ($IPLength = Convert-IpAddressToMaskLength $objMask) *>$null
+ $IPValue = $object.network.subnet + " / " + $IPLength + " / " + $objMask
+
+ $AddressObjectData = New-Object PSObject -Property @{
+ data = [ordered]@{
+ type = "flexible-assets"
+ attributes = [ordered]@{
+ "organization-id" = $ITG_Client_ID
+ "flexible-asset-type-id" = $ITG_FLEX_TYPE_ID_AO
+ traits = [ordered]@{
+ "sonicwall" = $ITG_SW_CONFIG_ID
+ "address-object-name" = $object.Name
+ "uuid" = $object.uuid
+ "zone" = $object.zone
+ "object-type" = "Network"
+ "object-value" = $IPValue
+
+ }
+ }
+ }
+ }
+
+$arrAONetworks += $AddressObjectData
+Remove-Variable AddressObjectData,objMask,IPLength,IPValue
+}
+
+
+# Create Json Object for each Range in a format that ITGlue will accept
+ForEach ($object in $AllRanges) {
+ # Bring the start and end IPs together
+ $StartIP = $object.range.begin
+ $EndIP = $object.range.end
+ $IPRange = $StartIP + " - " + $EndIP
+
+ $AddressObjectData = New-Object PSObject -Property @{
+ data = [ordered]@{
+ type = "flexible-assets"
+ attributes = [ordered]@{
+ "organization-id" = $ITG_Client_ID
+ "flexible-asset-type-id" = $ITG_FLEX_TYPE_ID_AO
+ traits = [ordered]@{
+ "sonicwall" = $ITG_SW_CONFIG_ID
+ "address-object-name" = $object.Name
+ "uuid" = $object.uuid
+ "zone" = $object.zone
+ "object-type" = "Range"
+ "object-value" = $IPRange
+
+ }
+ }
+ }
+ }
+
+$arrAORanges += $AddressObjectData
+Remove-Variable AddressObjectData,StartIP,EndIP,IPRange
+}
+
+# Create Json Object for each FQDN in a format that ITGlue will accept
+ForEach ($object in $AllFQDN) {
+
+
+ $AddressObjectData = New-Object PSObject -Property @{
+ data = [ordered]@{
+ type = "flexible-assets"
+ attributes = [ordered]@{
+ "organization-id" = $ITG_Client_ID
+ "flexible-asset-type-id" = $ITG_FLEX_TYPE_ID_AO
+ traits = [ordered]@{
+ "sonicwall" = $ITG_SW_CONFIG_ID
+ "address-object-name" = $object.Name
+ "uuid" = $object.uuid
+ "zone" = $object.zone
+ "object-type" = "FQDN"
+ "object-value" = $object.domain
+ }
+ }
+ }
+ }
+$arrAOFQDN += $AddressObjectData
+Remove-Variable AddressObjectData
+}
+
+# Create Json Object for each MAC in a format that ITGlue will accept
+ForEach ($object in $AllMAC) {
+
+
+ $AddressObjectData = New-Object PSObject -Property @{
+ data = [ordered]@{
+ type = "flexible-assets"
+ attributes = [ordered]@{
+ "organization-id" = $ITG_Client_ID
+ "flexible-asset-type-id" = $ITG_FLEX_TYPE_ID_AO
+ traits = [ordered]@{
+ "sonicwall" = $ITG_SW_CONFIG_ID
+ "address-object-name" = $object.Name
+ "uuid" = $object.uuid
+ "zone" = $object.zone
+ "object-type" = "MAC"
+ "object-value" = $object.address
+ }
+ }
+ }
+ }
+$arrAOMAC += $AddressObjectData
+Remove-Variable AddressObjectData
+}
+
+# Combing all objects found into a parent array.
+# Still need to do MAC and FQDN, will worry about those later.
+$arrAddressObjects += $arrAOHosts
+$arrAddressObjects += $arrAONetworks
+$arrAddressObjects += $arrAORanges
+$arrAddressObjects += $arrAOFQDN
+$arrAddressObjects += $arrAOMAC
+
+#############################################################################################################################################
+# Combining Security Services and Address Object Data
+$UpdateData = @()
+$UpdateData += $SecurityServiceData
+$UpdateData += $arrAddressObjects
+
+ConvertTo-Json -InputObject $UpdateData -Depth 100 | Write-OutPut
+
+} else {
+ Write-OutPut "Failed to Connect to Sonicwall"
+}
\ No newline at end of file
diff --git a/DataCollection/RB-RetrieveSWPassword.ps1 b/DataCollection/RB-RetrieveSWPassword.ps1
new file mode 100644
index 0000000..95deaa9
--- /dev/null
+++ b/DataCollection/RB-RetrieveSWPassword.ps1
@@ -0,0 +1,257 @@
+# Building the accepted Paramaters
+# Parameter help description
+Param(
+ [string]$IP,
+ [int32]$ITGClientID,
+ [string]$Client_Name,
+ [string]$Client_Location_Name
+ )
+###################################################################################################################################
+# Access Key Vault for ITGlue API Key
+$connectionName = "AzureRunAsConnection"
+try
+{
+ # Get the connection "AzureRunAsConnection "
+ $servicePrincipalConnection=Get-AutomationConnection -Name $connectionName
+
+ Add-AzureRmAccount `
+ -ServicePrincipal `
+ -TenantId $servicePrincipalConnection.TenantId `
+ -ApplicationId $servicePrincipalConnection.ApplicationId `
+ -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint
+}
+catch {
+ if (!$servicePrincipalConnection)
+ {
+ $ErrorMessage = "Connection $connectionName not found."
+ throw $ErrorMessage
+ } else{
+ Write-Error -Message $_.Exception
+ throw $_.Exception
+ }
+}
+$Az_ITG_PW_API_KEY_Name = "Api-Key-Name-Password-Access"
+$ITG_API_KEY = (Get-AzureKeyVaultSecret -VaultName EntechInternalKeyVault -Name "$Az_ITG_PW_API_KEY_Name").SecretValueText
+#############################################################################################################################################
+# Building ITGlue Headers
+$ITGlue_Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
+$ITGlue_Headers.Add("Content-Type", 'application/vnd.api+json')
+$ITGlue_Headers.Add('x-api-key', $ITG_API_Key)
+
+#############################################################################################################################################
+# Setting Azure Runbook Variables
+$Az_SW_Data_Collection_Runbook = "Collect_Sonicwall_Data" # Running "Security Services - CompareSettings.ps1"
+$Az_Resource_Group = "Azure_Resource_Group"
+$Az_Automation_Account = "Azure_Automation_Account_Name"
+$Az_Hybrid_Worker = "On_Prem_Group"
+
+#############################################################################################################################################
+# Setting Static IDs for the Sonicwall Password and Flexible asset type IDs for Security Services and others.
+$ITG_PW_ID = "112211"
+$ITG_FLEX_TYPE_ID_SS = "112233"
+$ITG_FLEX_TYPE_ID_AO = "112244"
+$ITG_FLEX_TYPE_ID_AG = "112255"
+$ITG_FLEX_TYPE_ID_SO = "112266"
+$ITG_FLEX_TYPE_ID_SG = "112277"
+$ITG_FLEX_TYPE_ID_AR = "112288"
+$ITG_Flex_URI = "https://api.itglue.com/flexible_assets/"
+
+#############################################################################################################################################
+# Pulling Password for this sonicwall/client from ITGlue
+# First step is to list all the Passwords that match the sonicwall admin portal
+$ITG_Client_ID = "$ITGClientID"
+
+# Need to change to Invoke-RestMethod instead of ITGlue API Command
+$ITG_API_Request_PWs = "https://api.itglue.com/passwords?organization_id=$ITG_Client_ID&filter[password_category_id]=$ITG_PW_ID"
+$ITG_Client_PWs = Invoke-RestMethod -Method GET -Uri $ITG_API_Request_PWs -Headers $ITGlue_Headers
+Start-sleep -Seconds 2
+$ITG_Client_SW_PWid = ([System.Uri]($ITG_Client_PWs.data.attributes|Select-Object -First 1)."resource-url").segments|Select-Object -Last 1
+
+# Now we'll query the password directly to get the username and password
+$ITG_API_Request_SW_PW = "https://api.itglue.com/organizations/$ITG_Client_ID/relationships/passwords/$ITG_Client_SW_PWid"
+
+$ITG_SW_Creds = Invoke-RestMethod -Method GET -Uri $ITG_API_Request_SW_PW -Headers $ITGlue_Headers
+Start-Sleep -Seconds 2
+$Username = $ITG_SW_Creds.data.attributes.username
+$Password = $ITG_SW_Creds.data.attributes.password
+
+# Generating Basic Auth Format
+$credPair = "$($username):$($password)"
+$encodedCredentials = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($credPair))
+
+#############################################################################################################################################
+# Checking to see if username and password exists, if empty will report that.
+if ($Username -eq $null) {
+ Write-Error "No Sonicwall Credentials Found for Client"
+ } else {
+
+#############################################################################################################################################
+# Starting 2nd Runbook to Collect Data, connects to on prem, Hybrid Worker Server since sonicwalls are only allowed to talk to our IP Addresses.
+# Parameters passed to the Runbook,IP ITGLue Client,the encoded Sonicwall Credentials, Client Name and Location Name.
+$SW_DATA_Collect_Param = @{"IP"="$IP";"ITGClientID"="$ITGClientID";"encodedCredentials"="$encodedCredentials";"Client_Name"="$Client_Name";"Client_Location_Name"="$Client_Location_Name"}
+
+$SW_DATA = Start-AzureRmAutomationRunbook -Wait -Parameters $SW_DATA_Collect_Param -Name "$Az_SW_Data_Collection_Runbook" -ResourceGroupName "$Az_Resource_Group" -RunOn "$Az_Hybrid_Worker" -MaxWaitSeconds 1000 -AutomationAccountName "$Az_Automation_Account"
+
+#############################################################################################################################################
+# If the Runbook returns Failed to Connect to Sonicwall, we need to report on that.
+if ($SW_DATA -eq "Failed to Connect to Sonicwall") {
+ Write-Error -Message 'Failed to Connect to Sonicwall, Please check the following:
+ SonicWall API is enabled and Basic Auth is allowed
+ Sonicwall Password is correct for client, ensure the password in ITGlue is the same for all Sonicwall they have
+ Sonicwall is on version 6.5.3 or higher.'
+
+} else {
+
+########################################################################################################################################
+# First separate each flexible asset into its own section to be checked
+# This is building out for future versions also, currently Address Objects and Security Services are syncing with ITGlue only.
+
+# Address Objects use Flexible Asset ID 124964
+$SW_Address_Objects = $SW_DATA|Where-Object {$_.data.attributes.'flexible-asset-type-id' -eq $ITG_FLEX_TYPE_ID_AO}
+
+# Address Groups use Flexible Asset ID 124966
+$SW_Address_Groups = $SW_DATA|Where-Object {$_.data.attributes.'flexible-asset-type-id' -eq $ITG_FLEX_TYPE_ID_AG}
+
+# Service Objects use Flexible Asset ID 124967
+$SW_Service_Objects = $SW_DATA|Where-Object {$_.data.attributes.'flexible-asset-type-id' -eq $ITG_FLEX_TYPE_ID_SO}
+
+# Service Groups use Flexible Asset ID 124968
+$SW_Service_Groups = $SW_DATA|Where-Object {$_.data.attributes.'flexible-asset-type-id' -eq $ITG_FLEX_TYPE_ID_SG}
+
+# Access Rules use Flexible Asset ID 124962
+$SW_Access_Rules = $SW_DATA|Where-Object {$_.data.attributes.'flexible-asset-type-id' -eq $ITG_FLEX_TYPE_ID_AR}
+
+# Security Services use Flexible Asset ID 117956
+$SW_Security_Services = $SW_DATA|Where-Object {$_.data.attributes.'flexible-asset-type-id' -eq $ITG_FLEX_TYPE_ID_SS}
+
+#############################################################################################################################################
+
+# Next step is to find the flexible asset we need to update or create for this sonicwall
+# Finding all the flexible assets for specific client, filtering using the flex type id
+
+$ITG_API_Client_Flex = "https://api.itglue.com/flexible_assets/?filter[organization_id]=$ITG_Client_ID&filter[flexible_asset_type_id]=$ITG_FLEX_TYPE_ID_SS"
+
+$ITG_Client_SWSS_Assets = Invoke-RestMethod -Method Get -Uri $ITG_API_Client_Flex -Headers $ITGlue_Headers
+# Parsing the output and finding the one that matches the firewall that we just queried
+Start-Sleep -Seconds 2
+$SW_SerialNumber = $SW_Security_Services.data.attributes.traits."sonicwall-serial-number"
+[string]$SW_SerialNumber = $SW_SerialNumber.trim()
+
+# Search ITGlue configs for the sonicwall
+# Setting search URI for sonicwall config, based on the client ITG ID Sonicwall
+# Setting URI First
+$ITG_Config_Search_URI = "https://api.itglue.com/configurations/?filter[organization_id]=$ITG_Client_ID&page[size]=1&filter[serial_number]=$SW_SerialNumber&filter[configuration_status_name]=Active&include=related_items,adapters_resources"
+
+# Putting the Results inside of a variable
+$ITG_Config_Search_Results = Invoke-RestMethod -Method Get -Uri $ITG_Config_Search_URI -Headers $ITGlue_Headers
+Start-Sleep -Seconds 2
+$ITG_ID_of_Sonicwall_Config = $ITG_Config_Search_Results.data.id
+# Check to see if Sonicwall Found Matches the Serial Number searched with.
+$ITG_Found_SW_Serial_Number = $ITG_Config_Search_Results.data.attributes.'serial-number'
+
+if ($ITG_Found_SW_Serial_Number -eq $SW_SerialNumber) {
+
+$ITG_Client_SWSS_Assets.data.attributes|Select-Object resource-url -ExpandProperty traits|ForEach-Object {
+ $Temp_ITG_FLEX_SW_SN = $_."sonicwall-serial-number"
+ [string]$Temp_ITG_FLEX_SW_SN = $Temp_ITG_FLEX_SW_SN.trim()
+ $Temp_ITG_FLEX_ID = (([System.Uri]($_)."resource-url").segments|Select-Object -Last 1)
+ if ($Temp_ITG_FLEX_SW_SN -eq $SW_SerialNumber) {
+ $ITG_Flex_ID = $Temp_ITG_FLEX_ID
+ }
+ # Temp Text Outputs for troubleshooting
+ "Found SS Flex ID $ITG_Flex_ID"
+ "Temp ITG Flex Sonicwall Serial Number $Temp_ITG_FLEX_SW_SN"
+ "Temp ITG Flex Id Found $Temp_ITG_FLEX_ID"
+}
+# Update returned Sonicwall Security Services Data with the sonicwall config found in ITGlue to tag.
+$SW_Security_Services.data.attributes.traits.sonicwall = $ITG_ID_of_Sonicwall_Config
+
+if ($ITG_Flex_ID -eq $null) {
+ # The if statement found that flexible asset was null so couldn't find an existing flexible asset with this info for this company
+ # This means we will need to create the flexible Asset as this is probably the initial config.
+ $jsondata = $SW_Security_Services|ConvertTo-Json -Depth 100 | ForEach-Object { [System.Text.RegularExpressions.Regex]::Unescape($_) }
+
+ # Performing the actual update, Later add a try statement and error handling so we can report on issues updating the information.
+ $ITG_Flex_Update_Results = Invoke-RestMethod -Method Post -Uri $ITG_Flex_URI -Headers $ITGlue_Headers -Body $jsondata -ContentType "application/vnd.api+json; charset=utf-8"
+ Start-Sleep -Seconds 2
+} else {
+ # We Found a Flexible Asset that matches the sonicwall we just queried. So now we will update the information in ITGlue.
+
+ # Converting the $Data variable to json format to put in the body of the Flexible Asset
+ $jsondata = $SW_Security_Services|ConvertTo-Json -Depth 100 | ForEach-Object { [System.Text.RegularExpressions.Regex]::Unescape($_) }
+
+ $ITG_Flex_SS_URI = ("$ITG_Flex_URI" + "$ITG_Flex_ID")
+
+ # Performing the actual update, Later add a try statement and error handling so we can report on issues updating the information.
+ $ITG_Flex_Update_Results = Invoke-RestMethod -Method Patch -Uri $ITG_Flex_SS_URI -Headers $ITGlue_Headers -Body $jsondata -ContentType "application/vnd.api+json; charset=utf-8"
+ Start-Sleep -Seconds 2
+}
+Remove-Variable ITG_Client_SWSS_Assets
+$ITG_Flex_Update_Results
+#############################################################################################################################################
+# Running If statement to see if we returned a sonicwall.
+if ($ITG_Config_Search_Results.data.attributes -eq $null) {
+ # No sonicwall Found
+ "No Sonicwall Found to tag"
+} else {
+ # Found an active sonicwall that matches the Serial Number
+#############################################################################################################################################
+# Going to Start with Address Objects, Create/Update those.
+# Setting Variables to Search with
+$ITG_AO_Flex_Name = "SonicWALL Address Objects"
+# URI to search for all Sonicwall Address Objects for specific client, will use this info to compare the UUID and match Flexible assets up.
+$ITG_All_AO_Flex_URI = "https://api.itglue.com/flexible_assets/?filter[organization-id]=$ITG_Client_ID&filter[flexible-asset-type-id]=$ITG_FLEX_TYPE_ID_AO&page[size]=1000"
+
+# Performing the Address Object search for specific client
+$ITG_All_AO_Flex_Search_Results = Invoke-RestMethod -Method Get -Headers $ITGlue_Headers -Uri $ITG_All_AO_Flex_URI
+Start-Sleep -Seconds 1
+# Starting Loop to process the returned Address Objects
+ foreach ($AddressObject in $SW_Address_Objects) {
+ # First need to add the ID of the found Sonicwall to update the tag info for each Object
+ $AddressObject.data.attributes.traits.sonicwall = $ITG_ID_of_Sonicwall_Config
+
+ # Put UUID of Address Object into Variable to search based off of.
+ [string]$Cur_AO_UUID = ($AddressObject.data.attributes.traits.uuid).trim()
+
+ # Searching to see if there is an address object already, based on the UUID and attached to the sonicwall found
+ $Cur_AO_Search = $ITG_All_AO_Flex_Search_Results.data | Where-Object {$_.attributes.traits.uuid -eq "$Cur_AO_UUID" -and $_.attributes.traits.sonicwall.values.id -eq $ITG_ID_of_Sonicwall_Config}
+
+ # Searching to see if there is an address object already, based on Name and attached to sonicwall
+ $Cur_AO_Name = $AddressObject.data.attributes.traits.'address-object-name'
+
+
+ If ($Cur_AO_Search -eq $null) {
+ # Create New Config for Address Object
+ "Creating New Config for $Cur_AO_Name with UUID of $Cur_AO_UUID"
+ Invoke-RestMethod -Method Post -Uri $ITG_Flex_URI -Headers $ITGlue_Headers -ContentType "application/vnd.api+json; charset=utf-8" -Body ($AddressObject|ConvertTo-Json -Depth 100 | ForEach-Object { [System.Text.RegularExpressions.Regex]::Unescape($_) })
+ Start-Sleep -Seconds 1
+
+ } else {
+ # Update Existing
+ "Cur_AO_Search:"
+ $Cur_AO_Search | ConvertTo-Json -Depth 100
+ [int32]$Cur_AO_ITG_ID = ($Cur_AO_Search.id).trim()
+ "Cur_AO_ITG_ID:"
+ $Cur_AO_ITG_ID
+ "ITG_Flex_URI:"
+ $ITG_Flex_URI
+ "Combined URI:"
+ ($ITG_Flex_URI + $Cur_AO_ITG_ID)
+ "Updating Existing Config for $Cur_AO_Name with UUID of $Cur_AO_UUID and ITGlue ID of $Cur_AO_ITG_ID"
+ Invoke-RestMethod -Method Patch -Uri ($ITG_Flex_URI + $Cur_AO_ITG_ID) -headers $ITGlue_Headers -ContentType "application/vnd.api+json; charset=utf-8" -Body ($AddressObject|ConvertTo-Json -Depth 100 | ForEach-Object { [System.Text.RegularExpressions.Regex]::Unescape($_) })
+ Start-Sleep -Seconds 1
+ Remove-Variable Cur_AO_ITG_ID
+ }
+ Remove-Variable Cur_AO_Name,Cur_AO_Search,Cur_AO_UUID
+
+ }
+
+############################################################################################################################################
+# This section will be for address groups
+
+}
+} else {
+ Write-Error "Reported Serial Number ($SW_SerialNumber) doesn't match the found sonicwall ($ITG_Found_SW_Serial_Number). Will not update or create Flexible Assets."
+}
+}
+}
\ No newline at end of file
diff --git a/Flexible Asset Type Details/FA_SW_Address_Objects.json b/Flexible Asset Type Details/FA_SW_Address_Objects.json
new file mode 100644
index 0000000..8edfeaa
--- /dev/null
+++ b/Flexible Asset Type Details/FA_SW_Address_Objects.json
@@ -0,0 +1,187 @@
+{
+ "data": [
+ {
+ "id": "1429472",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 1,
+ "name": "SonicWALL",
+ "kind": "Tag",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": "Configurations",
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "sonicwall",
+ "created-at": "2019-04-09T18:19:31.000Z",
+ "updated-at": "2019-04-09T18:19:31.000Z",
+ "flexible-asset-type-id": 124964,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "124964",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1428211",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 2,
+ "name": "Address Object Name",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": true,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "address-object-name",
+ "created-at": "2019-04-09T14:44:23.000Z",
+ "updated-at": "2019-04-09T18:19:31.000Z",
+ "flexible-asset-type-id": 124964,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "124964",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1428212",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 3,
+ "name": "UUID",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "uuid",
+ "created-at": "2019-04-09T14:44:23.000Z",
+ "updated-at": "2019-04-09T18:19:31.000Z",
+ "flexible-asset-type-id": 124964,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "124964",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1428213",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 4,
+ "name": "Zone",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "zone",
+ "created-at": "2019-04-09T14:44:23.000Z",
+ "updated-at": "2019-04-09T18:19:31.000Z",
+ "flexible-asset-type-id": 124964,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "124964",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1428214",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 5,
+ "name": "Object Type",
+ "kind": "Select",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "object-type",
+ "created-at": "2019-04-09T14:44:23.000Z",
+ "updated-at": "2019-04-09T18:19:31.000Z",
+ "flexible-asset-type-id": 124964,
+ "default-value": "Network\nHost\nFQDN\nRange\nMAC"
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "124964",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1428215",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 6,
+ "name": "Object Value",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "object-value",
+ "created-at": "2019-04-09T14:44:23.000Z",
+ "updated-at": "2019-04-09T18:19:31.000Z",
+ "flexible-asset-type-id": 124964,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "124964",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ }
+ ],
+ "meta": {
+ "current-page": 1,
+ "next-page": null,
+ "prev-page": null,
+ "total-pages": 1,
+ "total-count": 6,
+ "filters": {}
+ },
+ "links": {}
+}
\ No newline at end of file
diff --git a/Flexible Asset Type Details/FA_SW_Security_Services.json b/Flexible Asset Type Details/FA_SW_Security_Services.json
new file mode 100644
index 0000000..35dbfbf
--- /dev/null
+++ b/Flexible Asset Type Details/FA_SW_Security_Services.json
@@ -0,0 +1,2536 @@
+{
+ "data": [
+ {
+ "id": "1509415",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 1,
+ "name": "SonicWALL",
+ "kind": "Tag",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": "Configurations",
+ "required": true,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "sonicwall",
+ "created-at": "2019-06-04T14:21:18.000Z",
+ "updated-at": "2019-06-04T14:27:46.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1332064",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 2,
+ "name": "SonicWALL Model",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": true,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "sonicwall-model",
+ "created-at": "2019-02-04T15:04:50.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1332065",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 3,
+ "name": "SonicWALL Serial Number",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": true,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "sonicwall-serial-number",
+ "created-at": "2019-02-04T15:04:50.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1407798",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 4,
+ "name": "SonicWALL Firmware Version",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "sonicwall-firmware-version",
+ "created-at": "2019-03-28T13:53:34.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1407799",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 5,
+ "name": "Up Time",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "up-time",
+ "created-at": "2019-03-28T13:53:34.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1407795",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 6,
+ "name": "Last Modified Date",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "last-modified-date",
+ "created-at": "2019-03-28T13:32:27.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1407796",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 7,
+ "name": "External IP",
+ "kind": "Text",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "external-ip",
+ "created-at": "2019-03-28T13:32:27.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": null
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331378",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 8,
+ "name": "Gateway Anti-Virus",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-anti-virus",
+ "created-at": "2019-02-01T21:45:01.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331383",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 9,
+ "name": "Gateway Anti-Virus Enabled",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-anti-virus-enabled",
+ "created-at": "2019-02-01T21:49:06.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331424",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 10,
+ "name": "HTTP Inspection",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "http-inspection",
+ "created-at": "2019-02-01T22:13:43.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331393",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 11,
+ "name": "Gateway AV HTTP Inbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-http-inbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331394",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 12,
+ "name": "Gateway AV HTTP Outbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-http-outbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331395",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 13,
+ "name": "Gateway AV HTTP Password Zip Files Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-http-password-zip-files-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331396",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 14,
+ "name": "Gateway AV HTTP Packed EXE Files Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-http-packed-exe-files-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331397",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 15,
+ "name": "Gateway AV HTTP Marco Files Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-http-marco-files-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331425",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 16,
+ "name": "FTP Inspection",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "ftp-inspection",
+ "created-at": "2019-02-01T22:13:43.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331398",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 17,
+ "name": "Gateway AV FTP Inbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-ftp-inbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331399",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 18,
+ "name": "Gateway AV FTP Outbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-ftp-outbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331400",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 19,
+ "name": "Gateway AV FTP Password Zip File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-ftp-password-zip-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331401",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 20,
+ "name": "Gateway AV FTP Packed EXE File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-ftp-packed-exe-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331402",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 21,
+ "name": "Gateway AV FTP Marco File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-ftp-marco-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331426",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 22,
+ "name": "IMAP Inspection",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "imap-inspection",
+ "created-at": "2019-02-01T22:13:43.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331403",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 23,
+ "name": "Gateway AV IMAP Inbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-imap-inbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331404",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 24,
+ "name": "Gateway AV IMAP Password Zip File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-imap-password-zip-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331405",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 25,
+ "name": "Gateway AV IMAP Packed EXE File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-imap-packed-exe-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331406",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 26,
+ "name": "Gateway AV IMAP Marco File Inspecition",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-imap-marco-file-inspecition",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331427",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 27,
+ "name": "SMTP Inspection",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "smtp-inspection",
+ "created-at": "2019-02-01T22:13:43.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331407",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 28,
+ "name": "Gateway AV SMTP Inbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-smtp-inbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331408",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 29,
+ "name": "Gateway AV SMTP Outbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-smtp-outbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331409",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 30,
+ "name": "Gateway AV SMTP Password Zip File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-smtp-password-zip-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331410",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 31,
+ "name": "Gateway AV SMTP Packed EXE File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-smtp-packed-exe-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331411",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 32,
+ "name": "Gateway AV SMTP Marco File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-smtp-marco-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:17.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331428",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 33,
+ "name": "POP3 Inspection",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "pop3-inspection",
+ "created-at": "2019-02-01T22:13:43.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331412",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 34,
+ "name": "Gateway AV POP3 Inbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-pop3-inbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331413",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 35,
+ "name": "Gateway AV POP3 Password Zip File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-pop3-password-zip-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331414",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 36,
+ "name": "Gateway AV POP3 Packed EXE File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-pop3-packed-exe-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331415",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 37,
+ "name": "Gateway AV POP3 Macro File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-pop3-macro-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331429",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 38,
+ "name": "CIFS Inspection",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "cifs-inspection",
+ "created-at": "2019-02-01T22:13:43.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331416",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 39,
+ "name": "Gateway AV CIFS Inbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-cifs-inbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331417",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 40,
+ "name": "Gateway AV CIFS Password Zip File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-cifs-password-zip-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331418",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 41,
+ "name": "Gateway AV CIFS Packed EXE File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-cifs-packed-exe-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331419",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 42,
+ "name": "Gateway AV CIFS Macro File Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-cifs-macro-file-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331430",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 43,
+ "name": "TCP Stream Inspection",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "tcp-stream-inspection",
+ "created-at": "2019-02-01T22:13:43.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331420",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 44,
+ "name": "Gateway AV TCP Stream Inbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-tcp-stream-inbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1331421",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 45,
+ "name": "Gateway AV TCP Stream Outbound Inspection",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "gateway-av-tcp-stream-outbound-inspection",
+ "created-at": "2019-02-01T22:08:08.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333209",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 46,
+ "name": "Intrusion Prevention System",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "intrusion-prevention-system",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333210",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 47,
+ "name": "Intrusion Prevention System Enabled",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "intrusion-prevention-system-enabled",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333211",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 48,
+ "name": "High Priority Attacks",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "high-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333212",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 49,
+ "name": "Prevent High Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "prevent-high-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333213",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 50,
+ "name": "Detect High Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "detect-high-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333214",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 51,
+ "name": "Log High Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "log-high-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333215",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 52,
+ "name": "Medium Priority Attacks",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "medium-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333216",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 53,
+ "name": "Prevent Medium Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "prevent-medium-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333217",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 54,
+ "name": "Detect Medium Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "detect-medium-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333218",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 55,
+ "name": "Log Medium Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "log-medium-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333219",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 56,
+ "name": "Low Priority Attacks",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "low-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333220",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 57,
+ "name": "Prevent Low Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "prevent-low-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333221",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 58,
+ "name": "Detect Low Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "detect-low-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333222",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 59,
+ "name": "Log Low Priority Attacks",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "log-low-priority-attacks",
+ "created-at": "2019-02-04T20:15:39.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333236",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 60,
+ "name": "App Control",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "app-control",
+ "created-at": "2019-02-04T20:34:18.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333237",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 61,
+ "name": "App Control Enabled",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "app-control-enabled",
+ "created-at": "2019-02-04T20:34:18.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333238",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 62,
+ "name": "Tor Blocked",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "tor-blocked",
+ "created-at": "2019-02-04T20:34:18.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368443",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 63,
+ "name": "Encrypted Key Exchange Blocked",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "encrypted-key-exchange-blocked",
+ "created-at": "2019-03-05T14:06:09.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368444",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 64,
+ "name": "Encrypted Key Exchange Signature 5 Blocked",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "encrypted-key-exchange-signature-5-blocked",
+ "created-at": "2019-03-05T14:06:09.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333239",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 65,
+ "name": "Encrypted Key Exchange Signature 7 Blocked",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "encrypted-key-exchange-signature-7-blocked",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333240",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 66,
+ "name": "RealTime Black List",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "realtime-black-list",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333241",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 67,
+ "name": "RealTime Black List Enabled",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "realtime-black-list-enabled",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333242",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 68,
+ "name": "BotNet Filter",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "botnet-filter",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333243",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 69,
+ "name": "BotNet Filter Enabled",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "botnet-filter-enabled",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368520",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 70,
+ "name": "Anti-Spyware",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "anti-spyware",
+ "created-at": "2019-03-05T15:28:31.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368521",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 71,
+ "name": "Anti-Spyware Enabled",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "anti-spyware-enabled",
+ "created-at": "2019-03-05T15:28:31.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368522",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 72,
+ "name": "High Danger Spyware",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "high-danger-spyware",
+ "created-at": "2019-03-05T15:28:31.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368523",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 73,
+ "name": "Prevent High Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "prevent-high-danger-spyware",
+ "created-at": "2019-03-05T15:28:31.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368524",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 74,
+ "name": "Detect High Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "detect-high-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368525",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 75,
+ "name": "Log High Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "log-high-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368526",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 76,
+ "name": "Medium Danger Spyware",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "medium-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368527",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 77,
+ "name": "Prevent Medium Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "prevent-medium-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368528",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 78,
+ "name": "Detect Medium Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "detect-medium-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368529",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 79,
+ "name": "Log Medium Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "log-medium-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368530",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 80,
+ "name": "Low Danger Spyware",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "low-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368531",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 81,
+ "name": "Prevent Low Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "prevent-low-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368532",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 82,
+ "name": "Detect Low Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "detect-low-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1368533",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 83,
+ "name": "Log Low Danger Spyware",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "log-low-danger-spyware",
+ "created-at": "2019-03-05T15:28:32.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333244",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 84,
+ "name": "Geo-IP Filtering",
+ "kind": "Header",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "geo-ip-filtering",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333245",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 85,
+ "name": "Geo-IP Filtering Enabled",
+ "kind": "Checkbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "geo-ip-filtering-enabled",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333246",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 86,
+ "name": "Allowed Countries",
+ "kind": "Textbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "allowed-countries",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ },
+ {
+ "id": "1333247",
+ "type": "flexible-asset-fields",
+ "attributes": {
+ "order": 87,
+ "name": "Blocked Countries",
+ "kind": "Textbox",
+ "hint": null,
+ "decimals": 0,
+ "tag-type": null,
+ "required": false,
+ "use-for-title": false,
+ "expiration": false,
+ "show-in-list": true,
+ "name-key": "blocked-countries",
+ "created-at": "2019-02-04T20:34:19.000Z",
+ "updated-at": "2019-06-04T14:21:18.000Z",
+ "flexible-asset-type-id": 117956,
+ "default-value": ""
+ },
+ "relationships": {
+ "flexible-asset-type": {
+ "data": {
+ "id": "117956",
+ "type": "flexible-asset-types"
+ }
+ }
+ }
+ }
+ ],
+ "meta": {
+ "current-page": 1,
+ "next-page": null,
+ "prev-page": null,
+ "total-pages": 1,
+ "total-count": 87,
+ "filters": {}
+ },
+ "links": {}
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 830936c..f0084e9 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,86 @@
-# api-contest
+# SonicWALL Firewall Security Services Auditing
+
+This project involves making Flexible Assets for SonicWall Security Services in ITGlue to allow easy auditing and ticketing of security services, without the use of SonicWALL's GMS. For example, if a client's SonicWall Gateway AV is turned off while troubleshooting an issue, when these scripts run, a ticket will be created that indicates Gateway AV is off and needs to be re-enabled. We are also documenting all Address Objects on the SonicWall.
+
+### Prerequisites
+
+Hardware:
+ Next Gen SonicWALLs that support the SonicOS 6.5.3 firmware. (Required for SonicOS API introduced in version 6.5.1. We are NOT using SSH)
+
+Software/Services:
+
+Azure Automation Account or Server to Run Scripts with Powershell version 3 or above.
+
+Database (Can be SQL, Power Apps Common Data Service, Excel SpreedSheet/CSV or even ITGlue) of client external IP address, and their ITGlue ID.
+
+Azure KeyVault (Used to store ITGlue and Ticketing Software API keys)
+
+Enable the SonicOS API for each SonicWALL using Basic Auth
+
+ITGlue:
+
+SonicWALL admin passwords documented and specific password Category set for them. (Example, We used the Password Category "SonicWALL Admin")
+
+SonicWALL Security Services and SonicWALL Address Object flexible asset types (See JSON files)
+
+
+### Script Logic
+Below are high level diagrams of the workflow for these scripts.
+
+Data Collection Process and Updating to ITGlue
+
+
+Auditing and Ticket Generation Process
+
+
+### Security Considerations
+
+In an effort to ensure Security is kept for our company and clients, I've chosen to use Auzre for handling the Powershell Scripts.
+Using an Azure Automation account and Azure Key Vault, we are able to pull API Keys and Sonicwall Passwords without the fear of this sensitive information being passed or stored insecurely. This could be modified to run less securely on a local machine fairly easily. I would recommend running in Azure Automation and using Azure Key Vault for API key storage. Approved IPs are only allowed to connect to our SonicWalls, so the use of an Azure Hybrid worker is required to make that secure connection.
+
+### Integration Features
+A. Documenting the following Security Services for Sonicwalls and tagging Flexible Asset to Sonicwall Config
+
+ 1. GateWay Anti Virus
+ 
+
+ 2. App Control Advanced
+
+ a. Encrypted Key Exchange and Tor
+ 
+
+ 3. Intrusion Prevention
+ 
+
+ 4. Anti-Spyware
+ 
+
+ 5. RealTime Black List
+
+ 6. BotNet Filter
+ 
+
+ 7. Geo-IP Filter
+ a. Names of the Allowed and Blocked Countries.
+ 
+
+B. Documenting Basic Sonicwall Information
+
+
+C. Documenting All Address Objects for Sonicwall, creating their own Flexible Asset and tagging them to SonicWall config.
+ 
+
+ 
+
+ 
+
+ 
+
+ 
+
+D. Using ConnectWise Manage API to Create Ticket for out of SOP settings.
+
+
+## Author
+Ramon Ayala - Entech
+https://EntechUS.com
diff --git a/ScreenShots/CMW_Ticket_Example.jpg b/ScreenShots/CMW_Ticket_Example.jpg
new file mode 100644
index 0000000..27ea00e
Binary files /dev/null and b/ScreenShots/CMW_Ticket_Example.jpg differ
diff --git a/ScreenShots/SW_AO_FQDN_Example.jpg b/ScreenShots/SW_AO_FQDN_Example.jpg
new file mode 100644
index 0000000..f994b02
Binary files /dev/null and b/ScreenShots/SW_AO_FQDN_Example.jpg differ
diff --git a/ScreenShots/SW_AO_Host_Example.jpg b/ScreenShots/SW_AO_Host_Example.jpg
new file mode 100644
index 0000000..8634274
Binary files /dev/null and b/ScreenShots/SW_AO_Host_Example.jpg differ
diff --git a/ScreenShots/SW_AO_MAC_Example.jpg b/ScreenShots/SW_AO_MAC_Example.jpg
new file mode 100644
index 0000000..774af18
Binary files /dev/null and b/ScreenShots/SW_AO_MAC_Example.jpg differ
diff --git a/ScreenShots/SW_AO_Subnet_Example.jpg b/ScreenShots/SW_AO_Subnet_Example.jpg
new file mode 100644
index 0000000..637b737
Binary files /dev/null and b/ScreenShots/SW_AO_Subnet_Example.jpg differ
diff --git a/ScreenShots/SW_Config_Example.jpg b/ScreenShots/SW_Config_Example.jpg
new file mode 100644
index 0000000..d36fe9a
Binary files /dev/null and b/ScreenShots/SW_Config_Example.jpg differ
diff --git a/ScreenShots/SW_Password_Category.jpg b/ScreenShots/SW_Password_Category.jpg
new file mode 100644
index 0000000..f59cbea
Binary files /dev/null and b/ScreenShots/SW_Password_Category.jpg differ
diff --git a/ScreenShots/SW_SS_Anti_Spy_Example.jpg b/ScreenShots/SW_SS_Anti_Spy_Example.jpg
new file mode 100644
index 0000000..b8b1d36
Binary files /dev/null and b/ScreenShots/SW_SS_Anti_Spy_Example.jpg differ
diff --git a/ScreenShots/SW_SS_App_Control_Example.jpg b/ScreenShots/SW_SS_App_Control_Example.jpg
new file mode 100644
index 0000000..f715abd
Binary files /dev/null and b/ScreenShots/SW_SS_App_Control_Example.jpg differ
diff --git a/ScreenShots/SW_SS_GW_AV_Example.jpg b/ScreenShots/SW_SS_GW_AV_Example.jpg
new file mode 100644
index 0000000..1ef2b5c
Binary files /dev/null and b/ScreenShots/SW_SS_GW_AV_Example.jpg differ
diff --git a/ScreenShots/SW_SS_Geo_IP_Example.jpg b/ScreenShots/SW_SS_Geo_IP_Example.jpg
new file mode 100644
index 0000000..a4b5913
Binary files /dev/null and b/ScreenShots/SW_SS_Geo_IP_Example.jpg differ
diff --git a/ScreenShots/SW_SS_IPS_Example.jpg b/ScreenShots/SW_SS_IPS_Example.jpg
new file mode 100644
index 0000000..410d18d
Binary files /dev/null and b/ScreenShots/SW_SS_IPS_Example.jpg differ
diff --git a/ScreenShots/SW_SS_Info_Example.jpg b/ScreenShots/SW_SS_Info_Example.jpg
new file mode 100644
index 0000000..3fb3d01
Binary files /dev/null and b/ScreenShots/SW_SS_Info_Example.jpg differ
diff --git a/ScreenShots/SW_SS_RBL_BN_Example.jpg b/ScreenShots/SW_SS_RBL_BN_Example.jpg
new file mode 100644
index 0000000..ec427f1
Binary files /dev/null and b/ScreenShots/SW_SS_RBL_BN_Example.jpg differ
diff --git a/ScreenShots/Sonicwall_Auditing_Process.png b/ScreenShots/Sonicwall_Auditing_Process.png
new file mode 100644
index 0000000..aa53c54
Binary files /dev/null and b/ScreenShots/Sonicwall_Auditing_Process.png differ
diff --git a/ScreenShots/Sonicwall_Data_Collection_Process.png b/ScreenShots/Sonicwall_Data_Collection_Process.png
new file mode 100644
index 0000000..ff438b0
Binary files /dev/null and b/ScreenShots/Sonicwall_Data_Collection_Process.png differ