Manage devices

Relevant for: AFA Administrators

AFA manages your network security by collecting data from the devices defined in AFA.

Depending on the device's support and the options you enable, add a device to AFA to enable AFA to automatically obtain the device's policy, routing, configuration, and logs. AFA collects data via analysis or monitoring processes, at configurable intervals.

In this topic:

AFA communication protocols
Device procedure reference
Device icons

Add / Remove Layer 2 Devices: Watch to learn how to manage Layer 2 devices in AFA.

AFA communication protocols

AFA uses encrypted SSH, SOAP, REST or OPSEC communication to access the devices, depending on the available API for the device.

AFA encrypts any stored passwords using the advanced and highly-secure128 bit AES encryption method (Advanced Encryption Standard).

Once the credentials used to access the device are entered and encrypted in AFA, system administrators can collect device data continuously, without compromising security or having to enter a password each time.

Device procedure reference

For details about adding devices to AFA, see the following:

Generic procedures	Add devices to AFA Add other devices and routing elements Add/update multiple devices in bulk Required device permissions Maintain devices Specify routing data manually Integrate AFA and CyberArk
Device-specific procedures	Add cloud devices Add Check Point devices Add Cisco devices Add F5 BIG-IP load balancers Add Fortinet devices Add Juniper devices Add Palo Alto Networks devices Add a Symantec Blue Coat Add VMware NSX-V devices

Device icons

Once added to AFA, each device type is shown in the device tree and across the AFA interface using an icon that represents the device's brand or function.

Icon	Description
	Cisco ASA, ACE, IOS Router, or Nexus Router device or security context
	Cisco ACI VRFs and other elements in the Cicso ACI fabric
	Check Point Multi-Domain Security Management (MDSM), Security Management (SmartCenter), or CMA device
	Juniper NetScreen, NSM, SRX, Space, M/E Router, Juniper (non-M/E) router, or Juniper Secure Access (SSL VPN) device
	Fortinet FortiGate or FortiManager device
	Symantec Blue Coat device
	Linux netfilter - iptables device
	Microsoft Azure device
	Palo Alto Networks Firewall or Panorama device
	F5 BIG-IP
	Forcepoint (McAfee) Security Management Center (formerly known as StoneGate) or Sidewinder device Note: Supported only if the device had been added in an ASMS version earlier than A30.00. For details, see Deprecated devices.
	Topsec Firewall device
	WatchGuard device
	Hillstone Networks device Note: Supported only if the device had been added in an ASMS version earlier than A30.00. For details, see Deprecated devices.
	VMware NSX device
	Amazon Web Services (AWS)
	Avaya - Routing Switch
	Brocade VDX device
	H3C device
	SECUI MF2 device
	Routing Element
	Device configuration file
User-defined icons	A custom device brand. For details, see Extend device support.

Manage devices

AFA communication protocols

Device procedure reference

Device icons

Sorry about that

Want to tell us more?

Great!