Calculate Risk Check
Calculate risk checks for requested traffic.
This API can be used for the following Risk Types:
Risk type |
Explanation |
Traffic Queries - Relates to risks regarding traffic allowed through the device |
|
D | Between internal networks. |
I |
From external networks to internal networks |
O |
From internal networks to external networks |
U |
User defined risks may be also returned by API: as long as the risk is similar to the supported risk types (D, I, O, C, and R) |
C | Risk with specific IP addresses |
Rules - Relates to risks regarding rule definitions. |
|
R |
Rule definition |
Note:
Risks which include DMZ are not supported: J - from internal networks to DMZ, Z - from DMZ to internal networks, K - between DMZs, M - from DMZ to external networks.
By design the API will not return risks that are specific to device brand, such as F - access to Firewall or P - device properties.
For a detailed list of risk types, see Advanced risk editing.
Resource Name:
Controller: Risk Check External Controller
Request Method: POST
Request Query Parameters:
Element |
Type |
Description |
---|---|---|
riskprofile Mandatory |
String |
Risk profile for risk calculation. 2 options:
|
Request Body Parameters:
Element |
Type |
Description |
---|---|---|
riskCheckRequest mandatory |
array of requested traffic tuples entity |
Each tuple consists of:
|
Response parameters
Element |
Type |
Description |
---|---|---|
riskprofile |
String |
Risk profile used for risk calculation. |
risksIdToData | Map |
Maps between risk internal ID (integer) and risk data. |
code: |
String | risk code. |
description | String | Description of risk. |
level | String |
Risk severity level:
|
trafficIdToRisksIds | Map |
Maps between provided ID (sequence ID if not provided) and found risk internal IDs. See in response example below: The API found two risks for 100: risk internal ID 1 and 2. The API found two risks for 101: risk internal ID 1. |
Response:
Code |
Description |
---|---|
200 |
Operation completed successfully |
400 | Bad request |
401 |
Unauthorized |
500 | Internal server error |
Request body examples in JSON Format
{
"traffic": [
{
"id" : "100",
"destination": ["1.2.3.4"],
"service": ["*"],
"source": ["10.1.1.1,2.2.2.2"]
} ,
{
"id" : "101",
"destination": ["10.1.1.1"],
"service": ["tcp/22" ],
"source": ["1.2.3.4"]
}
]
}
Response example in JSON Format
{
"riskProfile": "rp1.xml",
"risksIdToData": {
"1": {
"code": "I02",
"description": "TCP on all ports can enter your network",
"level": "High"
},
"2": {
"code": "I07",
"description": "Risky Microsoft services can enter your network",
"level": "High"
}
},
"trafficIdToRisksIds": {
"100": [
1,
2
],
"101": [
1
]
}
}