Manage devices

Relevant for: AFA Administrators

AFA manages your network security by collecting data from the devices defined in AFA.

Depending on the device's support and the options you enable, add a device to AFA to enable AFA to automatically obtain the device's policy, routing, configuration, and logs. AFA collects data via analysis or monitoring processes, at configurable intervals.

Add / Remove Layer 2 Devices: Watch to learn how to manage Layer 2 devices in AFA.

AFA communication protocols

AFA uses encrypted SSH, SOAP, REST or OPSEC communication to access the devices, depending on the available API for the device.

AFA encrypts any stored passwords using the advanced and highly-secure 256 bit AES encryption method (Advanced Encryption Standard).

Once the credentials used to access the device are entered and encrypted in AFA, system administrators can collect device data continuously, without compromising security or having to enter a password each time.

Device procedure reference

For details about adding devices to AFA, see the following:

Generic procedures
Device-specific procedures

Device icons

Once added to AFA, each device type is shown in the device tree and across the AFA interface using an icon that represents the device's brand or function.

Icon

Description

Arista EOS

Cisco ASA, ACE, IOS Router, or Nexus Router device or security context

Cisco ACI VRFs and other elements in the Cicso ACI fabric
Cisco Meraki

Check Point Multi-Domain Security Management (MDSM), Security Management (SmartCenter), or CMA device

Juniper NetScreen, NSM, SRX, Space, M/E Router, Juniper (non-M/E) router, or Juniper Secure Access (SSL VPN) device

Fortinet FortiGate or FortiManager device

Symantec Blue CoatClosed As of A32.20 AlgoSec will no longer support adding new Symantec Blue Coat devices. Existing deployed Blue Coat devices will still be functional. device

Linux netfilter - iptables device

Microsoft Azure NSG

Microsoft Azure Firewall

Palo Alto Networks Firewall or Panorama device

Palo Alto Prisma Access

F5 BIG-IP

Versa Networks

Forcepoint (McAfee) Security Management Center (formerly known as StoneGate) or Sidewinder device

Note: Supported only if the device had been added in an ASMS version earlier than A30.00. For details, see Deprecated devices.

Topsec Firewall device

Hillstone Networks device

Note: Supported only if the device had been added in an ASMS version earlier than A30.00. For details, see Deprecated devices.

VMware NSX-T and NSX-V device

Amazon Web Services (AWS)

Avaya - Routing Switch

Brocade VDX device

H3C device

SECUI MF2 device

Routing Element

Device configuration file

User-defined icons

A custom device brand.

For details, see Extend device support.