Disclaimer:
This is for illustration purposes only. Test the code before using in production.\n
Our intention is to only showcase one of the many ways of using CWS APIs to push security policies programatically.\n
Purpose:
The purpose of this tool is to programatically push CWS policies.
Files in this code:
(base) ameyao@ameyao9MD6V cws_builder % ls -l
total 120
drwxr-xr-x 5 ameyao staff 160 30 Jun 15:37 __pycache__
-rw-r--r-- 1 ameyao staff 13698 30 Jun 13:00 convert_excel_to_yaml.py
-rw-r--r-- 1 ameyao staff 8744 30 Jun 12:53 cws_config_builder_functions.py
-rw-r--r--@ 1 ameyao staff 19303 30 Jun 15:29 cws_info_gathering.xlsx
-rw-r--r-- 1 ameyao staff 2134 30 Jun 15:00 cws_policy_builder.py
-rw-r--r--@ 1 ameyao staff 624 30 Jun 15:38 initial_setup.yaml
-rw-r--r-- 1 ameyao staff 482 11 May 21:47 progress_bar.py
How to run:
- Open the file initial_setup.yaml
- Fill below details and save the file
excel_file_path: "/Users/
Tool Logic:
- Specify CWS policies in the Excel file cws_info_gathering.xlsx
- Run the CWS policy Builder
- Tool will first convert the EXCEL into YAML
- YAML file will contain the payloads used by CWS API calls
- Tool will create the CWS policy
- Tool will then push following security policies using CWS API
- URL filtering
- Content Filtering
- Geo based Filtering
- Content Inspection
- SSL Inspection
- CASB
- DLP
Sample Script run:
(base) ameyao@ameyao9MD6V cws_builder % python3 cws_policy_builder.py
======== CWS Policy Builder ========
======== Step 1 - Convert CWS Policy Excel File into YAML ========
WAIT: [########################################]
Excel file is converted to YAML
File name: cws-policy-template-new.yaml
======== Step 2 - Test VCO connectivity ========
WAIT: [########################################]
VCO Connection successful
======== Step 3 - Create new security policy ========
WAIT: [########################################]
Created a new security policy
======== Step 4 - Create URL Filtering Rules ========
WAIT: [########################################]
Created 14 URL filtering rules
======== Step 5 - Create Content Filtering Rules ========
WAIT: [########################################]
Created 11 content filtering rules
======== Step 6 - Create GEO-Based Filtering Rules ========
WAIT: [########################################]
Created 12 GEO-Based filtering rules
======== Step 7 - Create Content Inspection Rules ========
WAIT: [########################################]
Created 1 Content Inspection rules
======== Step 8 - Create SSL Inspection Rules ========
WAIT: [########################################]
Created 1 SSL Inspection rules
======== Step 9 - Create CASB Rules ========
WAIT: [########################################]
Created 1 CASB rules
======== Step 10 - Create DLP Rules ========
WAIT: [########################################]
Created 1 DLP rules
======== Completed ========
#MIT#VMwareSASE#VeloCloudOrchestrator#Python#VMwareCWS