Open nikolay-matveev-kkr opened 1 year ago
:tada: Thanks for opening your first issue here! Welcome to the community!
Thanks for this enhancement request @nikolay-matveev-kkr - Hoping someone from Palo Alto can pick this up and help out with it.
We also need support for security profiles, and it would be great if someone from the team confirms if there is a plan to add the functionality any time soon and if not, we can start developing it ourselves
I am also looking forward to this feature. I inherited some firewalls with a few URL Security Profiles with many nested Custom URL objects. I would like to use this SDK to simplify, consolidate and make it easier to manage Security Profiles.
Is your feature request related to a problem?
I am unable to create a complete firewall security policy solely via
pan-os-python
because it is missing support for Security Profiles. The SDK supports Profile Groups but this is not enough to build a comprehensive policy with the SDK.Describe the solution you'd like
I would like to have the ability to create, modify, and delete all types of Security Profiles:
There should be individual classes for all these types of profiles under
panos.objects
Describe alternatives you've considered
The current alternatives are to pre-create the required objects manually (which ruins the whole idea of having and managing policy-as-a-code), or to use XML API "patches" (which ruins the elegance of object-oriented programming with the SDK).
Additional context
We are building a next-gen risk-based web-filtering policy for our firm. It leverages a lot of
PAN-OS
/pan-os-python
features (amongst others) such as Security and Decryption rules, Application Groups and Filters, Custom URL categories, Tags, EDLs and Profile Groups. The latter one operates with some 15 different individual Security Profiles.The policy is being designed to be portable so that we were able to deploy it to different device groups and different Panorama instances as well as standalone firewalls. Thus, a need for the manual creation of any policy elements (such as Security Profiles) becomes a significant shortcoming of the solution.