I’m currently working (for the "IT team" in a company) on extending our netbox-sync tool instance, which we use primarily for syncing data related to VMware, to also handle firewall data from FortiManager into Netbox.
I've included a pseudo-algorithm at the end of this post that outlines the approach I’ve started implementing for the firewall sync process.
I would really appreciate any insights or suggestions on how to best integrate FortiManager as a data source within netbox-sync. If anyone has prior experience with a similar implementation or knows of any existing resources (or implementations) that I should look into, I’d love to hear about it!
Additionally, if anyone is interested in collaborating on this, please let me know! I haven't created a fork or repository just yet, but I’m open to discussions on the best ways to add this source to the project and would love to hear your thoughts!
Pseudo-Algo
1. Initialize Environment
Load environment variables for FortiManager and Netbox credentials.
Setup logging for status tracking and error reporting.
Initialize clients for both FortiManager and Netbox.
2. Fetch Firewalls from FortiManager
Fetch all firewalls from FortiManager.
If fetching fails, log the error and halt execution.
For each firewall:
Fetch associated firewall interfaces from FortiManager.
Filter the interfaces:
Keep only valid interfaces (non-empty, non-default IP addresses).
Skip interfaces with invalid IPs.
Collect firewalls and their valid interfaces. (this will be the source of truth)
3. Check Firewalls in Netbox
For each firewall fetched from FortiManager:
Check if the firewall already exists in Netbox by name and role (firewall).
If not:
Retrieve or create the device type in Netbox based on the firewall's platform.
Retrieve or create the primary IP address for the firewall.
Add the firewall to Netbox with the following details:
Name, serial number, status, role, device type, and primary IP.
Add all valid interfaces to the firewall in Netbox.
... process for each interfaces...
4. Parallel Processing (not necessary, but faster...)
Use parallel processing (ThreadPool) for:
Fetching firewalls and interfaces from FortiManager.
Verifying and creating firewalls in Netbox to speed up the process.
5. Error Handling
Same as current flow with logging etc.
6. Execution Flow
Fetch data from FortiManager.
Process the data to synchronize firewalls and interfaces with Netbox.
Hi there !
Context
I’m currently working (for the "IT team" in a company) on extending our
netbox-sync
tool instance, which we use primarily for syncing data related to VMware, to also handle firewall data from FortiManager into Netbox.I've included a pseudo-algorithm at the end of this post that outlines the approach I’ve started implementing for the firewall sync process.
I would really appreciate any insights or suggestions on how to best integrate FortiManager as a data source within
netbox-sync
. If anyone has prior experience with a similar implementation or knows of any existing resources (or implementations) that I should look into, I’d love to hear about it!Additionally, if anyone is interested in collaborating on this, please let me know! I haven't created a fork or repository just yet, but I’m open to discussions on the best ways to add this source to the project and would love to hear your thoughts!
Pseudo-Algo
1. Initialize Environment
2. Fetch Firewalls from FortiManager
3. Check Firewalls in Netbox
firewall
).4. Parallel Processing (not necessary, but faster...)
5. Error Handling
6. Execution Flow