New Source Integration : Fortimanager

[PierreLouisLetoquart]

Hi there !

Context

I’m currently working (for the "IT team" in a company) on extending our netbox-sync tool instance, which we use primarily for syncing data related to VMware, to also handle firewall data from FortiManager into Netbox.

I've included a pseudo-algorithm at the end of this post that outlines the approach I’ve started implementing for the firewall sync process.

I would really appreciate any insights or suggestions on how to best integrate FortiManager as a data source within netbox-sync. If anyone has prior experience with a similar implementation or knows of any existing resources (or implementations) that I should look into, I’d love to hear about it!

Additionally, if anyone is interested in collaborating on this, please let me know! I haven't created a fork or repository just yet, but I’m open to discussions on the best ways to add this source to the project and would love to hear your thoughts!

Pseudo-Algo

1. Initialize Environment

• Load environment variables for FortiManager and Netbox credentials.
• Setup logging for status tracking and error reporting.
• Initialize clients for both FortiManager and Netbox.

2. Fetch Firewalls from FortiManager

• Fetch all firewalls from FortiManager.
• If fetching fails, log the error and halt execution.
• For each firewall:
  • Fetch associated firewall interfaces from FortiManager.
  • Filter the interfaces:
    • Keep only valid interfaces (non-empty, non-default IP addresses).
    • Skip interfaces with invalid IPs.
• Collect firewalls and their valid interfaces. (this will be the source of truth)

3. Check Firewalls in Netbox

• For each firewall fetched from FortiManager:
  • Check if the firewall already exists in Netbox by name and role (firewall).
  • If not:
    • Retrieve or create the device type in Netbox based on the firewall's platform.
    • Retrieve or create the primary IP address for the firewall.
    • Add the firewall to Netbox with the following details:
      • Name, serial number, status, role, device type, and primary IP.
    • Add all valid interfaces to the firewall in Netbox.
      • ... process for each interfaces...

4. Parallel Processing (not necessary, but faster...)

• Use parallel processing (ThreadPool) for:
  • Fetching firewalls and interfaces from FortiManager.
  • Verifying and creating firewalls in Netbox to speed up the process.

5. Error Handling

• Same as current flow with logging etc.

6. Execution Flow

• Fetch data from FortiManager.
• Process the data to synchronize firewalls and interfaces with Netbox.

[bb-Ricardo]

Hi @PierreLouisLetoquart,

this sounds like an interesting idea.

A few ideas which come to my mind:

• find a developer/contractor who is knowledgeable in python and willing to implement the feature
• a test environment where you can test different versions and configurations is also quite important
• who will maintain the source if bugs or feature requests occur?