Intrusion Prevention Policy Tree
The API is used to fetch details of the intrusion prevention policy and of the location on which the policy is created. It also provides details of the child locations inheriting the policy.
API Calls
/V7/configuration/locationbased/intrusionprevention/policytree
JSON Table
| Attribute | Data Type | Description |
|---|---|---|
| type | String | The type of location on which the policy is created. The applicable values are:
|
| id | application/json | Location identifier for the policy. The value is of the type Location Id json. |
| name | String | Name of the location. |
| accessibleToUser | boolean | A true or false value indicating whether the user has rights to access this location. |
| timezoneId | int | The JAVA timezone ID of the location. |
| locationTag | String | A user-defined tag for the location. |
| children | application/json | A list of IDs of the child locations. The ID is a JSON object. |
| children/type | String | Its the type of child location ID. The applicable values are:
The remotelocationid ID type is applicable only in cluster environments. |
| children/id | int | The system-generated unique ID of the child location. |
| children/name | String | Name of the child location. |
| children/accessibleToUser | boolean | A true or false value indicating whether the user has rights to access this child location. |
| children/timezoneId | int | The JAVA timezone ID of the child location. |
| children/locationTag | String | A user-defined tag for the child location. |
| children/children | application/json | A list of IDs of the child locations. The ID is a JSON object. |
| children/policy | application/json | Details of the policy applied or inherited at the location. |
| children/inherited | boolean | A true or false value indicating if the child has inherited the policy or not. |
| policy | application/json | Details of the policy applied at the location. |
| policy/policyCreatedAtLocId | application/json | The ID of the location at which the policy has been defined. For details about the JSON, click Location ID. |
| policy/policyType | String | Type of the policy. Applicable value is INTRUSION_PREVENTION_POLICY. |
| policy/categorizedRogueAP | boolean | A true or false value indicating whether the intrusion prevention setting for APs categorized as Rogue is enabled. True indicates that the setting is enabled. |
| policy/uncatApPotentiallyRogue | boolean | A true or false value indicating whether the intrusion prevention setting for APs categorized as potential Rogue is enabled. True indicates that the setting is enabled. |
| policy/uncatApPotentiallyAuth | boolean | A true or false value indicating whether the intrusion prevention setting for APs categorized as potential Rogue is enabled. True indicates that the setting is enabled. |
| policy/uncatIndeterminateAp | boolean | A true or false value indicating whether the intrusion prevention setting for uncategorized indeterminate APs is enabled. True indicates that the setting is enabled. |
| policy/bannedAp | boolean | A true or false value indicating whether the intrusion prevention setting for banned APs is enabled. True indicates that the setting is enabled. |
| policy/misconfInsecureAuthAp | boolean | A true or false value indicating whether the intrusion prevention setting for misconfigured authorized APs is enabled. True indicates that the setting is enabled. |
| policy/authClientConnectedToGuestAp | boolean | A true or false value indicating whether the intrusion prevention setting for authorized clients connected to a guest AP is enabled. True indicates that intrusion prevention setting for authorized clients connected to a guest AP. |
| policy/authClientConnectedToUncatPotIndtAp | boolean | A true or false value indicating whether the intrusion prevention setting for authorized clients connected to an external or a potentially external AP is enabled. True indicates that the intrusion prevention setting for the clients is enabled. |
| policy/authClientsInAdhoc | boolean | A true or false value indicating whether the intrusion prevention setting for authorized clients participating in any ad-hoc network is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/apSpoofingAuthAp | boolean | A true or false value indicating whether the intrusion prevention setting for APs spoofing the MAC address of any authorized AP is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/authClientConnectionToHoneypotAp | boolean | A true or false value indicating whether the intrusion prevention setting for Authorized Clients connecting to Honeypot/Evil Twin APs is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/devDisruptAuthNetwork | boolean | A true or false value indicating whether the intrusion prevention setting against any device launching a Denial of Service (DoS) attack on the network is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/autoIpLevel | String | The applicable values are:
|
| policy/activeWepCracking | boolean | A true or false value indicating whether the intrusion prevention setting for an authorized AP under active WEP key cracking attack is enabled. |
| policy/clientFingerPrintMismatch | boolean | A true or false value indicating whether the intrusion prevention setting for an authorized client with an RF Signature mismatch is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/authClientBridging | boolean | A true or false value indicating whether the intrusion prevention setting for an authorized client in the Bridging/ICS configuration is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/unauthUncatClientBridging | boolean | A true or false value indicating whether the intrusion prevention setting for an external, uncategorized client in the Bridging/ICS configuration is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/enterpriseClientBridging | boolean | A true or false value indicating whether the intrusion prevention setting for a bridging/ICS client connected to an enterprise monitored subnet is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/nonAuthClientConnectedToAuthAP | boolean | A true or false value indicating whether the intrusion prevention setting for unauthorized clients connecting to authorized APs is enabled. |
| policy/guestClientConnectedToUncatPotIndtAP | boolean | A true or false value indicating whether the intrusion prevention setting for guest clients connecting to uncategorized APs that are Indeterminate is enabled. True indicates that the intrusion prevention setting is enabled. |
| policy/guestClientInAdhoc | boolean | A true or false value indicating whether the intrusion prevention setting for guest clients participating in any adhoc network is enabled. |
| policy/rogueClientInAdhoc | boolean | A true or false value indicating whether the intrusion prevention setting for rogue clients participating in any adhoc network is enabled. |
| policy/guestClientBridging | boolean | A true or false value indicating whether the intrusion prevention setting for a guest client in Bridging/ICS configuration is enabled. |
| policy/rogueClientBridging | boolean | A true or false value indicating whether the intrusion prevention setting for a rogue client in the Bridging/ICS configuration is enabled. |
| policy/extClientConnectedToAuthGuestAP | boolean | A true or false value indicating whether the intrusion prevention setting for external clients connecting to guest APs is enabled. |
| policy/uncatClientConnectedToAuthGuestAP | boolean | A true or false value indicating whether the intrusion prevention setting for uncategorized client connecting to Guest APs is enabled. |
| policy/rogueClientConnectedToAuthGuestAP | boolean | A true or false value indicating whether the intrusion prevention setting for a rogue client connecting to guest APs is enabled. |
| policy/authClientConnectedToExtApAndUncatPotExtAPs | boolean | A true or false value indicating whether the intrusion prevention setting for authorized clients connecting to external and uncategorized potentially external APs. |
| policy/bannedClientConnectionToAuthAndGuestAP | boolean | A true or false value indicating whether the intrusion prevention setting for a banned client connecting to authorized and guest APs. |
| policy/bannedClientConnectionToUncatIndtAP | boolean | A true or false value indicating whether the intrusion prevention setting for a banned client connecting to Uncategorized, indeterminate APs is enabled. |
| policy/guestClientConnectedToExtApAndUncatPotExtAP | boolean | A true or false value indicating whether the intrusion prevention setting for guest client connecting to potential external and uncategorized APs is enabled. |
| policy/rogueClientConnectedToAnyAP | boolean | A true or false value indicating whether the intrusion prevention setting for rogue clients connecting to any AP (for non-WiFi environments) is enabled. |
| policy/unapprovedSmartDeviceHandlingEnabled | boolean | A true or false value indicating whether the special handling of unapproved smart devices is enabled. |
| policy/intrusionPreventSDConnectingToAuth | boolean | A true or false value indicating whether smart devices connecting to guest AP, but not authorized AP, are allowed. True indicates that the smart devices connecting to a guest AP are allowed. |
| policy/intrusionPrevensionSDConnectingToGuestOrAuth | boolean | A true or false value indicating whether smart devices connecting to guest and authorized AP are disallowed. |
| policy/authClientConnectionToDisallowedSSIDs | ||
| inherited | boolean | A true or false value indicating whether the policy applied at the location is inherited or not. |
Sample JSON
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 0
},
"name": "Locations",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": -1
},
"name": "Unknown",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 3
},
"name": "America",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 7
},
"name": "California",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 5
},
"name": "Chicago",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 6
},
"name": "Palo Alto",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
}
],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 2
},
"name": "Asia",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 8
},
"name": "India",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 10
},
"name": "Bangalore",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 11
},
"name": "Mumbai",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 9
},
"name": "Pune",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
}
],
"policy": null,
"inherited": true
}
],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 1
},
"name": "MSU Child",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 19
},
"name": "SwapnilD",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
},
{
"type": "PolicyLocation",
"id": {
"type": "locallocationid",
"id": 17
},
"name": "VijayP",
"accessibleToUser": true,
"timezoneId": "Asia/Kolkata",
"locationTag": null,
"children": [],
"policy": null,
"inherited": true
}
],
"policy": {
"policyCreatedAtLocId": null,
"policyType": "INTRUSION_PREVENTION_POLICY",
"categorizedRogueAP": true,
"uncatApPotentiallyRogue": false,
"uncatApPotentiallyAuth": true,
"uncatIndeterminateAp": false,
"bannedAp": true,
"misconfInsecureAuthAp": true,
"authClientConnectedToGuestAp": false,
"authClientConnectedToUncatPotIndtAp": true,
"authClientsInAdhoc": true,
"apSpoofingAuthAp": false,
"authClientConnectionToHoneypotAp": true,
"devDisruptAuthNetwork": false,
"autoIpLevel": "DISRUPT_ID",
"activeWepCracking": false,
"clientFingerPrintMismatch": false,
"authClientBridging": true,
"unauthUncatClientBridging": false,
"enterpriseClientBridging": true,
"nonAuthClientConnectedToAuthAP": false,
"guestClientConnectedToUncatPotIndtAP": false,
"guestClientInAdhoc": false,
"rogueClientInAdhoc": false,
"guestClientBridging": false,
"rogueClientBridging": true,
"extClientConnectedToAuthGuestAP": false,
"uncatClientConnectedToAuthGuestAP": false,
"rogueClientConnectedToAuthGuestAP": true,
"authClientConnectedToExtApAndUncatPotExtAPs": true,
"bannedClientConnectionToAuthAndGuestAP": true,
"bannedClientConnectionToUncatIndtAP": false,
"guestClientConnectedToExtApAndUncatPotExtAP": false,
"rogueClientConnectedToAnyAP": false,
"unapprovedSmartDeviceHandlingEnabled": false,
"intrusionPreventSDConnectingToAuth": false,
"intrusionPrevensionSDConnectingToGuestOrAuth": false,
"authClientConnectionToDisallowedSSIDs": true
},
"inherited": false
}