Cisco Firepower Management Console Access Policy Audit Review Generator


Release Name: BlackLip

v201909.1rc - Sep 16, 2019

I already said this is my first code so no trolling, please :)

This script will use Cisco Firepower Management Console API to build a human-readable output file for all the Access Policy Controls (Access Rules) check (https://github.com/SamJbori/CiscoFMCAccessPolicyReview/blob/master/FirewallReviews2019-09-16%2001:18:42.649142.txt)

It will first generate an authentication token, FMC will disconnect any other active session for the user used to generate the token, this is the default behavior and you can’t change it, the token will be used to authenticate and do the following

  1. Generate a list of policies on the FMC
  2. Generate a list of rules inside those policies
  3. Generate a detailed list of all rules in those policies

the scrip output will include the following details

  1. Organization TAG: User Input
  2. The system Global Domain UUID: usually e276abec-e0f2-11e3-8169-6d9ed49b625f
  3. Policy ID
  4. Policy Name
  5. Enabled?
  6. Zone details
  7. Network Details: source and destination
  8. Port Details
  9. URLs
  10. Applications
  11. User information

the output will be stored in the same folder the script will run, it will be a TAB delimited text and you can simply copy/paste into an XML file.

This will create a useful way to create a firewall review document to share with auditors (PCI, HIPPA, etc…)

Changes

If you like to see futures or other functionality, please feel free to ask!!!

Sam Jbori

jbori.net


Release Name: BrokenFoot

v201909.0a - Sep 10, 2019

Note: This is my first python code beside the “Hello World” and print (x + 2)!

Fixed bugs

The script will spit out a text document that contains a TAB separated fields, copy and paste it in excel and wallah, you got yourself a half-ass Firewall Policy Review document!

Please feel free to report bugs, suggest modification, or share your experience!

Sam Jbori