Gen 7 Admin Console API Calls
markrexv Newbie ✭
edited March 2022 in Mid Range Firewalls
While troubleshooting an issue with a brand new gen 7 TZ unit I ran a local proxy capture. I immediately noticed that the proxy capture lists 100’s of https calls to the api/sonicos/* path returning configurations for every single component in the system. I have the sonic api disabled. Is this expected behavior? If so, it’s very bad security, right?
Category: Mid Range Firewalls
Gen7 is REST API based.
Every objects/rules you see on the web UI is from api GET so I guess its expected?
If it didnt run the get requests, you would just see the UI framework but no objects/rules inside.1
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
So the SonicOS 7 architecture is REST based, and it would make sense if these were indeed GET requests. What I’m seeing is all POST requests though. This includes configurations for sections that the browser session is not interacting with too. I’ll have to re-examine the calls, but thanks.
They’re GETs. Disregard.