Gen 7 Admin Console API Calls
While troubleshooting an issue with a brand new gen 7 TZ unit I ran a local proxy capture. I immediately noticed that the proxy capture lists 100’s of https calls to the api/sonicos/* path returning configurations for every single component in the system. I have the sonic api disabled. Is this expected behavior? If so, it’s very bad security, right?