Monday, 1 May 2017

Working with the McAfee Web Gateway API

If you ever find yourself in a situation where you need to work with this device via its API, be prepared to hate everything about it.

With nothing in the way of things like API keys or anything remotely close to it, you're stuck using a username and password to do any sort of remote commands. To add to this, you'll also need to make sure that you do not use an account that you want to log in with manually because the appliance cannot discern between multiple sessions for whatever reason. Also, if you find that you've accidentally lost your session and then want to do anything further, you'll have to go make a cup of coffee, do a little of yoga, and then hopefully after ten or so minutes it'll allow you to work once again.

That is the magic of the McAfee Web Gateway REST API. And because I do not wish to let anyone else experience the nauseating pain that this appliance gave me, I have been a nice person and wrote an entire Python interface so you can save yourself the frustration provided by its terrible, inaccurate documentation.

Some of the features I wrote into it include the following:

  • Listing appliances
  • Listing lists
  • Viewing list entries
  • Inserting into lists
  • Saving data
  • Avoiding a stroke

I gave it a thought to write some more features into it but opted not to because I was just interested in blocking content.

Also, if you do decide to make it block content, make sure that you do not have any sort of short timeouts on whatever you have because if you have any appliances that are connected via a slow network link (like less than 10 Mbit), you'll have to wait until they're updated because when you talk to the central appliance it pushes out the new XML config you just created to all of them and then gives a response.

Anyway, hopefully this saves you a few grey hairs.

1 comment: