SlideShare a Scribd company logo

Phantom app: Ansible Tower

Download as PPTX, PDF
Joel W. King
Joel W. King

Documentation for the Phantom app: Ansible Tower

Technology
1 of 15
Copyright © 2016 World Wide Technology, Inc. All rights reserved. Phantom app: Ansible Tower 18 August 2016 Building And Automating The Next Generation Network Joel W. King Engineering and Innovations Network Solutions
Abstract Ansible Tower by RedHat provides a visual dashboard (GUI) with role-based access control and inventory management of the open source Ansible orchestration and automation software. Tower provides an API which can be used to launch job templates, while passing extra variables into the template in the body of the REST POST. The Phantom app for Ansible Tower is a force multiplier for Phantom, providing a means to consume Ansible modules and playbooks without writing the module functionality as an app in Phantom. FOR YOUR REFERENCE
Phantom app
Solution Architecture Remote Triggered Black Hole PHANTOM 2.0.67 ANSIBLE TOWER 3.0 ansible-tower.sandbox.wwtatc.local phantom.sandbox.wwtatc.local github.wwt.com router bgp 65536 …… ISR-2911-D.sandbox.wwtatc.local
Phantom Playbook
Job Template ID Job template name or id number can be specified
Ansible Playbook "ip route {{malicious_ip}} 255.255.255.255 Null0 tag 66 name BGP_RTBH"
Ansible Job Template Select Prompt on Launch
Ansible Job extra vars provided from Phantom when job is launched
Router Configuration after playbook has executed [phantom@localhost ansible_tower]$ ssh admin@isr-2911-d.sandbox.wwtatc.local Password: UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED. You must have explicit permission to access or configure this device. All activities performed on this device are logged and violations of this policy may result in disciplinary action. WAN Edge (Outside) router ISR-2911-D>en Password: ISR-2911-D#show run | inc RTBH ip route 192.0.2.1 255.255.255.255 Null0 tag 66 name BGP_RTBH ip route 198.200.139.176 255.255.255.255 Null0 tag 66 name BGP_RTBH
Solution Architecture Incorporating ACI app PHANTOM 2.0.67 ANSIBLE TOWER 3.0 github.wwt.com router bgp 65536 …… dbgacEpgToIp.yml apply atomic counter configuration atomic_counters.py PhantomIngest.py Create Incident in Phantom based on atomic counters exceeding threshold
Multiple variables can be passed to job template
Key Take-aways  Launching job templates from Phantom provides access to existing Ansible modules and playbooks.  Phantom F5 app used Python module written for Ansible.  Ideally, Remotely triggered black hole (RTBH) should be native Phantom app  Challenge, BGP speaking routers encompass wide range of vendors and operating systems.
References  Ansible Tower www.ansible.com/tower  Ansible Tower API Guide v3.0 docs.ansible.com/ansible-tower/latest/html/towerapi/  Source Code github.com/joelwking/Phantom-Cyber/tree/master/ansible_tower
Phantom app: Ansible Tower

Recommended

Sdn users group_january_2016v5
Sdn users group_january_2016v5Sdn users group_january_2016v5
Sdn users group_january_2016v5
Joel W. King
 
$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki
$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki
$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki
Joel W. King
 
Goodbye CLI, hello API: Leveraging network programmability in security incid...
Goodbye CLI, hello API: Leveraging network programmability in security incid...Goodbye CLI, hello API: Leveraging network programmability in security incid...
Goodbye CLI, hello API: Leveraging network programmability in security incid...
Joel W. King
 
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
Joel W. King
 
Integrating Ansible Tower with security orchestration and cloud management
Integrating Ansible Tower with security orchestration and cloud managementIntegrating Ansible Tower with security orchestration and cloud management
Integrating Ansible Tower with security orchestration and cloud management
Joel W. King
 
Tower 3.x
Tower 3.xTower 3.x
Tower 3.x
Scott van Kalken
 
Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...
Joel W. King
 
Ansible Tower | Docker | Cisco ACI
Ansible Tower | Docker | Cisco ACIAnsible Tower | Docker | Cisco ACI
Ansible Tower | Docker | Cisco ACI
Joel W. King
 

Recommended

Sdn users group_january_2016v5
Sdn users group_january_2016v5Sdn users group_january_2016v5
Sdn users group_january_2016v5
Joel W. King
 
$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki
$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki
$10,000 Phantom App & Playbook Contest - F5 and Cisco Meraki
Joel W. King
 
Goodbye CLI, hello API: Leveraging network programmability in security incid...
Goodbye CLI, hello API: Leveraging network programmability in security incid...Goodbye CLI, hello API: Leveraging network programmability in security incid...
Goodbye CLI, hello API: Leveraging network programmability in security incid...
Joel W. King
 
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
From 70 Networking Tasks to a Single Click by WWT: Building an F5 Solution wi...
Joel W. King
 
Integrating Ansible Tower with security orchestration and cloud management
Integrating Ansible Tower with security orchestration and cloud managementIntegrating Ansible Tower with security orchestration and cloud management
Integrating Ansible Tower with security orchestration and cloud management
Joel W. King
 
Tower 3.x
Tower 3.xTower 3.x
Tower 3.x
Scott van Kalken
 
Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...Using Ansible Tower to implement security policies and telemetry streaming fo...
Using Ansible Tower to implement security policies and telemetry streaming fo...
Joel W. King
 
Ansible Tower | Docker | Cisco ACI
Ansible Tower | Docker | Cisco ACIAnsible Tower | Docker | Cisco ACI
Ansible Tower | Docker | Cisco ACI
Joel W. King
 
World Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking WorkshopWorld Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking Workshop
Joel W. King
 
A Network Engineer's Approach to Automation
A Network Engineer's Approach to AutomationA Network Engineer's Approach to Automation
A Network Engineer's Approach to Automation
Jeremy Schulman
 
How we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platformHow we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platform
Packet
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud Native
Ben Hall
 
Ansible for networks
Ansible for networksAnsible for networks
Ansible for networks
Scott van Kalken
 
Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of Truth
Joel W. King
 
Let's Talk about Packet
Let's Talk about PacketLet's Talk about Packet
Let's Talk about Packet
Packet
 
IoT gateway dream team - Eclipse Kura and Apache Camel
IoT gateway dream team - Eclipse Kura and Apache CamelIoT gateway dream team - Eclipse Kura and Apache Camel
IoT gateway dream team - Eclipse Kura and Apache Camel
Henryk Konsek
 
ONAP SDC - Model driven design
ONAP SDC - Model driven designONAP SDC - Model driven design
ONAP SDC - Model driven design
Eden Rozin
 
Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deck
Juraj Hantak
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with Kubernetes
Wojciech Barczyński
 
Zero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with KubernetesZero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with Kubernetes
Wojciech Barczyński
 
Metaswitch Project Calico
Metaswitch Project CalicoMetaswitch Project Calico
Metaswitch Project Calico
Andrew Kennedy
 
Introduction to Git for Network Engineers
Introduction to Git for Network EngineersIntroduction to Git for Network Engineers
Introduction to Git for Network Engineers
Joel W. King
 
2018 04-06 kubernetes ingress in production
2018 04-06 kubernetes ingress in production2018 04-06 kubernetes ingress in production
2018 04-06 kubernetes ingress in production
Sandor Szuecs
 
Project calico - introduction
Project calico - introductionProject calico - introduction
Project calico - introduction
Hazzim Anaya
 
All Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istioAll Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istio
Lin Sun
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Emma Gordon
 
DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA
Docker, Inc.
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observability
Nikolay Stoitsev
 
Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19
dvillaco
 
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Mike Qin
 

More Related Content

What's hot

Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deck
Juraj Hantak
 
2018 04-06 kubernetes ingress in production
2018 04-06 kubernetes ingress in production2018 04-06 kubernetes ingress in production
2018 04-06 kubernetes ingress in production
Sandor Szuecs
 
Project calico - introduction
Project calico - introductionProject calico - introduction
Project calico - introduction
Hazzim Anaya
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observability
Nikolay Stoitsev
 

What's hot (20)

World Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking WorkshopWorld Wide Technology | Red Hat Ansible for Networking Workshop
World Wide Technology | Red Hat Ansible for Networking Workshop
 
A Network Engineer's Approach to Automation
A Network Engineer's Approach to AutomationA Network Engineer's Approach to Automation
A Network Engineer's Approach to Automation
 
How we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platformHow we built Packet's bare metal cloud platform
How we built Packet's bare metal cloud platform
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud Native
 
Ansible for networks
Ansible for networksAnsible for networks
Ansible for networks
 
Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of Truth
 
Let's Talk about Packet
Let's Talk about PacketLet's Talk about Packet
Let's Talk about Packet
 
IoT gateway dream team - Eclipse Kura and Apache Camel
IoT gateway dream team - Eclipse Kura and Apache CamelIoT gateway dream team - Eclipse Kura and Apache Camel
IoT gateway dream team - Eclipse Kura and Apache Camel
 
ONAP SDC - Model driven design
ONAP SDC - Model driven designONAP SDC - Model driven design
ONAP SDC - Model driven design
 
Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deck
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with Kubernetes
 
Zero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with KubernetesZero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with Kubernetes
 
Metaswitch Project Calico
Metaswitch Project CalicoMetaswitch Project Calico
Metaswitch Project Calico
 
Introduction to Git for Network Engineers
Introduction to Git for Network EngineersIntroduction to Git for Network Engineers
Introduction to Git for Network Engineers
 
2018 04-06 kubernetes ingress in production
2018 04-06 kubernetes ingress in production2018 04-06 kubernetes ingress in production
2018 04-06 kubernetes ingress in production
 
Project calico - introduction
Project calico - introductionProject calico - introduction
Project calico - introduction
 
All Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istioAll Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istio
 
Simple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project CalicoSimple, Scalable and Secure Networking for Data Centers with Project Calico
Simple, Scalable and Secure Networking for Data Centers with Project Calico
 
DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA DCSF19 Kubernetes Security with OPA
DCSF19 Kubernetes Security with OPA
 
A practical introduction to observability
A practical introduction to observabilityA practical introduction to observability
A practical introduction to observability
 

Similar to Phantom app: Ansible Tower

Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19
dvillaco
 
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Mike Qin
 
Presentation Lfoppiano Pycon
Presentation Lfoppiano PyconPresentation Lfoppiano Pycon
Presentation Lfoppiano Pycon
Luca Foppiano
 

Similar to Phantom app: Ansible Tower (20)

Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19Ansible automation sa technical deck q2 fy19
Ansible automation sa technical deck q2 fy19
 
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
Blockchain Software for Hardware: The Canaan AvalonMiner Open Source Embedded...
 
Presentation Lfoppiano Pycon
Presentation Lfoppiano PyconPresentation Lfoppiano Pycon
Presentation Lfoppiano Pycon
 
PyCon_India_2017_MicroPython_Ayan
PyCon_India_2017_MicroPython_AyanPyCon_India_2017_MicroPython_Ayan
PyCon_India_2017_MicroPython_Ayan
 
Network topology by essay corp uk
Network topology by essay corp ukNetwork topology by essay corp uk
Network topology by essay corp uk
 
NSX, API, Automation and Unicorns
NSX, API, Automation and UnicornsNSX, API, Automation and Unicorns
NSX, API, Automation and Unicorns
 
Introduction to WAMP, a protocol enabling PUB/SUB and RPC over Websocket
Introduction to WAMP, a protocol enabling PUB/SUB and RPC over WebsocketIntroduction to WAMP, a protocol enabling PUB/SUB and RPC over Websocket
Introduction to WAMP, a protocol enabling PUB/SUB and RPC over Websocket
 
Eclipse Kura Shoot a-pi
Eclipse Kura Shoot a-piEclipse Kura Shoot a-pi
Eclipse Kura Shoot a-pi
 
Mist.io @ AWSUGGR
Mist.io @ AWSUGGRMist.io @ AWSUGGR
Mist.io @ AWSUGGR
 
Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...
Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...
Two Years, Zero servers: Lessons learned from running a startup 100% on Serve...
 
Managing Large-scale Networks with Trigger
Managing Large-scale Networks with TriggerManaging Large-scale Networks with Trigger
Managing Large-scale Networks with Trigger
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
Mcollective introduction
Mcollective introductionMcollective introduction
Mcollective introduction
 
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream PipelinesICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
 
06 network automationwithansible
06 network automationwithansible06 network automationwithansible
06 network automationwithansible
 
IWAN Lab Guide
IWAN Lab GuideIWAN Lab Guide
IWAN Lab Guide
 
IRJET- Automation using Alexa and Raspberry Pi
IRJET- Automation using Alexa and Raspberry PiIRJET- Automation using Alexa and Raspberry Pi
IRJET- Automation using Alexa and Raspberry Pi
 
Automação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOpsAutomação do físico ao NetSecDevOps
Automação do físico ao NetSecDevOps
 
Automation day red hat ansible
Automation day red hat ansible Automation day red hat ansible
Automation day red hat ansible
 
Ato2019 weave-services-istio
Ato2019 weave-services-istioAto2019 weave-services-istio
Ato2019 weave-services-istio
 

More from Joel W. King

Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.
Joel W. King
 

More from Joel W. King (20)

DevNetCreate_2021_joelwking.pptx
DevNetCreate_2021_joelwking.pptxDevNetCreate_2021_joelwking.pptx
DevNetCreate_2021_joelwking.pptx
 
BRKEVT-2311_joeking_pbr.pptx
BRKEVT-2311_joeking_pbr.pptxBRKEVT-2311_joeking_pbr.pptx
BRKEVT-2311_joeking_pbr.pptx
 
Introduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOSIntroduction to GraphQL using Nautobot and Arista cEOS
Introduction to GraphQL using Nautobot and Arista cEOS
 
NetDevOps Development Environments
NetDevOps Development EnvironmentsNetDevOps Development Environments
NetDevOps Development Environments
 
DevNet Associate : Python introduction
DevNet Associate : Python introductionDevNet Associate : Python introduction
DevNet Associate : Python introduction
 
Using Batfish for Network Analysis
Using Batfish for Network AnalysisUsing Batfish for Network Analysis
Using Batfish for Network Analysis
 
Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.Using Terraform to manage the configuration of a Cisco ACI fabric.
Using Terraform to manage the configuration of a Cisco ACI fabric.
 
Cisco IP Video Surveillance Design Guide
Cisco IP Video Surveillance Design GuideCisco IP Video Surveillance Design Guide
Cisco IP Video Surveillance Design Guide
 
Meraki Virtual Hackathon: app for Splunk Phantom
Meraki Virtual Hackathon: app for Splunk PhantomMeraki Virtual Hackathon: app for Splunk Phantom
Meraki Virtual Hackathon: app for Splunk Phantom
 
Business Ready Teleworker Design Guide
Business Ready Teleworker Design GuideBusiness Ready Teleworker Design Guide
Business Ready Teleworker Design Guide
 
Data manipulation for configuration management using Ansible
Data manipulation for configuration management using AnsibleData manipulation for configuration management using Ansible
Data manipulation for configuration management using Ansible
 
DevNet Study Group: Using a SDK
DevNet Study Group: Using a SDKDevNet Study Group: Using a SDK
DevNet Study Group: Using a SDK
 
Foray into Ansible Content Collections
Foray into Ansible Content CollectionsForay into Ansible Content Collections
Foray into Ansible Content Collections
 
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
Analytics for Application Security and Policy Enforcement in Cloud Managed Ne...
 
Enabling policy migration in the Data Center with Ansible
Enabling policy migration in the Data Center with AnsibleEnabling policy migration in the Data Center with Ansible
Enabling policy migration in the Data Center with Ansible
 
Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...Using Tetration for application security and policy enforcement in multi-vend...
Using Tetration for application security and policy enforcement in multi-vend...
 
Super-NetOps Source of Truth
Super-NetOps Source of TruthSuper-NetOps Source of Truth
Super-NetOps Source of Truth
 
Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)
 
Under the Hood
Under the HoodUnder the Hood
Under the Hood
 
What is Code?
What is Code?What is Code?
What is Code?
 

Recently uploaded

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Phantom app: Ansible Tower

  • 1. Copyright © 2016 World Wide Technology, Inc. All rights reserved. Phantom app: Ansible Tower 18 August 2016 Building And Automating The Next Generation Network Joel W. King Engineering and Innovations Network Solutions
  • 2. Abstract Ansible Tower by RedHat provides a visual dashboard (GUI) with role-based access control and inventory management of the open source Ansible orchestration and automation software. Tower provides an API which can be used to launch job templates, while passing extra variables into the template in the body of the REST POST. The Phantom app for Ansible Tower is a force multiplier for Phantom, providing a means to consume Ansible modules and playbooks without writing the module functionality as an app in Phantom. FOR YOUR REFERENCE
  • 4. Solution Architecture Remote Triggered Black Hole PHANTOM 2.0.67 ANSIBLE TOWER 3.0 ansible-tower.sandbox.wwtatc.local phantom.sandbox.wwtatc.local github.wwt.com router bgp 65536 …… ISR-2911-D.sandbox.wwtatc.local
  • 6. Job Template ID Job template name or id number can be specified
  • 7. Ansible Playbook "ip route {{malicious_ip}} 255.255.255.255 Null0 tag 66 name BGP_RTBH"
  • 10. Router Configuration after playbook has executed [phantom@localhost ansible_tower]$ ssh admin@isr-2911-d.sandbox.wwtatc.local Password: UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED. You must have explicit permission to access or configure this device. All activities performed on this device are logged and violations of this policy may result in disciplinary action. WAN Edge (Outside) router ISR-2911-D>en Password: ISR-2911-D#show run | inc RTBH ip route 192.0.2.1 255.255.255.255 Null0 tag 66 name BGP_RTBH ip route 198.200.139.176 255.255.255.255 Null0 tag 66 name BGP_RTBH
  • 11. Solution Architecture Incorporating ACI app PHANTOM 2.0.67 ANSIBLE TOWER 3.0 github.wwt.com router bgp 65536 …… dbgacEpgToIp.yml apply atomic counter configuration atomic_counters.py PhantomIngest.py Create Incident in Phantom based on atomic counters exceeding threshold
  • 12. Multiple variables can be passed to job template
  • 13. Key Take-aways  Launching job templates from Phantom provides access to existing Ansible modules and playbooks.  Phantom F5 app used Python module written for Ansible.  Ideally, Remotely triggered black hole (RTBH) should be native Phantom app  Challenge, BGP speaking routers encompass wide range of vendors and operating systems.
  • 14. References  Ansible Tower www.ansible.com/tower  Ansible Tower API Guide v3.0 docs.ansible.com/ansible-tower/latest/html/towerapi/  Source Code github.com/joelwking/Phantom-Cyber/tree/master/ansible_tower

Editor's Notes

  1. job template id requiredJob template name or idstring