Understanding Controller API
The Controller API provides advanced threat prevention policies that you can apply on your network security devices and monitor them for attacks. You can use this API to gather and aggregate threat information from multiple locations and devices, both physical and virtual, as well as from third-party solutions. You can use this information to assess and manage threats on your network.
The Controller API is a pivotal component of Policy Enforcer. Policy Enforcer provides centralized, integrated threat management of all your security devices (both physical and virtual). For more information on Policy Enforcer, see Policy Enforcer Administration Guide.
The following is a list of functionalities that you can perform using the various APIs defined under the Controller API:
Configure Policy Enforcer settings using the Config API.
Create secure fabrics/sites using the Site API.
Create feed sources/Sky ATP realms using the Feed Source API.
Create policy enforcement groups using the Policy Enforcement Group API.
Create threat prevention policies using the Threat Policy API.
Create custom feeds using the Custom Feed API.
Create Geo IP policies using the Geo IP API.
Retrieve all log files in zip format using the Logs API.
You can also perform these activities using the Policy Enforcer UI. For more information, see Policy Enforcer Administration Guide.