Overview

IP Fabric supports discovery of network devices via dedicated Vendor APIs.

Currently, the following Vendor APIs are supported (as listed in Settings → Discovery & Snapshots → Discovery Settings → Vendors API → + Add → Type):

• AWS
• Azure
• Check Point Management
• Cisco APIC
• Cisco FMC
• Forcepoint
• Google Cloud Platform
• Juniper Mist
• Meraki REST
• Prisma
• Ruckus Virtual SmartZone
• Silver Peak
• Versa
• Viptela
• VMware NSX-T

They are often complementary to CLI-based discovery process for established networking vendors but essential for SD-WAN or cloud vendors.

This section describes per-API specific settings for supported APIs.

For each Vendor API, additional system settings can be applied.

Multi-Factor Authentication

When configuring login credentials for Vendor API, please note that IP Fabric does not support multi-factor authentication (MFA). Please use a user account without MFA enabled (you may have the option to generate application access token).

Slug and Comment

Every instance of Vendor API configuration has two additional fields (the example screenshot shows the AWS configuration).

Slug

A slug must be unique and not empty. It is included in logs and other places to distinguish among potentially multiple API instances (think about it as loginIP for API). We recommend using short and descriptive values, such as aws-us, aws-jp etc.

Since version 6.3, Slug can only contain a-zA-Z0-9_-. Previously created configurations will be automatically modified by removing not-allowed characters from Slug according to the new validation rules.

Slug?

Slug has many meanings, but in the computer world, it became a name for the unique identifying part of a web address, typically at the end of the URL. For more information, see MDN.

Comment

Optional free text field for you to capture additional information about the API instance.

Use System Proxy Configuration

System proxy is by default used for communication from IP Fabric to the Internet (e.g., IP Fabric and system updates).

Some Vendor API controllers might be on the Internet or other parts of the network, and sending traffic through the System proxy might be required.

This setting can be enabled/disabled per Vendor API.

Reject Unauthorized Certificates

Due to security reasons, accepting unauthorized certificates might be undesired.

This setting can be enabled/disabled per Vendor API.

Advanced Settings

Since version 6.5, it is possible to fine-tune the following advanced settings for each Vendor API in the GUI (without going directly to the database):

• maximum concurrent requests
  • maximum amount of API calls to a device that can run in parallel
• maxCapacity (number of requests)
  • see How API Discovery Works - Rate Limitation
• refillRate (number of requests per specified milliseconds)
  • see How API Discovery Works - Rate Limitation

These are the default values for Meraki REST: