giip

Network Security Policy API Reference

Learn about the APIs for programmatically controlling server local firewall settings and access-allowed IP lists.

📋 Overview

This API module controls the GIIP [Local Guard] feature to update security policies that filter inbound and outbound traffic on servers in real-time.

🔐 Authentication & Headers

All requests must include common authentication headers.

  • Header: 
    x-giip-ak: [Your Access Key]
  • Header: 
    x-giip-sk: [Your Secret Key]

🚀 Key API Endpoints

1. Get Security Rules per Server

  • URL: 
    POST /api/security/rules/list
  • Description: Queries information on inbound/outbound allowance rules applied to a specific server.
  • Request Body:
{
  "serverIsn": 456
}

2. Add Allowed IP

  • URL: 
    POST /api/security/rules/add
  • Description: Adds a new IP or range capable of accessing a specific port to the firewall policy.
  • Request Body:
{
  "serverIsn": 456,
  "port": 8080,
  "allowedIp": "1.2.3.4",
  "description": "Dev Team Access"
}

3. Deploy Security Policy in Bulk

  • URL: 
    POST /api/security/policy/deploy
  • Description: Applies standard security policies to all servers belonging to a specific project at once.
  • Request Body:
{
  "projectIsn": 123,
  "policyId": "P-SEC-001"
}

🔍 Response Data Example

{
  "RstVal": 0,
  "RstMsg": "Success",
  "Data": {
    "affectedServers": 15,
    "status": "In Progress"
  }
}

💡 Use Cases

  • Dynamic IP Whitelisting: Automatically registers an employee's current IP to the server firewall when they connect via VPN for remote work.
  • Automated Intrusion Response: When an attack IP is detected by the security monitoring system, immediately call the API to block that IP across all company servers.

🛡️ Using Sk3 (High-fidelity Logging)

For sensitive infrastructure control tasks such as modifying security policies or IP whitelisting, we recommend the 

giipApiSk3
endpoint to ensure the integrity of your change history and for detailed audit logs.

  • Endpoint: 
    https://giipfaw.azurewebsites.net/api/giipApiSk3
  • Security Advantages: If a policy update fails, it immediately records the caller's detailed environment information (IP, UA) and StackTrace, allowing for rapid analysis of whether it was an intrusion attempt or the cause of a configuration error.
  • Usage Tip: By combining the 
    text
    command with 
    jsondata
    , you can safely manage the overall infrastructure security level without data loss when transmitting complex security rule sets.

Version: 1.1 Last Updated: 2026-04-10 Source: 

giipv3/public/help/api-network-security.en.md

Related Documents:

← Previous
Knowledge Base (KB) API
Next →
Network Topology (Net3D) API