🎁 Get the FREE AI Skills Starter Guide β€” Subscribe β†’
BytesAgainBytesAgain
πŸ¦€ ClawHub

Cisco NXOS Hardening

by @krishnakumarmahadevan-cmd

Generates security hardening configurations for Cisco NX-OS network devices based on specified options.

Versionv1.0.0
Downloads305
TERMINAL
clawhub install toolweb-cisco-nxos-hardening

πŸ“– About This Skill


name: Cisco NX-OS Hardening Tool description: Generates security hardening configurations for Cisco NX-OS network devices based on specified options.

Overview

The Cisco NX-OS Hardening Tool is a specialized security API designed to generate enterprise-grade hardening configurations for Cisco Nexus switches and NX-OS platforms. This tool helps network security teams and infrastructure engineers quickly produce validated security policies and configuration templates that align with industry best practices and security standards.

The tool accepts a set of hardening options and contextual metadata (session ID, user ID, and timestamp) to generate customized hardening configurations. It supports flexible option arrays, enabling teams to selectively apply security controls based on their specific environment and compliance requirements.

Ideal users include network engineers, security architects, DevOps teams managing Cisco infrastructure, and organizations requiring automated compliance configuration generation for Cisco Nexus environments.

Usage

Sample Request

{
  "sessionId": "sess_abc123def456",
  "userId": 42,
  "timestamp": "2025-01-15T10:30:00Z",
  "hardeningOptions": {
    "authentication": [
      "enable_aaa",
      "configure_radius",
      "enforce_password_policy"
    ],
    "access_control": [
      "disable_telnet",
      "enable_ssh_v2",
      "restrict_console_access"
    ],
    "logging": [
      "enable_syslog",
      "configure_ntp",
      "audit_command_logging"
    ]
  }
}

Sample Response

{
  "status": "success",
  "sessionId": "sess_abc123def456",
  "userId": 42,
  "timestamp": "2025-01-15T10:30:00Z",
  "configuration": {
    "authentication": {
      "commands": [
        "aaa new-model",
        "radius server 192.168.1.100",
        "password-policy min-length 12 uppercase lowercase digits special-chars"
      ]
    },
    "access_control": {
      "commands": [
        "no feature telnet",
        "feature ssh",
        "ssh key-length 2048",
        "line console 0",
        "access-class CONSOLE_ACL in"
      ]
    },
    "logging": {
      "commands": [
        "logging server 192.168.1.50 facility local7",
        "ntp server 192.168.1.60 prefer",
        "logging source-interface Loopback0",
        "logging level aaa 6"
      ]
    }
  },
  "appliedOptions": 9,
  "warnings": []
}

Endpoints

GET /

Summary: Root endpoint health check

Method: GET Path: /

Description: Returns basic API status information and confirms the service is operational.

Parameters: None

Response:

  • 200 OK: Service is operational
  • Content-Type: application/json

  • POST /api/hardening/generate

    Summary: Generate hardening configuration

    Method: POST Path: /api/hardening/generate

    Description: Generates Cisco NX-OS hardening configurations based on the provided options, session context, and user information. Processes multiple hardening categories and returns validated configuration commands.

    Parameters:

    | Name | Type | Required | Description | |------|------|----------|-------------| | hardeningOptions | Object (map of string β†’ array of strings) | Yes | Dictionary of hardening categories with arrays of specific options. Keys represent categories (e.g., "authentication", "access_control"); values are arrays of option identifiers. | | sessionId | String | Yes | Unique session identifier for tracking and audit purposes. | | userId | Integer or null | No | Identifier of the user requesting the configuration. Optional for anonymous requests. | | timestamp | String | Yes | ISO 8601 formatted timestamp indicating when the request was made (e.g., "2025-01-15T10:30:00Z"). |

    Request Body Schema:

    {
      "hardeningOptions": {
        "category_name": ["option1", "option2"]
      },
      "sessionId": "string",
      "userId": null,
      "timestamp": "2025-01-15T10:30:00Z"
    }
    

    Responses:

  • 200 OK: Configuration successfully generated
  • - Content-Type: application/json - Returns hardening configuration with commands organized by category

  • 422 Unprocessable Entity: Validation error in request
  • - Content-Type: application/json - Returns validation error details including field location, error message, and error type

    Example Error Response:

    {
      "detail": [
        {
          "loc": ["body", "sessionId"],
          "msg": "field required",
          "type": "value_error.missing"
        }
      ]
    }
    

    Pricing

    | Plan | Calls/Day | Calls/Month | Price | |------|-----------|-------------|-------| | Free | 5 | 50 | Free | | Developer | 20 | 500 | $39/mo | | Professional | 200 | 5,000 | $99/mo | | Enterprise | 100,000 | 1,000,000 | $299/mo |

    About

    ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

  • toolweb.in
  • portal.toolweb.in
  • hub.toolweb.in
  • toolweb.in/openclaw/
  • rapidapi.com/user/mkrishna477
  • youtube.com/@toolweb-009
  • References

  • Kong Route: https://api.mkkpro.com/hardening/cisco-nxos
  • API Docs: https://api.mkkpro.com:8137/docs
  • πŸ’‘ Examples

    Sample Request

    {
      "sessionId": "sess_abc123def456",
      "userId": 42,
      "timestamp": "2025-01-15T10:30:00Z",
      "hardeningOptions": {
        "authentication": [
          "enable_aaa",
          "configure_radius",
          "enforce_password_policy"
        ],
        "access_control": [
          "disable_telnet",
          "enable_ssh_v2",
          "restrict_console_access"
        ],
        "logging": [
          "enable_syslog",
          "configure_ntp",
          "audit_command_logging"
        ]
      }
    }
    

    Sample Response

    {
      "status": "success",
      "sessionId": "sess_abc123def456",
      "userId": 42,
      "timestamp": "2025-01-15T10:30:00Z",
      "configuration": {
        "authentication": {
          "commands": [
            "aaa new-model",
            "radius server 192.168.1.100",
            "password-policy min-length 12 uppercase lowercase digits special-chars"
          ]
        },
        "access_control": {
          "commands": [
            "no feature telnet",
            "feature ssh",
            "ssh key-length 2048",
            "line console 0",
            "access-class CONSOLE_ACL in"
          ]
        },
        "logging": {
          "commands": [
            "logging server 192.168.1.50 facility local7",
            "ntp server 192.168.1.60 prefer",
            "logging source-interface Loopback0",
            "logging level aaa 6"
          ]
        }
      },
      "appliedOptions": 9,
      "warnings": []
    }