33 vendors across on-prem, cloud, SASE, open source, and virtualization. Manage all your firewalls from a single platform with vendor-agnostic rule normalization.
PAN-OS XML API
FortiOS REST API
R80+ Web API
REST API
FMC REST API
Dashboard REST v1
Junos REST + NETCONF
iControl REST
Sophos Central REST
SonicOS REST API
REST API
REST (JSON-RPC)
SMC REST API
REST / NETCONF
REST API
REST API
APIC REST API
AWS SDK (EC2)
Azure SDK
@google-cloud/compute
OCI REST API
REST v2
OpenAPI
ZIA REST API
GraphQL API
REST v4
REST API
REST API
OPNsense Compatible
HTTP API
REST API (v7.1+)
NSX-T Policy REST
Prism Central REST
API Key
PA-VM 10.x, 11.x
Physical, VM, Cloud (AWS, Azure, GCP)
API Token
FortiOS 6.x, 7.x
FortiGate appliances, VM, Cloud
API Key + Session
R80.40, R81.x
Check Point appliances, CloudGuard
Basic Auth
ASA 9.x
ASA 5500-X, Firepower, ASAv
Token Auth
FMC 7.x
Firepower appliances, FTDv
API Key
MX series
Meraki MX appliances
API Token / Certificate
Junos 21.x, 22.x
SRX Series, vSRX
Basic / Token Auth
BIG-IP 15.x, 16.x
BIG-IP appliances, VE
API Token
SFOS 19.x, 20.x
XGS Series, XG VM
API Token
SonicOS 7.x
TZ, NSa, NSsp Series
Token Auth
Fireware 12.x
Firebox appliances, FireboxV
API Token
CloudGen 8.x, 9.x
Barracuda appliances, Cloud
API Key
SMC 6.x
Forcepoint NGFW appliances
Token Auth
USG6000 V500
USG Series appliances
API Token
StoneOS 5.x
Hillstone A/E/X Series
Token Auth
SNS 4.x
SNS appliances, EVA
Token Auth
ACI 5.x, 6.x
Nexus 9000 + APIC
IAM Credentials
EC2, VPC
AWS Cloud
Service Principal
NSG, Azure Firewall
Azure Cloud
Service Account
VPC, Cloud Armor
GCP Cloud
API Key
OCI VCN
Oracle Cloud
API Token
DO Firewalls
DigitalOcean Cloud
AccessKey
ECS Security Groups
Alibaba Cloud
Obfuscated API Key
ZIA
Zscaler Cloud
API Key
Cato SASE Cloud
Cato Cloud
API Token
Cloudflare Enterprise
Cloudflare Edge
API Token
Netskope Security Cloud
Netskope Cloud
API Key + Secret
22.x, 23.x, 24.x
Bare metal, VM, Cloud instances
Via OPNsense driver
2.6.x, 2.7.x
Netgate appliances, pfSense VM
API Key
VyOS 1.4+
Bare metal, VM, Cloud
Basic Auth
RouterOS 7.x
MikroTik routers, CHR
Basic / SAML Auth
NSX-T 3.x, 4.x
VMware vSphere / vCloud
Basic Auth
Prism Central 2023.x
Nutanix AHV
FwChange translates vendor-specific configurations into a unified rule format, allowing you to work with all your firewalls using consistent terminology.
Each vendor has a dedicated driver implementing a common interface. Add new vendors by implementing the same interface.
Vendor-specific rules are converted to a normalized format for analysis, optimization, and approval workflows.
Approved changes are translated back to vendor-specific syntax and pushed via the appropriate API.
All credentials are encrypted at rest using AES-256-GCM. Credentials are only decrypted in memory during API calls and never logged or exposed.
Yes. FwChange is designed for heterogeneous firewall fleets. Manage Palo Alto at the perimeter, Fortinet at branches, and Check Point in the datacenter—all from one platform.
We can develop custom drivers for enterprise customers. Contact us with your vendor and API documentation, and we'll provide an integration timeline.
We support the last 2-3 major releases of each vendor. Check the detailed integration table above for specific version numbers tested with your firewall.
See how FwChange simplifies multi-vendor firewall operations.
