# ============================================================================ # Sophos XGS Firewall Inventory # ============================================================================ # This inventory defines all Sophos XGS firewalls managed by Ansible. # # Groups: # - sophos_firewalls: All production Sophos XGS devices # - sophos_baseline: The baseline firewall used for config export # - sophos_headquarters: Firewalls at HQ location # - sophos_branches: Firewalls at branch locations # # Connection Method: # All firewalls are managed via HTTPS API (no SSH required) # # Author: Network Automation Team # ============================================================================ # ============================================================================ # Baseline Firewall (for configuration import/export) # ============================================================================ [sophos_baseline] fw-baseline ansible_host=192.168.1.10 # ============================================================================ # Headquarters Firewalls # ============================================================================ [sophos_headquarters] fw-hq-primary ansible_host=192.168.1.20 fw-hq-secondary ansible_host=192.168.1.21 # ============================================================================ # Branch Office Firewalls # ============================================================================ [sophos_branches] fw-branch1 ansible_host=192.168.10.1 fw-branch2 ansible_host=192.168.20.1 fw-branch3 ansible_host=192.168.30.1 # ============================================================================ # All Sophos Firewalls (parent group) # ============================================================================ [sophos_firewalls:children] sophos_baseline sophos_headquarters sophos_branches # ============================================================================ # Connection Variables (applied to all Sophos firewalls) # ============================================================================ [sophos_firewalls:vars] ansible_connection=local ansible_python_interpreter=/usr/bin/python3