securitypolicy.PolicyEntry (NSP Network Functions Manager

securitypolicy
PolicyEntry

Inheritance Hierarchy
- ManagedObject
  - policy.PolicyObject
    - policy.PolicyItemDefinition
      - securitypolicy.SecurityPolicyEntryDefinition
        
        securitypolicy. PolicyEntry

Parent Hierarchy
- netw.Network
  - netw.NetworkElement
    - policy.Manager [securityPolicy]
      - securitypolicy.Policy
        
        securitypolicy.PolicyEntry [[network]:[${systemAddress}]:[$%{policyTypeManaged}]:[sp-${*id}]:[spentry-${*id}]]
- parent []
  - securitypolicy.Policy
    - securitypolicy.PolicyEntry [[backup-${policyTypeManaged}]:[sp-${*id}]:[spentry-${*id}]]
- policy.Manager [securityPolicy]
  - securitypolicy.Policy
    - securitypolicy.PolicyEntry [[$%{policyTypeManaged}]:[sp-${*id}]:[spentry-${*id}]]

Children Hierarchy
- securitypolicy.PolicyEntry

Relationships
- many securitypolicy.PolicyEntrys may be direct children of one securitypolicy.Policy (child-parent relationship)

PolicyEntry

Relative Name=[[spentry-${*id}]]

Displayed Name=Security Policy Entry

Properties
appGroupId	type=int access=read-only default=0 minimum=0 maximum=100
appGroupPointer	This specifies the Application Group policy to be used by security policy to build its matching criteria for incoming packets. type=Pointer default= Displayed(tab/group)=Application Group ( Match Criteria/Criteria)
concurrentSessionLimit	type=long default=0 minimum=0 maximum=65535 Displayed(tab/group)=Concurrent Session (/Limit)
createRevDirFlow	type=boolean default=true Displayed(tab/group)=Create Rev Direction Flow (/Limit)
destinationIpAddressOne	type=InetAddress default=0.0.0.0 Displayed(tab/group)=destinationIpAddressOne ( Match Criteria/IP Address)
destinationIpAddressTwo	type=InetAddress default=0.0.0.0 Displayed(tab/group)=destinationIpAddressTwo ( Match Criteria/IP Address)
destinationIpAddressType	type=rtr.InetAddressType default=ipv4 valid enums=ipv4 (Where parent is one of (securitypolicy.Policy))
destinationPortOne	type=int default=0 minimum=0 maximum=65535 Displayed(tab/group)=destinationPortOne ( Match Criteria/Port)
destinationPortTwo	type=int default=0 minimum=0 maximum=65535 Displayed(tab/group)=destinationPortTwo ( Match Criteria/Port)
dstIPHostGroupId	type=int access=read-only default=0 minimum=0 maximum=100
dstIPHostGroupPointer	This specifies the Host Group policy to be used by security policy in destination IP Address. type=Pointer default= Displayed(tab/group)=Destination Host Group ( Match Criteria/IP Address)
dstIPOperator	type=acl.Operator default=NONE Displayed(tab/group)=Destination IP Operator ( Match Criteria/IP Address) suppress enums=GREATER_THAN, LESS_THAN (Where parent is one of (securitypolicy.Policy))
dstPortOperator	type=acl.Operator default=NONE Displayed(tab/group)=Destination Port Operator ( Match Criteria/Port)
flowDirection	type=securitypolicy.ForwardingDirection default=both Displayed(tab/group)=Flow Direction ( Match Criteria)
icmpCode	type=securitypolicy.IcmpCode default=none Displayed(tab/group)=ICMP Code ( Match Criteria/ICMP Properties)
icmpType	type=securitypolicy.IcmpType default=none Displayed(tab/group)=ICMP Type ( Match Criteria/ICMP Properties)
logControl	type=securitypolicy.LogControlType default=suppress Displayed(tab/group)=Logging (/Logging)
matchLocal	type=boolean default=false Displayed(tab/group)=Local ( Match Criteria/Criteria)
natDstIPAddr	type=InetAddress default=0.0.0.0 Displayed(tab/group)=Destination IP Address ( Match Criteria/NAT)
natDstPort	type=int default=0 minimum=0 maximum=65535 Displayed(tab/group)=Destination Port ( Match Criteria/NAT)
profileId	type=long minimum=0 maximum=65535
profilePointer	type=Pointer default= Displayed(tab/group)=Profile (/Profile)
protocol	IP protocol number. Protocol numbers include ICMP(1),TCP(6), UDP(17).UDPTCP(-2) -1 means value not set. type=acl.Protocol default=ALL minimum=-2 maximum=255 Displayed(tab/group)=Protocol ( Match Criteria/Criteria)
ruleAction	type=securitypolicy.RuleAction default=reject Displayed(tab/group)=Action
secLogId	type=int access=read-only default=0 minimum=0 maximum=100
secLogPointer	This specifies the security Log policy used by zone. type=Pointer default= Displayed(tab/group)=Security Log (/Logging)
sourceIpAddressOne	type=InetAddress default=0.0.0.0 Displayed(tab/group)=sourceIpAddressOne ( Match Criteria/IP Address)
sourceIpAddressTwo	type=InetAddress default=0.0.0.0 Displayed(tab/group)=sourceIpAddressTwo ( Match Criteria/IP Address)
sourceIpAddressType	type=rtr.InetAddressType default=ipv4 valid enums=ipv4 (Where parent is one of (securitypolicy.Policy))
sourcePortOne	type=int default=0 minimum=0 maximum=65535 Displayed(tab/group)=sourcePortOne ( Match Criteria/Port)
sourcePortTwo	type=int default=0 minimum=0 maximum=65535 Displayed(tab/group)=sourcePortTwo ( Match Criteria/Port)
srcIPHostGroupId	type=int access=read-only default=0 minimum=0 maximum=100
srcIPHostGroupPointer	This specifies the Host Group policy to be used by security policy in source IP Address. type=Pointer default= Displayed(tab/group)=Source Host Group ( Match Criteria/IP Address)
srcIPOperator	type=acl.Operator default=NONE Displayed(tab/group)=Source IP Operator ( Match Criteria/IP Address) suppress enums=GREATER_THAN, LESS_THAN (Where parent is one of (securitypolicy.Policy))
srcPortOperator	type=acl.Operator default=NONE Displayed(tab/group)=Source Port Operator ( Match Criteria/Port)

Properties

appGroupId

type=int
access=read-only
default=0
minimum=0
maximum=100

appGroupPointer

This specifies the Application Group policy to be used by security policy to build its matching criteria for incoming packets.

type=Pointer
default=
Displayed(tab/group)=Application Group ( Match Criteria/Criteria)

concurrentSessionLimit

type=long
default=0
minimum=0
maximum=65535
Displayed(tab/group)=Concurrent Session (/Limit)

createRevDirFlow

type=boolean
default=true
Displayed(tab/group)=Create Rev Direction Flow (/Limit)

destinationIpAddressOne

type=InetAddress
default=0.0.0.0
Displayed(tab/group)=destinationIpAddressOne ( Match Criteria/IP Address)

destinationIpAddressTwo

type=InetAddress
default=0.0.0.0
Displayed(tab/group)=destinationIpAddressTwo ( Match Criteria/IP Address)

destinationIpAddressType

type=rtr.InetAddressType
default=ipv4

valid enums=ipv4 (Where parent is one of (securitypolicy.Policy))

destinationPortOne

type=int
default=0
minimum=0
maximum=65535
Displayed(tab/group)=destinationPortOne ( Match Criteria/Port)

destinationPortTwo

type=int
default=0
minimum=0
maximum=65535
Displayed(tab/group)=destinationPortTwo ( Match Criteria/Port)

dstIPHostGroupId

type=int
access=read-only
default=0
minimum=0
maximum=100

dstIPHostGroupPointer

This specifies the Host Group policy to be used by security policy in destination IP Address.

type=Pointer
default=
Displayed(tab/group)=Destination Host Group ( Match Criteria/IP Address)

dstIPOperator

type=acl.Operator
default=NONE
Displayed(tab/group)=Destination IP Operator ( Match Criteria/IP Address)

suppress enums=GREATER_THAN, LESS_THAN (Where parent is one of (securitypolicy.Policy))

dstPortOperator

type=acl.Operator
default=NONE
Displayed(tab/group)=Destination Port Operator ( Match Criteria/Port)

flowDirection

type=securitypolicy.ForwardingDirection
default=both
Displayed(tab/group)=Flow Direction ( Match Criteria)

icmpCode

type=securitypolicy.IcmpCode
default=none
Displayed(tab/group)=ICMP Code ( Match Criteria/ICMP Properties)

icmpType

type=securitypolicy.IcmpType
default=none
Displayed(tab/group)=ICMP Type ( Match Criteria/ICMP Properties)

logControl

type=securitypolicy.LogControlType
default=suppress
Displayed(tab/group)=Logging (/Logging)

matchLocal

type=boolean
default=false
Displayed(tab/group)=Local ( Match Criteria/Criteria)

natDstIPAddr

type=InetAddress
default=0.0.0.0
Displayed(tab/group)=Destination IP Address ( Match Criteria/NAT)

natDstPort

type=int
default=0
minimum=0
maximum=65535
Displayed(tab/group)=Destination Port ( Match Criteria/NAT)

profileId

type=long
minimum=0
maximum=65535

profilePointer

type=Pointer
default=
Displayed(tab/group)=Profile (/Profile)

protocol

IP protocol number. Protocol numbers include ICMP(1),TCP(6), UDP(17).UDPTCP(-2) -1 means value not set.

type=acl.Protocol
default=ALL
minimum=-2
maximum=255
Displayed(tab/group)=Protocol ( Match Criteria/Criteria)

ruleAction

type=securitypolicy.RuleAction
default=reject
Displayed(tab/group)=Action

secLogId

type=int
access=read-only
default=0
minimum=0
maximum=100

secLogPointer

This specifies the security Log policy used by zone.

type=Pointer
default=
Displayed(tab/group)=Security Log (/Logging)

sourceIpAddressOne

type=InetAddress
default=0.0.0.0
Displayed(tab/group)=sourceIpAddressOne ( Match Criteria/IP Address)

sourceIpAddressTwo

type=InetAddress
default=0.0.0.0
Displayed(tab/group)=sourceIpAddressTwo ( Match Criteria/IP Address)

sourceIpAddressType

type=rtr.InetAddressType
default=ipv4

valid enums=ipv4 (Where parent is one of (securitypolicy.Policy))

sourcePortOne

type=int
default=0
minimum=0
maximum=65535
Displayed(tab/group)=sourcePortOne ( Match Criteria/Port)

sourcePortTwo

type=int
default=0
minimum=0
maximum=65535
Displayed(tab/group)=sourcePortTwo ( Match Criteria/Port)

srcIPHostGroupId

type=int
access=read-only
default=0
minimum=0
maximum=100

srcIPHostGroupPointer

This specifies the Host Group policy to be used by security policy in source IP Address.

type=Pointer
default=
Displayed(tab/group)=Source Host Group ( Match Criteria/IP Address)

srcIPOperator

type=acl.Operator
default=NONE
Displayed(tab/group)=Source IP Operator ( Match Criteria/IP Address)

suppress enums=GREATER_THAN, LESS_THAN (Where parent is one of (securitypolicy.Policy))

srcPortOperator

type=acl.Operator
default=NONE
Displayed(tab/group)=Source Port Operator ( Match Criteria/Port)

Properties inherited from securitypolicy.SecurityPolicyEntryDefinition
controlApply, displayedName, id

Properties inherited from securitypolicy.SecurityPolicyEntryDefinition

controlApply, displayedName, id

Properties inherited from policy.PolicyItemDefinition
containingPolicyDisplayedName, containingPolicyId

Properties inherited from policy.PolicyItemDefinition

containingPolicyDisplayedName, containingPolicyId

Properties inherited from policy.PolicyObject
description, displayedName, globalPolicy, id, isLocal, policyType, siteId, siteName, templateObject

Properties inherited from policy.PolicyObject

description, displayedName, globalPolicy, id, isLocal, policyType, siteId, siteName, templateObject

Properties inherited from ManagedObject
actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Properties inherited from ManagedObject

actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Methods inherited from securitypolicy.SecurityPolicyEntryDefinition
renum

Methods inherited from securitypolicy.SecurityPolicyEntryDefinition

renum

Supported Network Elements
7705 SAR	Supported from 6.1.R1 Excluded chassis types: 7705-SARF, 7705-SARM ASAP, 7705-SARM, 7705-SARM ASAP FL, 7705-SARM FL, 7705 SAR-A, 7705 SAR-A T1/E1, 7705 SAR-W
7705 SAR H	Supported from 6.1.R1
Product Specifics
7705 SAR H 20.0	Warning: iframes not supported by this browser.
7705 SAR H 21.0
7705 SAR H 22.0
7705 SAR H 23.0
7705 SAR H 24.0
7705 SAR H 25.0
7705 SAR H 9.0
7705 SAR 20.0
7705 SAR 21.0
7705 SAR 22.0
7705 SAR 23.0
7705 SAR 24.0
7705 SAR 25.0

Supported Network Elements

7705 SAR

Supported from 6.1.R1