securitypolicy.Profile (NSP Network Functions Manager

securitypolicy
Profile

Inheritance Hierarchy
- ManagedObject
  - policy.PolicyObject
    - policy.PolicyDefinition
      - securitypolicy.SecurityPolicyDefinition
        
        securitypolicy. Profile

Parent Hierarchy
- netw.Network
  - netw.NetworkElement
    - policy.Manager [securityProfile]
      - securitypolicy.Profile [[network]:[${systemAddress}]:[$%{policyTypeManaged}]:[profile-${*id}]]
- parent []
  - securitypolicy.Profile [[backup-${policyTypeManaged}]:[profile-${*id}]]
- policy.Manager [securityProfile]
  - securitypolicy.Profile [[$%{policyTypeManaged}]:[profile-${*id}]]

Children Hierarchy
- securitypolicy.Profile

Relationships
- many securitypolicy.Profiles may be direct children of one policy.Manager (child-parent relationship)
- securitypolicy.Profile may be associated with many securitypolicy.Policys (implied relationship)
- many securitypolicy.Profiles may be associated with securitypolicy.Profile (implied relationship)
- securitypolicy.Profile may be associated with many securitypolicy.Profiles (implied relationship)

Profile

Relative Name=[[profile-${*id}]]

Displayed Name=Security Profile

Properties
algType	type=securitypolicy.AlgType default=auto Displayed(tab/group)=Application Layer Gateway
allowPktFrag	type=boolean default=true Displayed(tab/group)=Allow Fragments
allowedIpOpt	type=securitypolicy.IpOptions Displayed(tab/group)=IP Options (/Application Assurance)
appInspect	type=boolean default=false Displayed(tab/group)=Application Assurance Inspection
dnsReplyOnly	type=boolean default=false Displayed(tab/group)=DNS Reply Only (/Application Assurance)
fwdPolicerId	type=int access=read-only default=0 minimum=0 maximum=1024
fwdPolicerPointer	This specifies the policer group that the forward direction of the session should be rate-limited with. type=Pointer default= Displayed(tab/group)=Fwd Policer Group (/Fwd Policer Group)
icmpErrorLimit	type=boolean default=false Displayed(tab/group)=Limit ICMP Type 3 Packets (/Application Assurance)
icmpReqLimit	type=long default=0 minimum=0 maximum=15 Displayed(tab/group)=ICMP Request Limit (/Application Assurance)
icmpStrictIdle	type=boolean default=true Displayed(tab/group)=Strict (/ICMP Timeouts)
icmpTimeout	Specifies the number of seconds an ICMP request can take to receive a response before being cleaned up. type=long access=read-only default=60 minimum=60 maximum=240 units=seconds
icmpTimeoutMinutes	type=long default=1 minimum=0 maximum=4 Displayed(tab/group)=ICMP Minute(s) (/ICMP Timeouts)
icmpTimeoutSeconds	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/ICMP Timeouts)
inspectIpOpt	type=boolean default=false Displayed(tab/group)=IP Options Inspection (/Application Assurance)
inspectTcp	type=boolean default=false Displayed(tab/group)=Strict TCP Inspection (/Application Assurance)
otherStrictIdle	type=boolean default=false Displayed(tab/group)=Strict (/Other Timeouts)
otherTimeout	Specifies the number of seconds a Other Timeout request can take to receive a response before being cleaned up. type=long access=read-only default=600 minimum=10 maximum=86400 units=seconds
otherTimeoutDays	type=long default=0 minimum=0 maximum=1 Displayed(tab/group)=Other Day(s) (/Other Timeouts)
otherTimeoutHours	type=long default=0 minimum=0 maximum=24 Displayed(tab/group)=Hour(s) (/Other Timeouts)
otherTimeoutMinutes	type=long default=10 minimum=0 maximum=59 Displayed(tab/group)=Minute(s) (/Other Timeouts)
otherTimeoutSeconds	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/Other Timeouts)
revPolicerId	type=int access=read-only default=0 minimum=0 maximum=1024
revPolicerPointer	This specifies the policer group that the reverse direction of the session should be rate-limited with. type=Pointer default= Displayed(tab/group)=Rev Policer Group (/Rev Policer Group)
tcpEstabStrictIdle	type=boolean default=false Displayed(tab/group)=Strict (/TCP Timeouts)
tcpEstabTimeout	Specifies the number of seconds a TCP session has to reach established before being cleaned up. type=long access=read-only default=7440 minimum=60 maximum=86400 units=seconds
tcpEstabTimeoutDays	type=long default=0 minimum=0 maximum=1 Displayed(tab/group)=TCP Established Day(s) (/TCP Timeouts)
tcpEstabTimeoutHours	type=long default=2 minimum=0 maximum=24 Displayed(tab/group)=Hour(s) (/TCP Timeouts)
tcpEstabTimeoutMinutes	type=long default=4 minimum=0 maximum=59 Displayed(tab/group)=Minute(s) (/TCP Timeouts)
tcpEstabTimeoutSeconds	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/TCP Timeouts)
tcpSynTimeout	Specifies the number of seconds a TCP session can wait for a SYN before being cleaned up. type=long access=read-only default=15 minimum=6 maximum=86400 units=seconds
tcpSynTimeoutDays	type=long default=0 minimum=0 maximum=1 Displayed(tab/group)=TCP Sync Day(s) (/TCP Timeouts)
tcpSynTimeoutHours	type=long default=0 minimum=0 maximum=24 Displayed(tab/group)=Hour(s) (/TCP Timeouts)
tcpSynTimeoutMinutes	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Minute(s) (/TCP Timeouts)
tcpSynTimeoutSeconds	type=long default=15 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/TCP Timeouts)
tcpTransTimeout	Specifies the number of seconds a TCP session can be transitory before being cleaned up. type=long access=read-only default=240 minimum=60 maximum=86400 units=seconds
tcpTransTimeoutDays	type=long default=0 minimum=0 maximum=1 Displayed(tab/group)=TCP Transitory Day(s) (/TCP Timeouts)
tcpTransTimeoutHours	type=long default=0 minimum=0 maximum=24 Displayed(tab/group)=Hour(s) (/TCP Timeouts)
tcpTransTimeoutMinutes	type=long default=4 minimum=0 maximum=59 Displayed(tab/group)=Minute(s) (/TCP Timeouts)
tcpTransTimeoutSeconds	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/TCP Timeouts)
tcpWaitTimeout	Specifies the number of seconds a TCP session can remain in time wait before being cleaned up. type=long access=read-only default=0 minimum=0 maximum=240 units=seconds
tcpWaitTimeoutMinutes	type=long default=0 minimum=0 maximum=4 Displayed(tab/group)=TCP Wait Time Minute(s) (/TCP Timeouts)
tcpWaitTimeoutSeconds	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/TCP Timeouts)
udpDnsStrictIdle	type=boolean default=true Displayed(tab/group)=Strict (/UDP Timeouts)
udpDnsTimeout	Specifies the number of seconds a DNS request can take to receive a response before being cleaned up. type=long access=read-only default=15 minimum=15 maximum=86400 units=seconds
udpDnsTimeoutDays	type=long default=0 minimum=0 maximum=1 Displayed(tab/group)=UDP DNS Day(s) (/UDP Timeouts)
udpDnsTimeoutHours	type=long default=0 minimum=0 maximum=24 Displayed(tab/group)=Hour(s) (/UDP Timeouts)
udpDnsTimeoutMinutes	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Minute(s) (/UDP Timeouts)
udpDnsTimeoutSeconds	type=long default=15 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/UDP Timeouts)
udpInitialTimeout	Specifies the number of seconds a UDP session can remain idle after receiving the first packet before being cleaned up. type=long access=read-only default=15 minimum=10 maximum=300 units=seconds
udpInitialTimeoutMinutes	type=long default=0 minimum=0 maximum=5 Displayed(tab/group)=UDP Initial Minute(s) (/UDP Timeouts)
udpInitialTimeoutSeconds	type=long default=15 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/UDP Timeouts)
udpStrictIdle	type=boolean default=false Displayed(tab/group)=Strict (/UDP Timeouts)
udpTimeout	Specifies the number of seconds a UDP session can remain idle before being cleaned up. type=long access=read-only default=300 minimum=60 maximum=86400 units=seconds
udpTimeoutDays	type=long default=0 minimum=0 maximum=1 Displayed(tab/group)=UDP Day(s) (/UDP Timeouts)
udpTimeoutHours	type=long default=0 minimum=0 maximum=24 Displayed(tab/group)=Hour(s) (/UDP Timeouts)
udpTimeoutMinutes	type=long default=5 minimum=0 maximum=59 Displayed(tab/group)=Minute(s) (/UDP Timeouts)
udpTimeoutSeconds	type=long default=0 minimum=0 maximum=59 Displayed(tab/group)=Second(s) (/UDP Timeouts)

Properties

algType

type=securitypolicy.AlgType
default=auto
Displayed(tab/group)=Application Layer Gateway

allowPktFrag

type=boolean
default=true
Displayed(tab/group)=Allow Fragments

allowedIpOpt

type=securitypolicy.IpOptions
Displayed(tab/group)=IP Options (/Application Assurance)

appInspect

type=boolean
default=false
Displayed(tab/group)=Application Assurance Inspection

dnsReplyOnly

type=boolean
default=false
Displayed(tab/group)=DNS Reply Only (/Application Assurance)

fwdPolicerId

type=int
access=read-only
default=0
minimum=0
maximum=1024

fwdPolicerPointer

This specifies the policer group that the forward direction of the session should be rate-limited with.

type=Pointer
default=
Displayed(tab/group)=Fwd Policer Group (/Fwd Policer Group)

icmpErrorLimit

type=boolean
default=false
Displayed(tab/group)=Limit ICMP Type 3 Packets (/Application Assurance)

icmpReqLimit

type=long
default=0
minimum=0
maximum=15
Displayed(tab/group)=ICMP Request Limit (/Application Assurance)

icmpStrictIdle

type=boolean
default=true
Displayed(tab/group)=Strict (/ICMP Timeouts)

icmpTimeout

Specifies the number of seconds an ICMP request can take to receive a response before being cleaned up.

type=long
access=read-only
default=60
minimum=60
maximum=240
units=seconds

icmpTimeoutMinutes

type=long
default=1
minimum=0
maximum=4
Displayed(tab/group)=ICMP Minute(s) (/ICMP Timeouts)

icmpTimeoutSeconds

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/ICMP Timeouts)

inspectIpOpt

type=boolean
default=false
Displayed(tab/group)=IP Options Inspection (/Application Assurance)

inspectTcp

type=boolean
default=false
Displayed(tab/group)=Strict TCP Inspection (/Application Assurance)

otherStrictIdle

type=boolean
default=false
Displayed(tab/group)=Strict (/Other Timeouts)

otherTimeout

Specifies the number of seconds a Other Timeout request can take to receive a response before being cleaned up.

type=long
access=read-only
default=600
minimum=10
maximum=86400
units=seconds

otherTimeoutDays

type=long
default=0
minimum=0
maximum=1
Displayed(tab/group)=Other Day(s) (/Other Timeouts)

otherTimeoutHours

type=long
default=0
minimum=0
maximum=24
Displayed(tab/group)=Hour(s) (/Other Timeouts)

otherTimeoutMinutes

type=long
default=10
minimum=0
maximum=59
Displayed(tab/group)=Minute(s) (/Other Timeouts)

otherTimeoutSeconds

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/Other Timeouts)

revPolicerId

type=int
access=read-only
default=0
minimum=0
maximum=1024

revPolicerPointer

This specifies the policer group that the reverse direction of the session should be rate-limited with.

type=Pointer
default=
Displayed(tab/group)=Rev Policer Group (/Rev Policer Group)

tcpEstabStrictIdle

type=boolean
default=false
Displayed(tab/group)=Strict (/TCP Timeouts)

tcpEstabTimeout

Specifies the number of seconds a TCP session has to reach established before being cleaned up.

type=long
access=read-only
default=7440
minimum=60
maximum=86400
units=seconds

tcpEstabTimeoutDays

type=long
default=0
minimum=0
maximum=1
Displayed(tab/group)=TCP Established Day(s) (/TCP Timeouts)

tcpEstabTimeoutHours

type=long
default=2
minimum=0
maximum=24
Displayed(tab/group)=Hour(s) (/TCP Timeouts)

tcpEstabTimeoutMinutes

type=long
default=4
minimum=0
maximum=59
Displayed(tab/group)=Minute(s) (/TCP Timeouts)

tcpEstabTimeoutSeconds

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/TCP Timeouts)

tcpSynTimeout

Specifies the number of seconds a TCP session can wait for a SYN before being cleaned up.

type=long
access=read-only
default=15
minimum=6
maximum=86400
units=seconds

tcpSynTimeoutDays

type=long
default=0
minimum=0
maximum=1
Displayed(tab/group)=TCP Sync Day(s) (/TCP Timeouts)

tcpSynTimeoutHours

type=long
default=0
minimum=0
maximum=24
Displayed(tab/group)=Hour(s) (/TCP Timeouts)

tcpSynTimeoutMinutes

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Minute(s) (/TCP Timeouts)

tcpSynTimeoutSeconds

type=long
default=15
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/TCP Timeouts)

tcpTransTimeout

Specifies the number of seconds a TCP session can be transitory before being cleaned up.

type=long
access=read-only
default=240
minimum=60
maximum=86400
units=seconds

tcpTransTimeoutDays

type=long
default=0
minimum=0
maximum=1
Displayed(tab/group)=TCP Transitory Day(s) (/TCP Timeouts)

tcpTransTimeoutHours

type=long
default=0
minimum=0
maximum=24
Displayed(tab/group)=Hour(s) (/TCP Timeouts)

tcpTransTimeoutMinutes

type=long
default=4
minimum=0
maximum=59
Displayed(tab/group)=Minute(s) (/TCP Timeouts)

tcpTransTimeoutSeconds

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/TCP Timeouts)

tcpWaitTimeout

Specifies the number of seconds a TCP session can remain in time wait before being cleaned up.

type=long
access=read-only
default=0
minimum=0
maximum=240
units=seconds

tcpWaitTimeoutMinutes

type=long
default=0
minimum=0
maximum=4
Displayed(tab/group)=TCP Wait Time Minute(s) (/TCP Timeouts)

tcpWaitTimeoutSeconds

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/TCP Timeouts)

udpDnsStrictIdle

type=boolean
default=true
Displayed(tab/group)=Strict (/UDP Timeouts)

udpDnsTimeout

Specifies the number of seconds a DNS request can take to receive a response before being cleaned up.

type=long
access=read-only
default=15
minimum=15
maximum=86400
units=seconds

udpDnsTimeoutDays

type=long
default=0
minimum=0
maximum=1
Displayed(tab/group)=UDP DNS Day(s) (/UDP Timeouts)

udpDnsTimeoutHours

type=long
default=0
minimum=0
maximum=24
Displayed(tab/group)=Hour(s) (/UDP Timeouts)

udpDnsTimeoutMinutes

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Minute(s) (/UDP Timeouts)

udpDnsTimeoutSeconds

type=long
default=15
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/UDP Timeouts)

udpInitialTimeout

Specifies the number of seconds a UDP session can remain idle after receiving the first packet before being cleaned up.

type=long
access=read-only
default=15
minimum=10
maximum=300
units=seconds

udpInitialTimeoutMinutes

type=long
default=0
minimum=0
maximum=5
Displayed(tab/group)=UDP Initial Minute(s) (/UDP Timeouts)

udpInitialTimeoutSeconds

type=long
default=15
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/UDP Timeouts)

udpStrictIdle

type=boolean
default=false
Displayed(tab/group)=Strict (/UDP Timeouts)

udpTimeout

Specifies the number of seconds a UDP session can remain idle before being cleaned up.

type=long
access=read-only
default=300
minimum=60
maximum=86400
units=seconds

udpTimeoutDays

type=long
default=0
minimum=0
maximum=1
Displayed(tab/group)=UDP Day(s) (/UDP Timeouts)

udpTimeoutHours

type=long
default=0
minimum=0
maximum=24
Displayed(tab/group)=Hour(s) (/UDP Timeouts)

udpTimeoutMinutes

type=long
default=5
minimum=0
maximum=59
Displayed(tab/group)=Minute(s) (/UDP Timeouts)

udpTimeoutSeconds

type=long
default=0
minimum=0
maximum=59
Displayed(tab/group)=Second(s) (/UDP Timeouts)

Properties inherited from securitypolicy.SecurityPolicyDefinition
controlApply, description, displayedName, id

Properties inherited from securitypolicy.SecurityPolicyDefinition

controlApply, description, displayedName, id

Properties inherited from policy.PolicyDefinition
configurationAction, configurationMode, discoveryState, displayedName, distributionMode, isMaster, lastSyncTime, numberOfUnderlyingPolicyItems, origin, policyMode, policySyncGroupPointer, policyType

Properties inherited from policy.PolicyDefinition

configurationAction, configurationMode, discoveryState, displayedName, distributionMode, isMaster, lastSyncTime, numberOfUnderlyingPolicyItems, origin, policyMode, policySyncGroupPointer, policyType

Properties inherited from policy.PolicyObject
description, displayedName, globalPolicy, id, isLocal, policyType, siteId, siteName, templateObject

Properties inherited from policy.PolicyObject

description, displayedName, globalPolicy, id, isLocal, policyType, siteId, siteName, templateObject

Properties inherited from ManagedObject
actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Properties inherited from ManagedObject

actionMask, children-Set, deploymentState, isFaultSquelched, name, objectFullName, selfAlarmed

Methods inherited from policy.PolicyDefinition
distribute, distributeUsingGroups, distributeV2, evaluatePolicy, findGlobal, findLocal, findReleased, getSyncTaskResult, resetToReleasedPolicy, setConfigurationModeToDraft, setConfigurationModeToReleased, setDistributionModeToLocalEditOnly, setDistributionModeToSyncWithGlobal, syncTo, syncToLocalWithResync

Methods inherited from policy.PolicyDefinition

distribute, distributeUsingGroups, distributeV2, evaluatePolicy, findGlobal, findLocal, findReleased, getSyncTaskResult, resetToReleasedPolicy, setConfigurationModeToDraft, setConfigurationModeToReleased, setDistributionModeToLocalEditOnly, setDistributionModeToSyncWithGlobal, syncTo, syncToLocalWithResync

Supported Network Elements
7705 SAR	Supported from 6.1.R1 Excluded chassis types: 7705-SARF, 7705-SARM ASAP, 7705-SARM, 7705-SARM ASAP FL, 7705-SARM FL, 7705 SAR-A, 7705 SAR-A T1/E1, 7705 SAR-W
7705 SAR H	Supported from 6.1.R1
Product Specifics
7705 SAR H 20.0	Warning: iframes not supported by this browser.
7705 SAR H 21.0
7705 SAR H 22.0
7705 SAR H 23.0
7705 SAR H 24.0
7705 SAR H 25.0
7705 SAR H 9.0
7705 SAR 20.0
7705 SAR 21.0
7705 SAR 22.0
7705 SAR 23.0
7705 SAR 24.0
7705 SAR 25.0

Supported Network Elements

7705 SAR

Supported from 6.1.R1