Cisco Cisco Security Manager 4.4 Guia De Especificaciones
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 66
3.1.5.2 DeviceAccessRuleUnifiedFirewallPolicy
A DeviceAccessRuleUnifiedFirewallPolicy extends from the base DeviceAccessRuleFirewallPolicy class and
inherits all its attributes. An instance of a DeviceAccessRuleUnifiedFirewallPolicy denotes a single unified access
control entry. The orderId attribute from the BasePolicy class defines the ordering of these rules.
inherits all its attributes. An instance of a DeviceAccessRuleUnifiedFirewallPolicy denotes a single unified access
control entry. The orderId attribute from the BasePolicy class defines the ordering of these rules.
A DeviceAccessRuleUnifiedFirewallPolicy mayadditionally reference SecurityGroupPolicyObject,
The sourceSG and destinationSG elements SecurityGrpObjectsRefs which is a list of SecurityGrpObjectsRef.
Refer to Sec 3.1.4.11 on SecurityGrpObjectsRef
Refer to Sec 3.1.4.11 on SecurityGrpObjectsRef
The XML content contains all the attributes of the base except for IOS options like logging, fragment and
established.
established.
This policy is available starting from version 1.1 of the API.
Element
Type
Comment
sourceSG
Complex(SecurityG
rpObjectsRefs)
rpObjectsRefs)
Defines security tags or objects for the source of the incoming
packet.
packet.
destinationSG
Complex(SecurityG
rpObjectsRefs)
rpObjectsRefs)
Defines security tags or objects for the destination of the
incoming packet
incoming packet
Table 33: DeviceAccessRuleUnifiedFirewallPolicy Class Definition
Figure 37: DeviceAccessRuleUnifiedFirewallPolicy XML Schema
<xs:complexType name="
DeviceAccessRuleUnifiedFirewallPolicy
">
<xs:complexContent>
<xs:extension base="
<xs:extension base="
DeviceAccessRuleFirewallPolicy
">
<xs:sequence minOccurs="1" maxOccurs="1">
<xs:element name="
<xs:element name="
sourceSG
" type="
SecurityGrpObjectsRefs
" minOccurs="0" maxOccurs="
1
"/>
<xs:element name="
destinationSG
" type="
SecurityGrpObjectsRefs
" minOccurs="
0
" maxOccurs="
1
"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
</xs:complexContent>
</xs:complexType>