Техническое Руководство для Cisco Cisco Security Manager 4.0

Cisco Security Manager 4.4 API Specification (Version 1.1)

OL- 29074-01

Page 58

3.1.4.10

ACL Policy Object

Element.Sub Element

Type

Comment

references

Complex Type

List of references to ACE’s

references .sequenceNumber

Unsigned int

Sequence number of this entry

references .aclObjectReferenceGID

ObjectIdentifier

Reference to the ACE policy object

References.aceReferenceGID

ObjectIdentifier

Reference to the standard/extended ACE policy
object

Table 30: ACLPolicyObject Class Definition

Figure 36: ACLPolicyObject XML Schema

3.1.4.11

SecurityGroupPolicyObject

A SecurityGroupPolicyObject extends from the BasePolicyObject class and inherits all its attributes. A
SecurityGroupPolicyObject defines a security tag or name.

Policy definitions reference the SecurityGroupPolicyObject via the gid value. The contents of a
SecurityGroupPolicyObject can also be “empty” in some cases when the inherited isGroup attribute is set to true In
such cases the SecurityGroupPolicyObject is itself a container reference to “other Security Group Policy Objects”.

The list of gid values for such a PolicyObject can be obtained from the refs inherited attribute. Also a “Group”
SecurityGroupPolicyObject can sometimes also contain multiple secuTag elements denoting literal security

xs:complexType

name

="ACLPolicyObject">

xs:complexContent

xs:extension

base

="BasePolicyObject">

xs:sequence

minOccurs

="1"

maxOccurs

="1">

xs:element

name

="references"

minOccurs

="1"

maxOccurs

="unbounded">

xs:complexType

xs:sequence

minOccurs

="1"

maxOccurs

="1">

xs:element

name

="sequenceNumber"

type

="xs:unsignedInt"

minOccurs

="1"

maxOccurs

="1"/>

xs:choice

xs:element

name

="aclObjectReferenceGID"

type

="ObjectIdentifier"/>

xs:element

name

="aceReferenceGID"

type

="ObjectIdentifier"/>

xs:choice

xs:sequence

xs:complexType

xs:element

xs:sequence

xs:extension

xs:complexContent

xs:complexType