Class Hierarchy
Class Attributes
Class Qualifiers
Properties
Methods
Associations in which the class can participate
Sub Profiling Summary
CIM_PreconfiguredTunnelAction --> CIM_PreconfiguredSAAction --> CIM_SAStaticAction --> CIM_SAAction --> CIM_PolicyAction --> CIM_Policy --> CIM_ManagedElement --> [top]
Class Declaration Attributes Name Value SUPERCLASS CIM_PreconfiguredSAAction NAME CIM_PreconfiguredTunnelAction
Class CIM_PreconfiguredTunnelAction Qualifiers Name Type Value From Class Version string 2.8.0 CIM_PreconfiguredTunnelAction Description string PreconfiguredTunnelAction is used to create tunnel-mode SAs using preconfigured, hard-wired algorithms and keys. Note that the SPI for a preconfigured SA action is contained in the association, TransformOfPreconfiguredAction. CIM_PreconfiguredTunnelAction MappingStrings string IPSP Policy Model.IETF|PreconfiguredTunnelAction CIM_PreconfiguredTunnelAction Description string Subclasses of PreconfiguredSAAction are used to create SAs using preconfigured, hard-wired algorithms and keys. No negotiation is necessary. Note that this class is defined as concrete, since its superclass is also concrete. However, it should not be directly instantiated, but one of its subclasses used instead. Also note that: - The SPI for a preconfigured SA action is contained in the association, TransformOfPreconfiguredAction. - The session key (if applicable) is contained in an instance of SharedSecret. For an instance of the SharedSecret class: The session key is stored in the Secret property; the property protocol contains one of the values, " ESP-encrypt " , " ESP-auth " or " AH " ; and, the class ’ property algorithm contains the algorithm used to protect the secret. (The latter can be " PLAINTEXT " if the IPsec entity has no secret storage.) The value of the class ’ RemoteID property is the concatenation of the remote IPsec peer IP address in dotted decimal, of the character " / " , of " IN " (or respectively " OUT " ) for inbound/outbound SAs, of the character " / " and of the hexadecimal representation of the SPI. CIM_PreconfiguredSAAction MappingStrings string IPSP Policy Model.IETF|PreconfiguredSAAction CIM_PreconfiguredSAAction Description string SAStaticAction is the base class for both key exchange as well as IPsec actions that require no negotiation. It is a concrete class that can be aggregated with other subclasses of PolicyAction (such as NetworkPacketAction) into a PolicyRule, to describe how packets are handled throughout the lifetime of the Security Association. CIM_SAStaticAction MappingStrings string IPSP Policy Model.IETF|SAStaticAction CIM_SAStaticAction Description string SAAction is the base class for the various types of key exchange or IPsec actions. It is abstract and used to categorize the different types of actions of SARules. CIM_SAAction MappingStrings string IPSP Policy Model.IETF|SAAction CIM_SAAction Description string A class representing a rule-specific or reusable policy action to be performed if the PolicyConditions for a Policy Rule evaluate to TRUE. Since all operational details of a PolicyAction are provided in subclasses of this object, this class is abstract. CIM_PolicyAction Description string An abstract class defining the common properties of the policy managed elements derived from CIM_Policy. The subclasses are used to create rules and groups of rules that work together to form a coherent set of policies within an administrative domain or set of domains. CIM_Policy Description string ManagedElement is an abstract class that provides a common superclass (or top of the inheritance tree) for the non-association classes in the CIM Schema. CIM_ManagedElement
Property Qualifiers
Property DFHandling Qualifiers Name Type Value From Class Description string DFHandling controls how the Don ’ t Fragment bit is managed by the tunnel. CIM_PreconfiguredTunnelAction ValueMap string [See below.] CIM_PreconfiguredTunnelAction Values string Copy from Internal to External IP Header
Set DF Bit in External Header to 1
Set DF Bit in External Header to 0CIM_PreconfiguredTunnelAction MappingStrings string IPSP Policy Model.IETF|PreconfiguredTunnelAction.DFHandling CIM_PreconfiguredTunnelAction ModelCorrespondence string CIM_IPsecSAEndpoint.DFHandling CIM_PreconfiguredTunnelAction
Name Value 2 Copy from Internal to External IP Header 3 Set DF Bit in External Header to 1 4 Set DF Bit in External Header to 0
Property LifetimeKilobytes Qualifiers Name Type Value From Class Description string LifetimeKilobytes defines a traffic limit in kilobytes that can be consumed before the SA is deleted. A value of zero (the default) indicates that there is no lifetime associated with this action (i.e., infinite lifetime). A non-zero value is used to indicate that after this number of kilobytes has been consumed the SA must be deleted. Note that the actual lifetime of the preconfigured SA will be the lesser of the value of this LifetimeKilobytes property and the value of the MaxLifetimeKilobytes property of the associated SATransform. Also note that some SA negotiation protocols (such as IKE) can negotiate the lifetime as an arbitrary length field, it is assumed that a 64-bit integer will be sufficient. CIM_PreconfiguredSAAction Units string KiloBytes CIM_PreconfiguredSAAction MappingStrings string IPSP Policy Model.IETF|PreconfiguredSAAction.LifetimeKilobytes CIM_PreconfiguredSAAction ModelCorrespondence string CIM_SecurityAssociationEndpoint.LifetimeKilobytes CIM_PreconfiguredSAAction
Property LifetimeSeconds Qualifiers Name Type Value From Class Description string LifetimeSeconds specifies how long the SA created from this action should be used/exist. A value of 0 means an infinite lifetime. A non-zero value is typically used in conjunction with alternate SAActions performed when there is a negotiation failure of some sort. Note: If the referenced SAStaticAction object IS-A PreconfiguredSAAction (that is associated to several SATransforms), then the actual lifetime of the Security Association will be the lesser of the value of this LifetimeSeconds property and of the value of the MaxLifetimeSeconds property of the associated SATransform. CIM_SAStaticAction Units string Seconds CIM_SAStaticAction MappingStrings string IPSP Policy Model.IETF|SAStaticAction.LifetimeSeconds CIM_SAStaticAction ModelCorrespondence string CIM_SecurityAssociationEndpoint.LifetimeSeconds CIM_SAStaticAction
Property DoPacketLogging Qualifiers Name Type Value From Class Description string DoPacketLogging causes a log message to be generated when the action is applied to a packet. CIM_SAAction MappingStrings string IPSP Policy Model.IETF|SAAction.DoPacketLogging CIM_SAAction ModelCorrespondence string CIM_SecurityAssociationEndpoint.PacketLoggingActive CIM_SAAction
Property SystemCreationClassName Qualifiers Name Type Value From Class Key boolean true CIM_PolicyAction Description string The name of the class or the subclass used in the creation of the System object in whose scope this PolicyAction is defined. This property helps to identify the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action. Note that this property, and the analogous property SystemName, do not represent propagated keys from an instance of the class System. Instead, they are properties defined in the context of this class, which repeat the values from the instance of System to which this PolicyAction is related, either directly via the PolicyActionInPolicyRepository association or indirectly via the PolicyActionInPolicyRule aggregation. CIM_PolicyAction MaxLen uint32 256 CIM_PolicyAction
Property SystemName Qualifiers Name Type Value From Class Key boolean true CIM_PolicyAction Description string The name of the System object in whose scope this PolicyAction is defined. This property completes the identification of the System object in whose scope this instance of PolicyAction exists. For a rule-specific PolicyAction, this is the System in whose context the PolicyRule is defined. For a reusable PolicyAction, this is the instance of PolicyRepository (which is a subclass of System) that holds the Action. CIM_PolicyAction MaxLen uint32 256 CIM_PolicyAction
Property PolicyRuleCreationClassName Qualifiers Name Type Value From Class Key boolean true CIM_PolicyAction Description string For a rule-specific PolicyAction, the CreationClassName of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, ’ NO RULE ’ , should be used to indicate that this Action is reusable and not associated with a single PolicyRule. CIM_PolicyAction MaxLen uint32 256 CIM_PolicyAction
Property PolicyRuleName Qualifiers Name Type Value From Class Key boolean true CIM_PolicyAction Description string For a rule-specific PolicyAction, the name of the PolicyRule object with which this Action is associated. For a reusable PolicyAction, a special value, ’ NO RULE ’ , should be used to indicate that this Action is reusable and not associated with a single PolicyRule. CIM_PolicyAction MaxLen uint32 256 CIM_PolicyAction
Property CreationClassName Qualifiers Name Type Value From Class Key boolean true CIM_PolicyAction Description string CreationClassName indicates the name of the class or the subclass used in the creation of an instance. When used with the other key properties of this class, this property allows all instances of this class and its subclasses to be uniquely identified. CIM_PolicyAction MaxLen uint32 256 CIM_PolicyAction
Property PolicyActionName Qualifiers Name Type Value From Class Key boolean true CIM_PolicyAction Description string A user-friendly name of this PolicyAction. CIM_PolicyAction MaxLen uint32 256 CIM_PolicyAction
Property DoActionLogging Qualifiers Name Type Value From Class Description string DoActionLogging causes a log message to be generated when the action is performed. CIM_PolicyAction
Property CommonName Qualifiers Name Type Value From Class Description string A user-friendly name of this policy-related object. CIM_Policy
Property PolicyKeywords Qualifiers Name Type Value From Class Description string An array of keywords for characterizing / categorizing policy objects. Keywords are of one of two types: - Keywords defined in this and other MOFs, or in DMTF white papers. These keywords provide a vendor- independent, installation-independent way of characterizing policy objects. - Installation-dependent keywords for characterizing policy objects. Examples include ’ Engineering ’ , ’ Billing ’ , and ’ Review in December 2000 ’ . This MOF defines the following keywords: ’ UNKNOWN ’ , ’ CONFIGURATION ’ , ’ USAGE ’ , ’ SECURITY ’ , ’ SERVICE ’ , ’ MOTIVATIONAL ’ , ’ INSTALLATION ’ , and ’ EVENT ’ . These concepts are self-explanatory and are further discussed in the SLA/Policy White Paper. One additional keyword is defined: ’ POLICY ’ . The role of this keyword is to identify policy-related instances that may not be otherwise identifiable, in some implementations. The keyword ’ POLICY ’ is NOT mutually exclusive of the other keywords specified above. CIM_Policy
Property Caption Qualifiers Name Type Value From Class Description string The Caption property is a short textual description (one- line string) of the object. CIM_ManagedElement MaxLen uint32 64 CIM_ManagedElement
Property Description Qualifiers Name Type Value From Class Description string The Description property provides a textual description of the object. CIM_ManagedElement
Property ElementName Qualifiers Name Type Value From Class Description string A user-friendly name for the object. This property allows each instance to define a user-friendly name in addition to its key properties, identity data, and description information. Note that the Name property of ManagedSystemElement is also defined as a user-friendly name. But, it is often subclassed to be a Key. It is not reasonable that the same property can convey both identity and a user-friendly name, without inconsistencies. Where Name exists and is not a Key (such as for instances of LogicalDevice), the same information can be present in both the Name and ElementName properties. CIM_ManagedElement
Method Qualifiers
Parameters
Parameter Qualifiers