SecurityPolicy

SecurityPolicy
SecurityPolicy
JSON Example
{
    "_last_modified": "string",
    "configpb_attributes": {
        "version": 0
    },
    "description": "string",
    "dns_amplification_denyports": {
        "match_criteria": "string",
        "ports": [
            0
        ],
        "ranges": [
            {
                "end": 0,
                "start": 0
            }
        ]
    },
    "dns_attacks": {
        "attacks": [
            {
                "attack_vector": "string",
                "enabled": false,
                "max_mitigation_age": 0,
                "mitigation_action": {
                    "deny": false
                },
                "threshold": 0
            }
        ],
        "oper_mode": "string"
    },
    "dns_policy_index": 0,
    "markers": [
        {
            "key": "string",
            "values": [
                "string"
            ]
        }
    ],
    "name": "string",
    "network_security_policy_index": 0,
    "oper_mode": "string",
    "tenant_ref": "string",
    "url": "string",
    "uuid": "string"
}
string
_last_modified
Optional

UNIX time since epoch in microseconds. Units(MICROSECONDS).

configpb_attributes
Optional

configpb_attributes

string
description
Optional

Security policy is used to specify various configuration information used to perform Distributed Denial of Service (DDoS) attacks detection and mitigation. Field introduced in 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

dns_amplification_denyports
Optional

dns_amplification_denyports

dns_attacks
Optional

dns_attacks

integer As uint32 As uint32
dns_policy_index
Required

Index of the dns policy to use for the mitigation rules applied to the dns attacks. Field introduced in 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

markers
Optional

List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.

string
name
Required

The name of the security policy. Field introduced in 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

integer As uint32 As uint32
network_security_policy_index
Required

Index of the network security policy to use for the mitigation rules applied to the attacks. Field introduced in 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
oper_mode
Optional
Constraints: default: DETECTION

Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. Field introduced in 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
tenant_ref
Optional

Tenancy of the security policy. It is a reference to an object of type Tenant. Field introduced in 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
url
Optional

url

string
uuid
Optional

The UUID of the security policy. Field introduced in 18.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.