Security Protocol List
A security protocol list is a collection of protocol names used when configuring next-generation firewall (NGFW) policies within policy groups.
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”policy_object_profile (sdwan.feature_profiles)
Section titled “policy_object_profile (sdwan.feature_profiles)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| security_protocol_lists | List | [security_protocol_lists] | No |
security_protocol_lists (sdwan.feature_profiles.policy_object_profile)
Section titled “security_protocol_lists (sdwan.feature_profiles.policy_object_profile)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[^&<>! "]{1,32}$ | Yes | |
| protocols | List | Choice[snmp, icmp, tcp, udp, echo, telnet, wins, n2h2server, nntp, pptp, rtsp, bootpc, gdoi, tacacs, gopher, icabrowser, skinny, sunrpc, biff, router, ircs, orasrv, ms-cluster-net, kermit, isakmp, sshell, realsecure, ircu, appleqtc, pwdgen, rdb-dbs-disp, creativepartnr, finger, ftps, giop, rsvd, hp-alarm-mgr, uucp, kerberos, imap, time, bootps, tftp, oracle, snmptrap, http, qmtp, radius, oracle-em-vp, tarantella, pcanywheredata, ldap, mgcp, sqlsrv, hsrp, cisco-net-mgmt, smtp, pcanywherestat, exec, send, stun, syslog, ms-sql-m, citrix, creativeserver, cifs, cisco-sys, cisco-tna, ms-dotnetster, gtpv1, gtpv0, imap3, fcip-port, netbios-dgm, sip-tls, pop3s, cisco-fna, 802-11-iapp, oem-agent, cisco-tdp, tr-rsrb, r-winsock, sql-net, syslog-conn, tacacs-ds, h225ras, ace-svr, dhcp-failover, igmpv3lite, irc-serv, entrust-svcs, dbcontrol_agent, cisco-svcs, ipsec-msft, microsoft-ds, ms-sna, rsvp_tunnel, rsvp-encap, hp-collector, netbios-ns, msexch-routing, h323, l2tp, ldap-admin, pop3, h323callsigalt, ms-sql, iscsi-target, webster, lotusnote, ipx, entrust-svc-hand, citriximaclient, rtc-pm-port, ftp, aol, xdmcp, oraclenames, login, iscsi, ttc, imaps, socks, ssh, dnsix, daytime, sip, discard, ntp, ldaps, https, vdolive, ica, net8-cman, cuseeme, netstat, sms, streamworks, rtelnet, who, kazaa, ssp, dbase, timed, cddbp, telnets, ymsgr, ident, bgp, ddns-v3, vqp, irc, ipass, x11, dns, lotusmtap, mysql, nfs, msnmsgr, netshow, sqlserv, hp-managed-node, ncp, shell, realmedia, msrpc, clp] | Yes |
Examples
Section titled “Examples”Example-1: This example illustrates the configuration of a security protocol list that includes the well-known protocols ICMP, TCP, and UDP.
sdwan: feature_profiles: policy_object_profile: security_protocol_lists: - name: sec_proto_list1 protocols: - icmp - tcp - udp