| Name | Data Type | Default Value | Qualifiers |
| Name | Data Type | Value |
| Granularity | uint16 | |
| Description | string | The property Granularity is an enumeration that specifies how the selector for the SA should be derived from the traffic that triggered the negotiation. Its values are:
1=Other; See the OtherGranularity property for more information
2=Subnet; The source and destination subnet masks are used
3=Address; The source and destination IP addresses of the triggering packet are used
4=Protocol; The source and destination IP addresses and the IP protocol of the triggering packet are used
5=Port; The source and destination IP addresses, IP protocol and the source and destination layer 4 ports of the triggering packet are used. |
| MappingStrings | string | IPSP Policy Model.IETF|IPsecAction.Granularity |
| ModelCorrespondence | string | CIM_IPsecAction.OtherGranularity |
| ValueMap | string | 1, 2, 3, 4, 5 |
| Values | string | Other, Subnet, Address, Protocol, Port |
| GroupId | uint16 | |
| Description | string | GroupId specifies the PFS group ID to use. This value is only used if PFS is True and UsePhase1Group is False. If the GroupID number is from the vendor-specific range (32768-65535), the VendorID qualifies the group number. Well-known group identifiers from RFC2412, Appendix E, are: Group 1='768 bit prime', Group 2='1024 bit prime', Group 3='Elliptic Curve Group with 155 bit field element', Group 4='Large Elliptic Curve Group with 185 bit field element', and Group 5='1536 bit prime'. |
| MappingStrings | string | IPSP Policy Model.IETF|IPsecAction.GroupID, RFC2412.IETF|Appendix E |
| ModelCorrespondence | string | CIM_IPsecAction.VendorID, CIM_IKESAEndpoint.GroupID |
| ValueMap | string | 0, 1, 2, 3, 4, 5, .., 0x8000.. |
| Values | string | No Group/Non-Diffie-Hellman Exchange, DH-768 bit prime, DH-1024 bit prime, EC2N-155 bit field element, EC2N-185 bit field element, DH-1536 bit prime, Standard Group - Reserved, Vendor Reserved |
| OtherGranularity | string | |
| Description | string | Description of the granularity when the value 1 ("Other") is specified for the property, Granularity. |
| ModelCorrespondence | string | CIM_IPsecAction.Granularity |
| UsePFS | boolean | |
| Description | string | UsePFS indicates whether perfect forward secrecy is required when refreshing keys. |
| MappingStrings | string | IPSP Policy Model.IETF|IPsecAction.UsePFS |
| ModelCorrespondence | string | CIM_IPsecSAEndpoint.PFSInUse |
| UsePhase1Group | boolean | |
| Description | string | UsePhase1Group indicates that the phase 2 GroupId should be the same as that used in the phase 1 key exchange. If UsePFS is False, then this property is ignored. Note that a value of False indicates that the property GroupId will contain the key exchange group to use for phase 2. |
| MappingStrings | string | IPSP Policy Model.IETF|IPsecAction.UseIKEGroup |
| VendorID | string | |
| Description | string | The property VendorID is used together with the property GroupID (when it is in the vendor-specific range) to identify the key exchange group. VendorID is ignored unless UsePFS is true, AND UsePhase1Group is False, AND GroupID is in the vendor-specific range (32768-65535). |
| MappingStrings | string | IPSP Policy Model.IETF|IPsecAction.VendorID |
| ModelCorrespondence | string | CIM_IPsecAction.GroupId, CIM_IKESAEndpoint.VendorID |