Class CIM_SANegotiationAction
extends CIM_SAAction

SANegotiationAction is the base class for negotiated SAs. It is abstract, specifying the common parameters that control the IPsec phase 1 and phase 2 negotiations.

Table of Contents
Hierarchy
Direct Known Subclasses
Class Qualifiers
Class Properties
Class Methods

Class Hierarchy

CIM_ManagedElement
   |
   +--CIM_Policy
   |
   +--CIM_PolicyAction
   |
   +--CIM_SAAction
   |
   +--CIM_SANegotiationAction

Direct Known Subclasses

CIM_IKEAction
CIM_IPsecAction

Class Qualifiers

NameData TypeValue
Abstractbooleantrue
DescriptionstringSANegotiationAction is the base class for negotiated SAs. It is abstract, specifying the common parameters that control the IPsec phase 1 and phase 2 negotiations.
MappingStringsstringIPSP Policy Model.IETF|SANegotiationAction, IPSP Policy Model.IETF|IKENegotiationAction
UMLPackagePathstringCIM::IPsecPolicy
Versionstring2.8.0

Class Properties

Local Class Properties

NameData TypeDefault ValueQualifiers
NameData TypeValue
IdleDurationSecondsuint640
DescriptionstringIdleDurationSeconds is the time an SA can remain idle (i.e., no traffic protected using the security association) before it is automatically deleted. The default (zero) value indicates that there is no idle duration timer and that the SA is deleted based upon the SA seconds and kilobyte lifetimes. Any non-zero value indicates the number of seconds that the SA may remain unused.
MappingStringsstringIPSP Policy Model.IETF|IKENegotiationAction.IdleDurationSeconds
ModelCorrespondencestringCIM_SecurityAssociationEndpoint.IdleDurationSeconds
PUnitstringsecond
UnitsstringSeconds
MinLifetimeKilobytesuint640
DescriptionstringMinLifetimeKilobytes prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in kilobytes, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum kilobytes lifetime. Note that there has been considerable debate regarding the usefulness of applying kilobyte lifetimes to phase 1 security associations, so it is likely that this property will only apply to the subclass, IPsecAction.
MappingStringsstringIPSP Policy Model.IETF|IKENegotiationAction.MinLifetimeKilobytes
ModelCorrespondencestringCIM_SecurityAssociationEndpoint.LifetimeKilobytes
PUnitstringbyte * 10^3
UnitsstringKiloBytes
MinLifetimeSecondsuint640
DescriptionstringMinLifetimeSeconds prevents certain denial of service attacks where the peer requests an arbitrarily low lifetime value, causing renegotiations with expensive Diffie-Hellman operations. The property specifies the minimum lifetime, in seconds, that will be accepted from the peer. A value of zero (the default) indicates that there is no minimum value. A non-zero value specifies the minimum seconds lifetime.
MappingStringsstringIPSP Policy Model.IETF|IKENegotiationAction.MinLifetimeSeconds
ModelCorrespondencestringCIM_SecurityAssociationEndpoint.LifetimeSeconds
PUnitstringsecond
UnitsstringSeconds

Inherited Properties

NameData TypeClass Origin
CaptionstringCIM_ManagedElement
CommonNamestringCIM_Policy
CreationClassNamestringCIM_PolicyAction
DescriptionstringCIM_ManagedElement
DoActionLoggingbooleanCIM_PolicyAction
DoPacketLoggingbooleanCIM_SAAction
ElementNamestringCIM_ManagedElement
Generationuint64CIM_ManagedElement
InstanceIDstringCIM_ManagedElement
PolicyActionNamestringCIM_PolicyAction
PolicyRuleCreationClassNamestringCIM_PolicyAction
PolicyRuleNamestringCIM_PolicyAction
SystemCreationClassNamestringCIM_PolicyAction
SystemNamestringCIM_PolicyAction
PolicyKeywordsstring[]CIM_Policy

Class Methods