manualshive.com logo in svg

Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1, Руководство пользователя

Руководство API Juniper NETWORK AND SECURITY MANAGER 2010.4 - это бесплатный мануал, который поможет вам лучше понять функционал данного продукта. Вы можете скачать его с нашего сайта manualshive.com и получить всю необходимую информацию для эффективного использования устройства.

Поделиться
Скачать
background image

Table 11: NSM Policy Data Elements

(continued)

Description

Data Element

Reference of the multicast rulebase. Multicast rule data elements are included in a security policy.
For more information, see “Multicast (rb_multicast_collection)” on page 43.

multicast

Reference of the IDP rulebase, Idp rule data elements are included in a security policy. For more
information, see “IDP (rb_idp_collection)” on page 39.

idp

Reference of the Exempt rulebase. Exempt rule data elements are included in a security policy. For
more information, see “Exempt (rb_exempt_collection)” on page 30.

exempt

Reference of the backdoor rulebase. Backdoor rule data elements are included in a security policy.
For more information, see “Backdoor (rb_backdoor_collection)” on page 25.

backdoor

Network Honeypot (portfaker) rulebase. These data elements are included in a security policy. For
more information, see “Traffic Anomalies (rb_tsig_collection)” on page 48.

portfaker

Reference of the SYN Protector rulebase, These data elements are included in a security policy. For
more information, see “SYN Protector (rb_syndef_collection)” on page 45.

syndef

Traffic Anomalies rulebase. These data elements are included in a security policy. For more
information, see “Traffic Anomalies (rb_tsig_collection)” on page 48.

tsig

Security Rulebases

NSM security policies are configured by applying rules that are grouped into rulebases.
Each rulebase can contain one or more rules, which are statements that define specific
types of network traffic. When traffic passes through a security device, the device attempts
to match that traffic against its list of rules. If a rule is matched, the device performs the
action defined in the rule against the matching traffic. Zone rules enable traffic to flow
between zones (interzone) or between two interfaces bound to the same zone (intrazone).
Global rules are valid across all zones available on the device. Security devices process
rules in the zone-specific rulebase first, and then rules in the global rulebase.

The NSM API data model supports the security policy rulebases summarized in the
following sections.

Backdoor (rb_backdoor_collection)

The backdoor rulebase collection (rb_backdoor_collection) contains rules that enable
NSM to detect attempted backdoor intrusions. A backdoor is a mechanism installed on
a host computer that enables unauthorized access to the system. Attackers who have
already compromised a system can install a backdoor to make future attacks easier.
When attackers type commands to control a backdoor, they generate interactive traffic.
Unlike antivirus software, which scans for known backdoor files or executables on the
host system, IDP detects the interactive traffic that is produced when backdoors are
used. If interactive traffic is detected, IDP can perform IP actions against the connection
to prevent the attacker from further compromising your network.

25

Copyright © 2010, Juniper Networks, Inc.

Chapter 5: Security Data Model

Содержание NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1

Страница 1: ...Juniper Networks Network and Security Manager API Guide Release 2010 4 Published 2010 11 17 Revision 1 Copyright 2010 Juniper Networks Inc...

Страница 2: ...of the GateD software copyright 1988 Regents of the University of California All rights reserved Portions of the GateD software copyright 1991 D L S Associates This product includes software develope...

Страница 3: ...re physically contained on a single chassis c Product purchase documents paper or electronic user documentation and or the particular licenses purchased by Customer may specify limits to Customer s us...

Страница 4: ...ATE WITHOUT ERROR OR INTERRUPTION OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK In no event shall Juniper s or its suppliers or licensors liability to Customer whether in contract tort inclu...

Страница 5: ...ree years from the date of distribution Such request can be made in writing to Juniper Networks Inc 1194 N Mathilda Ave Sunnyvale CA 94089 ATTN General Counsel You may obtain a copy of the GPL at http...

Страница 6: ...Copyright 2010 Juniper Networks Inc vi...

Страница 7: ...ric Service XML Subtree Filter 8 Data Centric Service Operations 9 Job Service API 11 Log Service API 13 Part 2 API Data Types Chapter 3 Data Objects 17 API Data Objects 17 Chapter 4 Common Message Da...

Страница 8: ...NSM API 81 Login and Logout 81 Chapter 8 Using the API to Manage Shared Objects 83 Using the Perl Client Library with Address Objects 83 Add Address Objects 83 Replace an Address Object 85 Rename Add...

Страница 9: ...Update a List of Devices 113 Get a Configuration Summary 113 Get a Running Configuration 114 Get the Delta Configuration 115 Cancel a Job Request 115 Chapter 13 Using APIs for Device Management 117 R...

Страница 10: ...Copyright 2010 Juniper Networks Inc x Network and Security Manager 2010 4 API Guide...

Страница 11: ...igure 8 Firewall Rulebase 33 Figure 9 Firewall policy_type 34 Figure 10 IDP Rulebase 40 Figure 11 Multicast Rulebase 44 Figure 12 SYN Protector Rulebase 46 Figure 13 Traffic Anomalies Rulebase 49 Figu...

Страница 12: ...Copyright 2010 Juniper Networks Inc xii Network and Security Manager 2010 4 API Guide...

Страница 13: ...Security Data Model 23 Table 11 NSM Policy Data Elements 24 Table 12 Backdoor Rulebase Data Elements 27 Table 13 Exempt Rulebase Data Elements 31 Table 14 Firewall Data Elements 35 Table 15 IDP Ruleb...

Страница 14: ...Table 28 Global MIP Data Elements 69 Table 29 Global VIP Data Elements 70 Table 30 URL Filter Data Collection 71 Copyright 2010 Juniper Networks Inc xiv Network and Security Manager 2010 4 API Guide...

Страница 15: ...elopers and network administrators who configure and monitor Juniper Networks DMI and non DMI compliant device routing platforms Customers with technical knowledge of networks and the Internet Network...

Страница 16: ...cal Objects Indicates navigation paths through the UI by clicking menu options and links The angle bracket Table 2 on page xvi defines syntax conventions used in this guide Table 2 Syntax Conventions...

Страница 17: ...ation and management It also explains how to configure basic and advanced NSM functionality including deploying new device configurations managing security policies and VPNs and general device adminis...

Страница 18: ...net Download the latest versions of software and review release notes http www juniper net customers csc software Search technical bulletins for relevant hardware and software notifications https www...

Страница 19: ...Security Manager NSM Application Programming Interface API with a brief overview summary of the required client environment list of the component APIs and examples Overview on page 3 NSM API Operatio...

Страница 20: ...Copyright 2010 Juniper Networks Inc 2 Network and Security Manager 2010 4 API Guide...

Страница 21: ...guage WSDL supported by a range of development tools You can use a third party SOAP development tool to generate programming language objects and stubs from the WSDL that specifies the message schema...

Страница 22: ...from problems with application level data on the client side or on the server side The request is missing a required field In this case the request is not sent out from the client side The request is...

Страница 23: ...This complexType data has the following sequence ErrorNumber Unique number that identifies the particular error condition type unsignedInt This data element is only used by the server ErrorMessage Bri...

Страница 24: ...Copyright 2010 Juniper Networks Inc 6 Network and Security Manager 2010 4 API Guide...

Страница 25: ...rvice API WSDL on page 129 Table 5 System Service API Operations Description Operation Log into NSM server Request domainName Domain supplied during login The user logs in to this domain NOTE Use glob...

Страница 26: ...ccess requests retrieves the data from NSM conducts any necessary transformations and sends the transformed data back as responses This section introduces the XML subtree filter used with the service...

Страница 27: ...be applied to the result type ObjectFilterType metadataOnly If true only the metadata is returned Otherwise the entire object is returned Response object GetObjectDependentRequest Gets objects in one...

Страница 28: ...ectLockStatus UnlockObjectRequest Modifies the object All commands in the request are executed in one transaction ModifyObjectViewRequest supports the following operations Update Node Insert node befo...

Страница 29: ...edInt objectFilter Filter to be applied to the result type ObjectFilterType Response object ResolveObjectReferenceRequest Job Service API The Job Service API processes command directives to configure...

Страница 30: ...Name Name of the job scheduleTime Time when the job will run If not specified the job will run immediately jobArgs List of the devices to which the job applies Response JobResponseType status Job stat...

Страница 31: ...nName Name of the domain associated with the job domainId ID of the domain jobName Name of the job Response JobResponseType status Job status jobName Name of the job response Response to the job GetJo...

Страница 32: ...a that triggers the log Request dayId Identifier for the day recordNum Record number Response numPackets Number of packets returned triggerPacket Packet triggering the log event data Log data GetPacke...

Страница 33: ...PART 2 API Data Types Data Objects on page 17 Common Message Data Types on page 21 Security Data Model on page 23 15 Copyright 2010 Juniper Networks Inc...

Страница 34: ...Copyright 2010 Juniper Networks Inc 16 Network and Security Manager 2010 4 API Guide...

Страница 35: ...identified by a tuple domain category object id The XML representation of the data objects conforms to the XML schemas illustrated later in this chapter Objects are referenced by name or ID Reference...

Страница 36: ...exType data code base64Binary element has one value attribute name dataFormat type DataFormatType OpaqueDataType This complexType data code has the following sequence domainId ID of the domain type un...

Страница 37: ...ata code has the following sequence subCategory Subcategory under category type string data Subobject data type OpaqueDataType SubObjectDataType This complexType data code has the following sequence o...

Страница 38: ...s complexType data code has the following sequence ConversationId Identifier for the message conversation type string UserSessionContext Describes the context of the user session type anyType AuditLog...

Страница 39: ...impleResponseType Data Types on page 21 SimpleRequestType and SimpleResponseType Data Types The frequently used data types SimpleRequestType and SimpleResponseType are illustrated in Figure 3 on page...

Страница 40: ...ollowing sequence ConversationContext Context of the message conversation type ConversationContextType AuthToken Token returned for the simple request type AuthTokenType SimpleRequestType Base type de...

Страница 41: ...age 25 Service service_collection on page 54 Address address_collection_type on page 56 Schedule Object scheduleobj_collection_type on page 57 Attack attack_collection on page 58 Antivirus avobj_colle...

Страница 42: ...er pre policy mompost central manager post policy accesstype Optional Effective start date for the NSM security policy createFrom Collection of references of rulebases For more information see Securit...

Страница 43: ...ch rulebase can contain one or more rules which are statements that define specific types of network traffic When traffic passes through a security device the device attempts to match that traffic aga...

Страница 44: ...destination and any interactive services that can be installed and used by attackers For configuration procedures see the NSM Online Help and the NSM Administrator s Guide The data elements in the bac...

Страница 45: ...or Rulebase Data Elements Description Data Element Name of the backdoor rule type string name_ Collection of all sets of rules rules_collection Collection of all rules rules 27 Copyright 2010 Juniper...

Страница 46: ...u to determine which rules are on specific devices preferred id Comments about the backdoor rules comments Rule group name rb link Custom options customOptions_collection Collection enabled enabled Th...

Страница 47: ...hoose an action to perform if backdoor traffic is detected op If this parameter is enabled the API logs an attack and creates log records with attack information You can display this information real...

Страница 48: ...the IDP rulebase Before you create exempt rules you must create rules in the IDP rulebase If traffic matches a rule in the IDP rulebase IDP attempts to match the traffic against the rules in the exem...

Страница 49: ...ement Name of the exempt type name_ Collection of all sets of rules rules_collection Collection of all rules rules Row count per rule in the collection rowcountperrule_collection Next preferred ID nex...

Страница 50: ...Negates the specified destination address dst_addr_negate Exempt type service service The attacks that IDP will exempt for the specified source destination address You must include at least one attach...

Страница 51: ...s A security policy can contain two firewall rulebases zone specific and global The data elements in the firewall rulebase are illustrated and described in Figure 8 on page 33 Figure 9 on page 34 and...

Страница 52: ...Figure 9 Firewall policy_type Copyright 2010 Juniper Networks Inc 34 Network and Security Manager 2010 4 API Guide...

Страница 53: ...of the traffic source src_addr_collection Negates the specified source negate_src All VIPs Boolean dst all vip Destination address for the traffic dst_addr_collection Negates the specified destination...

Страница 54: ...ough the Web UI or CLI the rule appears as an individual policy The individual policy on the device has the same ID as the rule in the management system enabling you to determine which rules are on sp...

Страница 55: ...esponds with a login prompt After the remote user provides a user name and password NSM attempts to authenticate the user credentials If authentication succeeds NSM permits the remote user to establis...

Страница 56: ...MGCP_UA PPTP RSH SCCP AIM YMSG SMB MSN NBNAME NBDS NAS NONE No application specified default application Security devices running ScreenOS 5 3 or later support Deep Inspection A Deep Inspection DI Pro...

Страница 57: ...P rb_idp_collection The IDP rb_idp_collection rulebase includes IDP rules that protect your network from attacks by using attack objects to identify malicious activity and take action When you create...

Страница 58: ...Figure 10 IDP Rulebase Copyright 2010 Juniper Networks Inc 40 Network and Security Manager 2010 4 API Guide...

Страница 59: ...y The individual policy on the device has the same ID as the rule in the management system enabling you to determine which rules are on specific devices preferred id Rule group name rb link The source...

Страница 60: ...for detecting attacks attacks Enables and configures an IP action to prevent future malicious connections from the attacker s IP address ipaction Deep inspection alert log log This parameter configur...

Страница 61: ...rity devices do not permit multicast control traffic such as IGMP and PIM SM messages to cross security devices However you can secure device multicast control traffic through access lists You can cre...

Страница 62: ...tion Collection of row count per rules rowcountperrule_collection Marks the start point for the zone in which to use the device useDeviceZoneFrom Marks the end point for the zone in which to use the d...

Страница 63: ...translates the original multicast group address to another address that you specified dst group The rule applies to this type of multicast control traffic message_type Bi directional policy bi directi...

Страница 64: ...Protector rules rb_syndef Name of SYN Protector rule name_ Collection of all sets of rules rules_collection Row count per rule in the collection rowcountperrule_collection Collection of all rules rul...

Страница 65: ...tablished mode Severity of the attack Within the IDP rulebase you can override the ordinary attack severity on a per rule basis Possible settings Default Info Warning Minor Major Critical severity You...

Страница 66: ...multiple security devices on which to install the rule target_collection Traffic Anomalies rb_tsig_collection The traffic anomalies rb_tsig_collection rulebase protect your network from attacks by us...

Страница 67: ...ts Description Data Element Traffic anomalies rules rb_tsig Name of the traffic rule collection name_ Collection of all sets of rules rules_collection Row count per rule in the collection rowcountperr...

Страница 68: ...recording the count of unique IP addresses and a time interval during which the IDP Sensor records count of that number of number of distributed addresses or ports For example the IP Count is 4 and th...

Страница 69: ...must create VLAN objects before applying them to the rules Rules with this value set cannot be sent to devices that do not support VLAN tagging vlan Severity of the attack Within the IDP rulebase you...

Страница 70: ...t Network honeypot portfaker rules rb_portfaker Name of the portfaker type name_ Collection of all sets of rules rules_collection Row count per rule in the collection rowcountperrule_collection Collec...

Страница 71: ...he log This can include configuring SNMP Syslog CSV XML script and e mail settings log actions This parameter configures a rule that only applies to messages in specified VLANs The possible settings a...

Страница 72: ...multiple security devices on which to install the rule target_collection Service service_collection The service collection service_collection defines services These services represent the types of IP...

Страница 73: ...See Address address_collection_type on page 56 Table 20 Service Collection Data Elements Description Data Element Service rule collection service Name of the service name_ Service type service Group g...

Страница 74: ...ons Address address_collection_type The address collection address_collection_type enables you to work with addresses Addresses are the workstations routers switches subnetworks and other components t...

Страница 75: ...host network or group type Comments about the address collection comment Schedule Object scheduleobj_collection_type The schedule object collection scheduleobj_collection_type enables you to work with...

Страница 76: ...n once_enabled Enabled for recurrent use recurrent_enabled One time schedule type once Recurrent collection recurrent_collection Comments about the scheduler type comment Attack attack_collection The...

Страница 77: ...the object type compound attack object protocol anomaly object and signature of the attack The signature can provide information about the protocol and context used to perpetrate the attack whether o...

Страница 78: ...These data elements are described in Table 23 on page 61 Copyright 2010 Juniper Networks Inc 60 Network and Security Manager 2010 4 API Guide...

Страница 79: ...lse positives false positives_collection Direction collection direction_collection User defined services See Service service_collection on page 54 service_collection Attack category category Keywords...

Страница 80: ...modified Operating system operating system Version ID versions_collection Member list supercedes_collection Antivirus avobj_collection The Antivirus collection avobj_collection enables you to configu...

Страница 81: ...e of the antivirus type name_ Antivirus type av Comments about the Antivirus type comment Anitvirus source source All antivirus types all All of the object sequence collection obj_seq_collection Scan...

Страница 82: ...TP http GTP gtpobj_collection_type The GPRS Tunneling Protocol GTP collection gtp_collection enables you to configure your security policies to handle GTP traffic These data elements are illustrated a...

Страница 83: ...Figure 19 GTP Collection Table 25 GTP Collection Data Elements Description Data Element GTP object gtpobj 65 Copyright 2010 Juniper Networks Inc Chapter 5 Security Data Model...

Страница 84: ...e length GNS limit limit Inactivity period after which a session is removed from a security device Possible values never no timeout default default period of time user defined user defined inactivity...

Страница 85: ...Data Elements Description Data Element DI Profile collection DIProfile Name of the DI Profile type name_ DI Severity di severity Sign category associated with the DIProfile type sigcategory Profile s...

Страница 86: ...l DIP collection comment Global DIP source type source Type of Global DIP type Deep inspection profile collection dip_collection Global MIP globalmpi_collection The Global Mapping IP MIP collection gl...

Страница 87: ...ent Global MIP source type source Type of Global MIP type MIP mip_collection Global VIP globalvip_collection The Global VIP collection globalvip_collection data elements represent various global virtu...

Страница 88: ...IP source type source Type of Global VIP type VIP vip_collection URL Filter Object urlfilter_collection The URL Filter Object collection urlfilter_collection data elements represent various URL filter...

Страница 89: ...type name_ Predefined web filter source source Predefined Web profile predefined Web profile urlfilter Name of the URL profile type name_ Type of URL filter object type Comments about the URL filter...

Страница 90: ...Filter Data Collection continued Description Data Element Action for all other URLs other Members categories members_collection Copyright 2010 Juniper Networks Inc 72 Network and Security Manager 2010...

Страница 91: ...Client environment use the client to access the NSM API and use the API to manage shared objects Installing the Perl Client Environment on page 75 Using the Perl Client to Access the NSM API on page 8...

Страница 92: ...Copyright 2010 Juniper Networks Inc 74 Network and Security Manager 2010 4 API Guide...

Страница 93: ...version 5 8 8 Perl is available free at http www activestate com Products activeperl index mhtml openssl installed under usr To install the client environment on a Linux Unix machine 1 Launch cpan as...

Страница 94: ...cpan Do one of the following Execute the cpan program cpan Run the perl MCPAN e shell perl MCPAN e 2 Update cpan accepting all defaults cpan 1 install cpan 3 Install YAML install YAML 4 Install the C...

Страница 95: ...bi_method https my nbi_uri axis2 services my jp_url http juniper net webproxy if defined main ACTIVE_SERVER if scalar main NSM_SERVERS 0 print Couldn t connect to any NSM Servers n exit 1 else main AC...

Страница 96: ...quest apiLogin my loginStatus response valueof Body LoginResponse loginStatus status if loginStatus eq Success main LOGIN_TOKEN response valueof Body LoginResponse authToken Token elsif loginStatus eq...

Страница 97: ...NOTE If you are using NSMXpress the API client must connect to the TCP Port 443 79 Copyright 2010 Juniper Networks Inc Chapter 6 Installing the Perl Client Environment...

Страница 98: ...Copyright 2010 Juniper Networks Inc 80 Network and Security Manager 2010 4 API Guide...

Страница 99: ...ary is located in the directory NSROOT GuiVar webproxy clienton NSM server Login and Logout on page 81 Login and Logout Enter the following commands to log into and log out of the Perl Client Library...

Страница 100: ...Copyright 2010 Juniper Networks Inc 82 Network and Security Manager 2010 4 API Guide...

Страница 101: ...ress Objects on page 83 Using the Perl Client Library with Service Objects on page 87 Using the Perl Client Library with Device Objects on page 91 Using the Perl Client Library with Address Objects Yo...

Страница 102: ...ECT_NAME Network i IP 100 100 10 0 MASK 30 COLOR blue put_log WARN msg Error while adding Network objects unless result Add Multicast Enter result address addMulticastObjects OBJECT_NAME Multicast i I...

Страница 103: ...1 Log into the Perl client 2 Replace the object Enter for my i 1 i 10 i result address replaceHostObjects OBJECT_NAME Foo i DOMAIN spglab juniper net COLOR green put_log WARN msg Error while replacing...

Страница 104: ...ts unless result while my hash shift values put_log INFO msg Result hash OBJECT_ID hash OBJECT_NAME hash DOMAIN hash ZONE result values client getGroupObjects OBJECT_NAME New Group 1 New Group 2 put_l...

Страница 105: ...t 6 put_log WARN msg Error while deleting Multicast objects unless result 3 Log out Delete All Address Objects This section shows how to delete all address objects To delete all address objects 1 Log...

Страница 106: ...addServiceObjects OBJECT_NAME Service 1 APPLICATION FTP GROUP_MEMBERS members members NOT_ICMP PROTOCOL UDP PROTOCOL TCP SRC_TYPE specific DST_TYPE specific PROTOCOL IGMP SRC_TYPE specific string DST...

Страница 107: ...e addGroupObjects OBJECT_NAME Group 2 GROUP_MEMBERS members members BGP EGP result service addGroupObjects OBJECT_NAME Group 3 GROUP_MEMBERS members result service addGlobalObjects OBJECT_NAME Poly 1...

Страница 108: ...ile my key val each hashref put_log INFO msg key t val result values service getGroupObjects OBJECT_NAME Group 1 Group 2 Group 3 while my hash shift values put_log INFO msg Result hash OBJECT_ID hash...

Страница 109: ...shows how to use the Perl Client Library to delete all Group Global service objects To delete all service objects 1 Log into the Perl client 2 Delete the object Enter my result service deleteAllObject...

Страница 110: ...E init SOAP connect 3 Read the object Enter my result values device getDeviceObjects OBJECT_NAME sweepea droopy while my hash shift values print n n while my key val each hash put_log INFO msg KEY key...

Страница 111: ...es generated by Axis2 This sample code is also located in the directory NSROOT GuiVar lib webproxy client on the NSM server Using APIs for Authentication on page 95 Using APIs for Policy Management on...

Страница 112: ...Copyright 2010 Juniper Networks Inc 94 Network and Security Manager 2010 4 API Guide...

Страница 113: ...perties null webDir System getProperty WEBDIR if webDir null webDir System getProperty user dir File separator System err println WEBDIR is not defined using the default one webDir File argsCandidate...

Страница 114: ...serverUrl axis2 services SystemService LoginRequest loginRequest new LoginRequest loginRequest setUserName super loginRequest setDomainName global loginRequest setPassword netscreen LoginResponseType...

Страница 115: ...ides Data Centric Service API sample code that creates a new policy testPolicyInsert xml xml version 1 0 encoding UTF 8 nsmpolicy name_ test100 name_ accesstype regular accesstype rulebases firewall 1...

Страница 116: ...xml File rbFile new File webDir File separator pathOfInput Input testRuleBaseFirewallInsert xml System out println Running testInsertNsmPolicyObject creates an object of ModifyObjectViewRequest Modify...

Страница 117: ...ert the policy request addCommand insertRulebaseCmd request addCommand modifyCmd invokes the service ModifyObjectViewResponse response stub ModifyObjectViewRequest request print response assertTrue re...

Страница 118: ...quest addCommand modifyCmd invokes the service ModifyObjectViewResponse response DataCentricServiceTest stub ModifyObjectViewRequest request print response assertTrue response getStatus StatusCodeType...

Страница 119: ...n e e printStackTrace Get a List of Policies This Data Centric Service API code sample gets a list of all policies in one domain Gets all the policy objects in one domain p public void testGetAllPolic...

Страница 120: ...olicy to a Device This Data Centric Service API code sample assigns a policy Prerequisite there is a device with id 2 there is a policy with name test public void testAssignPolicy2Device try System ou...

Страница 121: ...e response getStatus StatusCodeType Success catch Exception e e printStackTrace Remove a Policy Assignment This Data Centric Service API code sample removes a policy assignment from a device Prerequis...

Страница 122: ...eleteNode nsmpolicy id updateObject setObjectModification new ObjectModificationType updateObject getObjectModification addModification nodeModificationType request addCommand modifyCmd invokes the se...

Страница 123: ...shows how to insert a shared object The following XML documentation is the input for the Data Centric Service API sample code testAddressInsert xml xml version 1 0 encoding UTF 8 address name_ AddrA n...

Страница 124: ...ssFile StAXOMBuilder builder new StAXOMBuilder parser OMElement ome builder getDocumentElement insertObject setObjecData new ObjectDataType insertObject getObjecData setData this createOpaqueDataType...

Страница 125: ...bjectId setObjectIdOrName objIdOrName ReplaceObjectViewType replaceObject new ReplaceObjectViewType reads the new address in XML format from the file testAddressReplace xml XMLInputFactory xmlInputFac...

Страница 126: ...bject request addCommand modifyCmd ModifyObjectViewResponse response DataCentricServiceTest stub ModifyObjectViewRequest request assertTrue response getStatus StatusCodeType Success catch Exception e...

Страница 127: ...ect p Prerequisite An address object has been added in NSM public void testGetAddressObject try System out println Running testGetAddressObject GetObjectViewByIdRequest request new GetObjectViewByIdRe...

Страница 128: ...Copyright 2010 Juniper Networks Inc 110 Network and Security Manager 2010 4 API Guide...

Страница 129: ...est jobStatusRequest new GetJobStatusRequest jobStatusRequest setAuthToken authToken jobStatusRequest setDomainId jobArgs getDomainId jobStatusRequest setJobName jobName JobStatusType jobStatus null w...

Страница 130: ...eviceRequest try File importDeviceInput new File webDir File separator pathOfInput Input testImportDevice txt BufferedReader reader new BufferedReader new InputStreamReader new FileInputStream importD...

Страница 131: ...est updateDeviceRequest JobResponseType jobResponse updateResponse getJobResponse StatusCodeType opStatus updateResponse getStatus String jobID jobResponse getJobName String status jobResponse getStat...

Страница 132: ...runningConfigInput new File webDir File separator pathOfInput Input testRunningConfig txt BufferedReader reader new BufferedReader new InputStreamReader new FileInputStream runningConfigInput GetRunn...

Страница 133: ...gRequest setAuthToken authToken GetDeltaConfigResponse deltaConfigResponse stub GetDeltaConfigRequest getDeltaConfigRequest JobResponseType jobResponse deltaConfigResponse getJobResponse StatusCodeTyp...

Страница 134: ...getStatus String jobID jobResponse getJobName String status jobResponse getStatus toString System out println JobName jobID opStatus opStatus status status assertTrue opStatus StatusCodeType Success C...

Страница 135: ...e Device List in One Domain This Data Centric Service API code sample retrieves a list of devices in one domain Gets the IP addresses and the interfaces of all devices in one domain public void testGe...

Страница 136: ...equest setObjectFilter filter invokes the service GetObjectViewByCategoryResponse response DataCentricServiceTest stub GetObjectViewByCategoryRequest request System out println Status response getStat...

Страница 137: ...TE In these WSDL files the expression nbi refers to the API This part contains the following chapters Job Service API WSDL on page 121 System Service API WSDL on page 129 Data Centric API WSDL on page...

Страница 138: ...Copyright 2010 Juniper Networks Inc 120 Network and Security Manager 2010 4 API Guide...

Страница 139: ...Namespace http juniper net webproxy JobService wsdl types xs schema version 1 0 elementFormDefault qualified targetNamespace http juniper net webproxy JobService xmlns http juniper net webproxy JobSer...

Страница 140: ...IMIT xs enumeration value UNKNOWN xs restriction xs simpleType xs complexType name JobResponseType xs sequence xs element name status type impl JobStatusType xs element name jobName type xs string xs...

Страница 141: ...iguration summarization to be sent to the managed device during the next device update xs documentation xs annotation xs complexType xs complexContent xs extension base core SimpleRequestType xs seque...

Страница 142: ...ignedInt xs element name jobName type xs string xs sequence xs extension xs complexContent xs complexType xs element xs element name CancelJobResponse xs complexType xs complexContent xs extension bas...

Страница 143: ...s complexType xs element xs element name GetJobStatusResponse xs complexType xs complexContent xs extension base core SimpleResponseType xs sequence xs element name jobStatus type impl JobResponseType...

Страница 144: ...t wsdl part name GetConfigSummaryRequest element impl GetConfigSummaryRequest wsdl message wsdl message name GetConfigSummaryResponse wsdl part name GetConfigSummaryResponse element impl GetConfigSumm...

Страница 145: ...l operation name GetDeltaConfigRequest wsdl input message impl GetDeltaConfigRequest wsdl output message impl GetDeltaConfigResponse wsdl operation wsdl operation name GetJobResultRequest wsdl input m...

Страница 146: ...ltaConfigRequest input soap body use literal input output soap body use literal output wsdl operation wsdl operation name GetJobResultRequest soap operation soapAction urn GetJobResultRequest input so...

Страница 147: ...lementFormDefault qualified targetNamespace http juniper net webproxy systemservice xmlns http juniper net webproxy systemservice xmlns core http juniper net core xmlns impl http juniper net webproxy...

Страница 148: ...oginStatus xs element name authToken type core AuthTokenType minOccurs 0 xs sequence xs extension xs complexContent xs complexType xs element name LoginResponse type impl LoginResponseType xs element...

Страница 149: ...eType xs sequence xs element name serviceDesc type impl ServiceDescType minOccurs 0 maxOccurs unbounded xs element name domainName type xs string maxOccurs unbounded xs element name domainId type xs u...

Страница 150: ...tType wsdl binding name SystemSoapBinding type impl SystemPortType soap binding style document transport http schemas xmlsoap org soap http wsdl operation name LoginRequest soap operation soapAction u...

Страница 151: ...em binding impl SystemSoapBinding soap address location http localhost 8080 axis2 services SystemService wsdl port wsdl service wsdl definitions 133 Copyright 2010 Juniper Networks Inc Chapter 15 Syst...

Страница 152: ...Copyright 2010 Juniper Networks Inc 134 Network and Security Manager 2010 4 API Guide...

Страница 153: ...ns1 http schemas xmlsoap org soap encoding name DataCentricService targetNamespace http juniper net webproxy datacentricservice wsdl types schema xmlns http www w3 org 2001 XMLSchema targetNamespace...

Страница 154: ...ce element name objectIdentifier type core ObjectIdentifierType maxOccurs unbounded element name objectModification type core ObjectModificationType sequence complexType complexType name ModifyViewCom...

Страница 155: ...id objectIdentifier the id of the object to be retrieved dbVersionId the version of the data respository objectFilter the filter to be applied on the result view the transformation of the object the d...

Страница 156: ...on complexContent complexType element element name ResolveObjectReferenceResponse complexType complexContent extension base core SimpleResponseType sequence element name object type core ObjectType ma...

Страница 157: ...rmation is applied on the object property the parameters of the transformation documentation annotation complexType complexContent extension base core SimpleRequestType sequence element name simpleQue...

Страница 158: ...element name modification type core ModificationResponseType minOccurs 0 maxOccurs unbounded sequence extension complexContent complexType element element name LockObjectViewRequest complexType comple...

Страница 159: ...Request element impl ModifyObjectViewRequest wsdl message wsdl message name ModifyObjectViewResponse wsdl part name ModifyObjectViewResponse element impl ModifyObjectViewResponse wsdl message wsdl mes...

Страница 160: ...n name ResolveObjectReferenceRequest wsdl input message ns ResolveObjectReferenceRequest wsdl output message ns ResolveObjectReferenceResponse wsdl operation wsdl operation name QueryObjectViewRequest...

Страница 161: ...eration wsdl operation name QueryObjectViewRequest soap operation soapAction urn QueryObjectViewRequest input soap body use literal input output soap body use literal output wsdl operation wsdl operat...

Страница 162: ...schemas of the data to be transformed are specified in the seperate documentation documentation wsdl port name DataCentric binding ns DataCentricSoapBinding soap address location csp nbiservice nsm s...

Страница 163: ...LSchema xmlns core http juniper net core targetNamespace http juniper net webproxy logservice name LogService wsdl types xs schema xmlns http www w3 org 2001 XMLSchema elementFormDefault qualified tar...

Страница 164: ...put message ns GetPacketDataRequest wsdl output message ns GetPacketDataResponse wsdl operation wsdl portType wsdl binding name LogSoapBinding type ns LogPortType soap binding style document transport...

Страница 165: ...PART 6 Index Index on page 149 147 Copyright 2010 Juniper Networks Inc...

Страница 166: ...Copyright 2010 Juniper Networks Inc 148 Network and Security Manager 2010 4 API Guide...

Страница 167: ...30 vlan 29 C CommonDataTypes xsd 4 customer support xvii contacting JTAC xvii D Data Centric API 97 GetObjectDependentRequest 9 GetObjectViewByCategoryRequest 9 GetObjectViewByIdRequest 10 LockObjectR...

Страница 168: ...n 41 enabled 41 ipaction 42 log 42 log actions 42 preferred id 41 rb link 41 ruleno 41 service 41 seslog 42 severity 42 src_addr_collection 41 src_addr_negate 41 src_zone_collection 41 target_collecti...

Страница 169: ...41 service object 28 rulebases backdoor 25 exempt 30 firewall 33 IDP 39 multicast 43 rules 25 SYN protector 45 S security policy rulebases 25 SOAP HTTPS 3 subtree filter attribute matching expressions...

Страница 170: ...X XML schema 3 subtree filter 8 See also subtree filter XSD 3 definition files 23 Copyright 2010 Juniper Networks Inc 152 Network and Security Manager 2010 4 API Guide...

Отзывы:

Нет отзывов

Похожие инструкции для NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1

VeriFone GemStall User Manual preview
GemStall
Бренд: VeriFone Страницы: 25
MACROMEDIA CONTRIBUTE 3-CONTRIBUTE PUBLISHING SERVER Manual preview
CONTRIBUTE 3-CONTRIBUTE PUBLISHING SERVER
Бренд: MACROMEDIA Страницы: 30
Xerox LaserWriter 8.x driver User Manual preview
LaserWriter 8.x driver
Бренд: Xerox Страницы: 12
Amazon VBA Manual preview
VBA
Бренд: Amazon Страницы: 60
Altigen AltiContact Manager Version 5.0 Administration Manual preview
AltiContact Manager Version 5.0
Бренд: Altigen Страницы: 542
Microtek ScanWizard Pro Reference Manual preview
ScanWizard Pro
Бренд: Microtek Страницы: 177
NeatWorks NeatWorks For Mac Using Manual preview
NeatWorks For Mac
Бренд: NeatWorks Страницы: 33
Native Instruments Scarbee Clavinet & Piano User Manual preview
Scarbee Clavinet & Piano
Бренд: Native Instruments Страницы: 24
Adobe ILLUSTRATOR CS2 12.0.1 Manual preview
ILLUSTRATOR CS2 12.0.1
Бренд: Adobe Страницы: 6
Adobe 22011302 Manual preview
22011302
Бренд: Adobe Страницы: 8
Adobe 38043740 - ColdFusion Standard - Mac Manual preview
38043740 - ColdFusion Standard - Mac
Бренд: Adobe Страницы: 87
Adobe 38039927 - Fireworks CS3 - PC Using Instructions preview
38039927 - Fireworks CS3 - PC
Бренд: Adobe Страницы: 369
Adobe InDesign 2.0 Help Manual preview
InDesign 2.0
Бренд: Adobe Страницы: 478
Avaya P130 SMON User Manual preview
P130 SMON
Бренд: Avaya Страницы: 160
Navman SmartST 2009 User Manual preview
SmartST 2009
Бренд: Navman Страницы: 82
Symantec Norton Antispam Personal Firewall and Systemwork - Norton Antispam User Manual preview
Norton Antispam Personal Firewall and Systemwork - Norton Antispam
Бренд: Symantec Страницы: 33
Symantec NORTON 360 5.0 User Manual preview
NORTON 360 5.0
Бренд: Symantec Страницы: 40
Symantec NORTON GHOST User Manual preview
NORTON GHOST
Бренд: Symantec Страницы: 80

Бренды по названию

Популярные бренды

Загрузить еще бренды