lib/wsdl/Security.ProfileDoS.wsdl in f5-icontrol-0.1.6 vs lib/wsdl/Security.ProfileDoS.wsdl in f5-icontrol-0.2.0
- old
+ new
@@ -1,8 +1,8 @@
<?xml version="1.0" ?>
<!--
-Copyright (c) 1996-2013, F5 Networks, Inc., Seattle, Washington. All rights reserved.
+Copyright (c) 1996-2016, F5 Networks, Inc., Seattle, Washington. All rights reserved.
F5, F5 Networks, the F5 logo, BIG-IP, 3-DNS, iControl, GLOBAL-SITE, SEE-IT, EDGE-FX, FireGuard, Internet Control Architecture, IP Application Switch, iRules, PACKET VELOCITY, SYN Check, CONTROL YOUR WORLD, OneConnect, ZoneRunner, uRoam, FirePass, and TrafficShield are registered trademarks or trademarks of F5 Networks, Inc., in the U.S. and certain other countries.
All other trademarks mentioned in this document are the property of their respective owners. F5 Networks' trademarks may not be used in connection with any product or service except as permitted in writing by F5.
@@ -197,10 +197,115 @@
<xsd:enumeration value="NETWORK_ATTACK_VECTOR_UDP_FLOOD">
<xsd:annotation>
<xsd:documentation>NETWORK_ATTACK_VECTOR_UDP_FLOOD</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_IP_OPT_FRAMES">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_IP_OPT_FRAMES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_IP_FRAG_FLOOD">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_IP_FRAG_FLOOD</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_TOO_MANY_EXT_HDRS">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_TOO_MANY_EXT_HDRS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_EXT_HDR_TOO_LARGE">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_EXT_HDR_TOO_LARGE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_IP_LOW_TTL">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_IP_LOW_TTL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_HOP_CNT_LOW">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_HOP_CNT_LOW</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_IPV6_EXT_HDR_FRAMES">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_IPV6_EXT_HDR_FRAMES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_IPV6_FRAG_FLOOD">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_IPV6_FRAG_FLOOD</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_UNK_TCP_OPT_TYPE">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_UNK_TCP_OPT_TYPE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_OPT_PRESENT_WITH_ILLEGAL_LEN">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_OPT_PRESENT_WITH_ILLEGAL_LEN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_TCP_OPT_OVERRUNS_TCP_HDR">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_TCP_OPT_OVERRUNS_TCP_HDR</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_TCP_SYNACK_FLOOD">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_TCP_SYNACK_FLOOD</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_ICMPV4_FLOOD">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_ICMPV4_FLOOD</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_ICMP_FRAG">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_ICMP_FRAG</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_ICMPV6_FLOOD">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_ICMPV6_FLOOD</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_HOST_UNREACHABLE">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_HOST_UNREACHABLE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_TIDCMP">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_TIDCMP</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_SWEEP">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_SWEEP</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_TCP_BAD_URGENT">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_TCP_BAD_URGENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_TCP_WINDOW_SIZE">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_TCP_WINDOW_SIZE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="NETWORK_ATTACK_VECTOR_TCP_SYN_OVERSIZE">
+ <xsd:annotation>
+ <xsd:documentation>NETWORK_ATTACK_VECTOR_TCP_SYN_OVERSIZE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="Security.ProfileDoS.DNSQuerySequenceSequence">
<xsd:complexContent>
<xsd:restriction base='SOAP-ENC:Array'>
@@ -247,10 +352,17 @@
<xsd:restriction base='SOAP-ENC:Array'>
<xsd:attribute ref='SOAP-ENC:arrayType' wsdl:arrayType='xsd:long[]'/>
</xsd:restriction>
</xsd:complexContent>
</xsd:complexType>
+ <xsd:complexType name="Common.StringSequenceSequenceSequence">
+ <xsd:complexContent>
+ <xsd:restriction base='SOAP-ENC:Array'>
+ <xsd:attribute ref='SOAP-ENC:arrayType' wsdl:arrayType='tns:Common.StringSequenceSequence[]'/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
<xsd:complexType name="Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence">
<xsd:complexContent>
<xsd:restriction base='SOAP-ENC:Array'>
<xsd:attribute ref='SOAP-ENC:arrayType' wsdl:arrayType='tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequence[]'/>
</xsd:restriction>
@@ -261,10 +373,17 @@
<xsd:restriction base='SOAP-ENC:Array'>
<xsd:attribute ref='SOAP-ENC:arrayType' wsdl:arrayType='tns:Security.ProfileDoS.DNSQueryVectorStatisticsSequence[]'/>
</xsd:restriction>
</xsd:complexContent>
</xsd:complexType>
+ <xsd:complexType name="Common.EnabledStateSequenceSequenceSequence">
+ <xsd:complexContent>
+ <xsd:restriction base='SOAP-ENC:Array'>
+ <xsd:attribute ref='SOAP-ENC:arrayType' wsdl:arrayType='tns:Common.EnabledStateSequenceSequence[]'/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
<xsd:complexType name="Common.StatisticSequence">
<xsd:complexContent>
<xsd:restriction base='SOAP-ENC:Array'>
<xsd:attribute ref='SOAP-ENC:arrayType' wsdl:arrayType='tns:Common.Statistic[]'/>
</xsd:restriction>
@@ -4415,10 +4534,15 @@
<xsd:enumeration value="STATISTIC_DNS_CACHE_RESOLVER_SEC_SECURE">
<xsd:annotation>
<xsd:documentation>STATISTIC_DNS_CACHE_RESOLVER_SEC_SECURE</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_CACHE_RESOLVER_RPZ_REWRITES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_CACHE_RESOLVER_RPZ_REWRITES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
<xsd:enumeration value="STATISTIC_DNS_REQUESTS_TO_CACHE">
<xsd:annotation>
<xsd:documentation>STATISTIC_DNS_REQUESTS_TO_CACHE</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
@@ -4785,10 +4909,15 @@
<xsd:enumeration value="STATISTIC_DNS_OP_UPDATE">
<xsd:annotation>
<xsd:documentation>STATISTIC_DNS_OP_UPDATE</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_OP_OTHER">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_OP_OTHER</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
<xsd:enumeration value="STATISTIC_DNS_ZONE_IXFR">
<xsd:annotation>
<xsd:documentation>STATISTIC_DNS_ZONE_IXFR</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
@@ -5955,10 +6084,1840 @@
<xsd:enumeration value="STATISTIC_PEM_SESSIONDB_FLOWS_MAX">
<xsd:annotation>
<xsd:documentation>STATISTIC_PEM_SESSIONDB_FLOWS_MAX</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FTP_LOGIN_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FTP_LOGIN_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FTP_UPLOAD_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FTP_UPLOAD_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FTP_DOWNLOAD_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FTP_DOWNLOAD_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_ACTIVE_CALLS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_ACTIVE_CALLS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_TOTAL_CALLS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_TOTAL_CALLS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_FAILED_CALLS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_FAILED_CALLS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_START_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_START_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_START_REPLIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_START_REPLIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_STOP_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_STOP_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_STOP_REPLIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_STOP_REPLIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_ECHO_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_ECHO_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_ECHO_REPLIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_ECHO_REPLIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_OUTGOING_CALL_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_OUTGOING_CALL_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_OUTGOING_CALL_REPLIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_OUTGOING_CALL_REPLIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_CALL_CLEAR_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_CALL_CLEAR_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_CALL_DISCONNECT_NOTIFIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_CALL_DISCONNECT_NOTIFIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_SET_LINK_INFO">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_SET_LINK_INFO</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PPTP_WAN_ERROR_NOTIFIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PPTP_WAN_ERROR_NOTIFIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_PASSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_PASSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_HTTP_REDIRECTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_HTTP_REDIRECTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_SERVICE_CHAINS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_SERVICE_CHAINS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_STEERING_ON_RESPONSE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_STEERING_ON_RESPONSE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_QOS_UPLINK">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_QOS_UPLINK</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_QOS_DOWNLINK">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_QOS_DOWNLINK</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_HTTP_HEADER_MODIFICATIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_HTTP_HEADER_MODIFICATIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_FLOW_REPORTING">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_FLOW_REPORTING</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_SESSION_REPORTING">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_SESSION_REPORTING</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_POLICY_REEVALUATION_RATE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_POLICY_REEVALUATION_RATE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_ACTION_POLICY_REEVALUATION_RATE_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_ACTION_POLICY_REEVALUATION_RATE_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CONCURRENT_SESSIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CONCURRENT_SESSIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_NON_PROVISIONED_SESSIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_NON_PROVISIONED_SESSIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_NON_PROVISIONED_SESSIONS_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_NON_PROVISIONED_SESSIONS_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_PROVISIONING_INITIATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_PROVISIONING_INITIATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_PROVISIONING_INITIATED_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_PROVISIONING_INITIATED_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_TERMINATIONS_INITIATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_TERMINATIONS_INITIATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_TERMINATIONS_INITIATED_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_TERMINATIONS_INITIATED_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCR_INITIALS_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCR_INITIALS_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCA_INITIALS_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCA_INITIALS_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCR_UPDATES_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCR_UPDATES_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCA_UPDATES_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCA_UPDATES_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_RAR_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_RAR_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_RAA_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_RAA_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCR_USAGE_MONITORING_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCR_USAGE_MONITORING_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCA_USAGE_MONITORING_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCA_USAGE_MONITORING_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCR_TERMINATIONS_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCR_TERMINATIONS_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GX_CCA_TERMINATIONS_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GX_CCA_TERMINATIONS_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CONCURRENT_SESSIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CONCURRENT_SESSIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_TOTAL_SESSIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_TOTAL_SESSIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_SESSIONS_CREATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_SESSIONS_CREATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_NON_PROVISIONED_SESSIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_NON_PROVISIONED_SESSIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_NON_PROVISIONED_SESSIONS_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_NON_PROVISIONED_SESSIONS_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_PROVISIONING_INITIATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_PROVISIONING_INITIATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_PROVISIONING_INITIATED_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_PROVISIONING_INITIATED_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_ERROR_MESSAGES_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_ERROR_MESSAGES_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_TERMINATIONS_INITIATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_TERMINATIONS_INITIATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_TERMINATIONS_INITIATED_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_TERMINATIONS_INITIATED_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_SESSIONS_TERMINATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_SESSIONS_TERMINATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCR_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCR_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCA_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCA_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCR_INITIALS_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCR_INITIALS_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCA_INITIALS_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCA_INITIALS_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCR_UPDATES_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCR_UPDATES_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCA_UPDATES_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCA_UPDATES_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_RAR_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_RAR_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_RAA_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_RAA_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCR_TERMINATIONS_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCR_TERMINATIONS_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_GY_CCA_TERMINATIONS_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_GY_CCA_TERMINATIONS_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_HSL_SESSION_RECORDS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_HSL_SESSION_RECORDS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_HSL_FLOW_START_RECORDS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_HSL_FLOW_START_RECORDS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_HSL_FLOW_INTERIM_RECORDS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_HSL_FLOW_INTERIM_RECORDS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_HSL_FLOW_STOP_RECORDS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_HSL_FLOW_STOP_RECORDS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_RADIUS_ACCOUNTING_START">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_RADIUS_ACCOUNTING_START</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_RADIUS_ACCOUNTING_STOP">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_RADIUS_ACCOUNTING_STOP</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_RADIUS_ACCOUNTING_INTERIM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_RADIUS_ACCOUNTING_INTERIM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_RADIUS_ACCOUNTING_RETRANSMISSIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_RADIUS_ACCOUNTING_RETRANSMISSIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_CONCURRENT_SUBSCRIBERS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_CONCURRENT_SUBSCRIBERS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_CONCURRENT_SUBSCRIBERS_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_CONCURRENT_SUBSCRIBERS_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_TOTAL_SUBSCRIBERS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_TOTAL_SUBSCRIBERS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_SUBSCRIBER_LIMIT_EXCEEDED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_SUBSCRIBER_LIMIT_EXCEEDED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_NO_RADIUS_INFO">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_NO_RADIUS_INFO</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_NO_RADIUS_INFO_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_NO_RADIUS_INFO_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_PROVISIONING_PENDING">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_PROVISIONING_PENDING</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_PROVISIONING_PENDING_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_PROVISIONING_PENDING_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_NOT_PROVISIONED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_NOT_PROVISIONED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_NOT_PROVISIONED_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_NOT_PROVISIONED_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_FAILED_PROVISIONING_ATTEMPTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_FAILED_PROVISIONING_ATTEMPTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_UNKNOWN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_UNKNOWN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_UNKNOWN_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_UNKNOWN_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_PROVISIONED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_PROVISIONED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_PROVISIONED_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_PROVISIONED_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_INACTIVE_SUBSCRIBERS_REMOVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_INACTIVE_SUBSCRIBERS_REMOVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_MARKED_FOR_DELETION">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_MARKED_FOR_DELETION</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_PEM_SUBSCRIBER_MARKED_FOR_DELETION_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_PEM_SUBSCRIBER_MARKED_FOR_DELETION_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SMTPS_CONNECTIONS_ACCEPTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SMTPS_CONNECTIONS_ACCEPTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SMTPS_CONNECTIONS_CURRENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SMTPS_CONNECTIONS_CURRENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SMTPS_CONNECTIONS_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SMTPS_CONNECTIONS_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SMTPS_BLOCKED_COMMANDS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SMTPS_BLOCKED_COMMANDS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_EXPRESS_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_EXPRESS_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_EXPRESS_RESPONSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_EXPRESS_RESPONSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_EXPRESS_XFR_MESSAGES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_EXPRESS_XFR_MESSAGES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_EXPRESS_NOTIFIES_RECEIVED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_EXPRESS_NOTIFIES_RECEIVED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_XFR_NOTIFIES_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_XFR_NOTIFIES_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_XFR_NOTIFIES_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_XFR_NOTIFIES_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_AXFR_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_AXFR_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_IXFR_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_IXFR_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_XFR_QUERIES_ACL_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_XFR_QUERIES_ACL_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_TSIG_MISSING">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_TSIG_MISSING</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_TSIG_NOT_REQUIRED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_TSIG_NOT_REQUIRED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_TSIG_VERIFIED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_TSIG_VERIFIED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_TSIG_BAD_KEY">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_TSIG_BAD_KEY</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_TSIG_BAD_SIG">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_TSIG_BAD_SIG</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_TSIG_BAD_TIME">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_TSIG_BAD_TIME</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_NSEC3_RR">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_NSEC3_RR</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_NSEC3_NODATA">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_NSEC3_NODATA</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_NSEC3_NXDOMAIN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_NSEC3_NXDOMAIN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_NSEC3_REFERRAL">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_NSEC3_REFERRAL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_NSEC3_RESALT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_NSEC3_RESALT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_SIGNED_RESPONSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_SIGNED_RESPONSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_DNSKEY_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_DNSKEY_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_NSEC3PARAM_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_NSEC3PARAM_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_DS_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_DS_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_SIG_CRYPTO_FAILED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_SIG_CRYPTO_FAILED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_SIG_SUCCESS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_SIG_SUCCESS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_SIG_FAILED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_SIG_FAILED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_SIG_RRSET_FAILED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_SIG_RRSET_FAILED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_CONNECT_FLOW_FAILED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_CONNECT_FLOW_FAILED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_TO_WIRE_FAILED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_TO_WIRE_FAILED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_STARTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_STARTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_COMPLETED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_COMPLETED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_MSGS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_MSGS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_MASTER_MSGS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_MASTER_MSGS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_AXFR_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_AXFR_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_IXFR_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_IXFR_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_RESPONSE_AVERAGE_SIZE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_RESPONSE_AVERAGE_SIZE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_EXTERNAL_SERIAL">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_EXTERNAL_SERIAL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNSSEC_ZONE_XFR_MASTER_SERIAL">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNSSEC_ZONE_XFR_MASTER_SERIAL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_SERVER_XFR_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_SERVER_XFR_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_SERVER_XFR_RESPONSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_SERVER_XFR_RESPONSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_SERVER_XFR_NOTIFIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_SERVER_XFR_NOTIFIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_SERVER_XFR_NOTIFY_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_SERVER_XFR_NOTIFY_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_CACHE_RESOLVER_FORWARD_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_CACHE_RESOLVER_FORWARD_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_CACHE_RESOLVER_FORWARD_RESPONSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_CACHE_RESOLVER_FORWARD_RESPONSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_IRULES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_IRULES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_CONNECTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_CONNECTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_WEB_SOCKETS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_WEB_SOCKETS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_OVERSIZE_CLIENT_HEADERS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_OVERSIZE_CLIENT_HEADERS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_EXCESS_CLIENT_HEADERS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_EXCESS_CLIENT_HEADERS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_OVERSIZE_SERVER_HEADERS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_OVERSIZE_SERVER_HEADERS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_EXCESS_SERVER_HEADERS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_EXCESS_SERVER_HEADERS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_UNKNOWN_METHODS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_UNKNOWN_METHODS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_HTTP_PASSTHROUGH_PIPELINES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_HTTP_PASSTHROUGH_PIPELINES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_CIPHER_ECDH_RSA_KEY_EXCHANGE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_CIPHER_ECDH_RSA_KEY_EXCHANGE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_CIPHER_ECDHE_ECDSA_KEY_EXCHANGE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_CIPHER_ECDHE_ECDSA_KEY_EXCHANGE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_CIPHER_ECDH_ECDSA_KEY_EXCHANGE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_CIPHER_ECDH_ECDSA_KEY_EXCHANGE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_CIPHER_DHE_DSS_KEY_EXCHANGE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_CIPHER_DHE_DSS_KEY_EXCHANGE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_CIPHER_AES_GCM_BULK">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_CIPHER_AES_GCM_BULK</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FIX_CURRENT_CONNECTIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FIX_CURRENT_CONNECTIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FIX_NUMBER_OF_MESSAGES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FIX_NUMBER_OF_MESSAGES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FIX_TOTAL_SIZE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FIX_TOTAL_SIZE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FIX_NUMBER_OF_MESSAGES_LAST_INTERVAL">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FIX_NUMBER_OF_MESSAGES_LAST_INTERVAL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_FWDP_DESTINATION_IP_BYPASSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_FWDP_DESTINATION_IP_BYPASSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_FWDP_SOURCE_IP_BYPASSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_FWDP_SOURCE_IP_BYPASSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_FWDP_HOSTNAME_BYPASSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_FWDP_HOSTNAME_BYPASSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_TOTAL_END_POINTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_TOTAL_END_POINTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_REQUESTS_GTM_REWRITES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_REQUESTS_GTM_REWRITES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CLIENTLDAP_CONNECTIONS_ACCEPTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CLIENTLDAP_CONNECTIONS_ACCEPTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CLIENTLDAP_CONNECTIONS_CURRENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CLIENTLDAP_CONNECTIONS_CURRENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CLIENTLDAP_CONNECTIONS_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CLIENTLDAP_CONNECTIONS_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CLIENTLDAP_BLOCKED_COMMANDS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CLIENTLDAP_BLOCKED_COMMANDS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SERVERLDAP_CONNECTIONS_CONNECTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SERVERLDAP_CONNECTIONS_CONNECTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SERVERLDAP_CONNECTIONS_CURRENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SERVERLDAP_CONNECTIONS_CURRENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SERVERLDAP_CONNECTIONS_MAXIMUM">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SERVERLDAP_CONNECTIONS_MAXIMUM</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SERVERLDAP_CONNECTIONS_FAILED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SERVERLDAP_CONNECTIONS_FAILED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_RENEGOTIATIONS_REJECTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_RENEGOTIATIONS_REJECTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FASTL4_LATE_BINDING_SUCCESSFUL_CONNECTIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FASTL4_LATE_BINDING_SUCCESSFUL_CONNECTIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FASTL4_LATE_BINDING_TIMED_OUT_CONNECTIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FASTL4_LATE_BINDING_TIMED_OUT_CONNECTIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_OCSP_STAPLING_CONNECTIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_OCSP_STAPLING_CONNECTIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_OCSP_STAPLING_RESPONSE_STATUS_ERRORS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_OCSP_STAPLING_RESPONSE_STATUS_ERRORS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_OCSP_STAPLING_RESPONSE_VALIDATION_ERRORS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_OCSP_STAPLING_RESPONSE_VALIDATION_ERRORS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_OCSP_STAPLING_CERTIFICATE_STATUS_ERRORS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_OCSP_STAPLING_CERTIFICATE_STATUS_ERRORS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_OCSP_STAPLING_OCSP_CONNECTION_HTTP_ERRORS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_OCSP_STAPLING_OCSP_CONNECTION_HTTP_ERRORS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_OCSP_STAPLING_OCSP_CONNECTION_TIMEOUTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_OCSP_STAPLING_OCSP_CONNECTION_TIMEOUTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_OCSP_STAPLING_OCSP_CONNECTION_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_OCSP_STAPLING_OCSP_CONNECTION_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_ACTIVE_PORT_BLOCKS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_ACTIVE_PORT_BLOCKS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_ACTIVE_CLIENTS_REACHED_LIMIT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_ACTIVE_CLIENTS_REACHED_LIMIT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_ACTIVE_ZOMBIE_PORT_BLOCKS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_ACTIVE_ZOMBIE_PORT_BLOCKS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_TOTAL_CLIENTS_REACHED_LIMIT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_TOTAL_CLIENTS_REACHED_LIMIT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_TOTAL_PORT_BLOCK_ALLOCATIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_TOTAL_PORT_BLOCK_ALLOCATIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_TOTAL_PORT_BLOCK_ALLOCATION_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_TOTAL_PORT_BLOCK_ALLOCATION_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_TOTAL_PORT_BLOCK_DEALLOCATIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_TOTAL_PORT_BLOCK_DEALLOCATIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_TOTAL_ZOMBIE_PORT_BLOCKS_CREATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_TOTAL_ZOMBIE_PORT_BLOCKS_CREATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_TOTAL_ZOMBIE_PORT_BLOCKS_DELETED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_TOTAL_ZOMBIE_PORT_BLOCKS_DELETED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_LSN_POOL_PBA_TOTAL_ZOMBIE_PORT_BLOCK_CONNECTIONS_KILLED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_LSN_POOL_PBA_TOTAL_ZOMBIE_PORT_BLOCK_CONNECTIONS_KILLED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_QUERIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_QUERIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_RESPONSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_RESPONSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_ALLOWED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_ALLOWED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_DROPS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_DROPS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_TRUNCATED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_TRUNCATED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_NXDOMAIN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_NXDOMAIN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_NOERROR">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_NOERROR</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_RAPID_RESPONSE_REFUSED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_RAPID_RESPONSE_REFUSED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_IN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_IN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_IN_RESUBMITTED_FOR_RETRY">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_IN_RESUBMITTED_FOR_RETRY</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_OUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_OUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_FAILED_AND_NOT_DELIVERABLE_TO_ORIGINATOR">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_FAILED_AND_NOT_DELIVERABLE_TO_ORIGINATOR</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_ROUTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_ROUTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_UNROUTABLE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_UNROUTABLE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_DROPPED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_DROPPED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_FAILED_DUE_TO_A_FULL_QUEUE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_FAILED_DUE_TO_A_FULL_QUEUE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_FAILED_DUE_TO_CONNECTION_DROPPED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_FAILED_DUE_TO_CONNECTION_DROPPED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_FAILED_DUE_TO_CONNECTION_CLOSED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_FAILED_DUE_TO_CONNECTION_CLOSED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_FAILED_DUE_TO_AN_INTERNAL_ERROR">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_FAILED_DUE_TO_AN_INTERNAL_ERROR</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_FAILED_DUE_TO_PERSIST_KEY_IN_USE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_FAILED_DUE_TO_PERSIST_KEY_IN_USE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_RESPONSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_RESPONSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_BADMSGS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_BADMSGS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_DROPS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_DROPS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_INVITE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_INVITE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_ACK">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_ACK</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_OPTIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_OPTIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_BYE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_BYE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_CANCEL">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_CANCEL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REGISTER_REQ">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REGISTER_REQ</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_PUBLISH">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_PUBLISH</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOTIFY">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOTIFY</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_SUBSCRIBE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_SUBSCRIBE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_MESSAGE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_MESSAGE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_PRACK">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_PRACK</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_OTHER">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_OTHER</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_PROVISIONAL">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_PROVISIONAL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_SUCCESSFUL">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_SUCCESSFUL</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REDIRECTION">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REDIRECTION</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_CLIENT_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_CLIENT_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_SERVER_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_SERVER_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_GLOBAL_FAILURES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_GLOBAL_FAILURES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_MESSAGE_LIMIT_EXCEEDED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_MESSAGE_LIMIT_EXCEEDED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_LOOP_DETECTION">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_LOOP_DETECTION</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_MAX_FORWARDS_CHECK">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_MAX_FORWARDS_CHECK</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_BAD_REQUEST">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_BAD_REQUEST</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOT_FOUND">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOT_FOUND</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REQUEST_TIMEOUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REQUEST_TIMEOUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_TRANSACTION_DOES_NOT_EXIST">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_TRANSACTION_DOES_NOT_EXIST</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_LOOP_DETECTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_LOOP_DETECTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_TOO_MANY_HOPS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_TOO_MANY_HOPS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_SERVER_INTERNAL_ERROR">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_SERVER_INTERNAL_ERROR</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOT_ACCEPTABLE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOT_ACCEPTABLE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_TEMPORARILY_UNAVAILABLE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_TEMPORARILY_UNAVAILABLE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_SERVICE_UNAVAILABLE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_SERVICE_UNAVAILABLE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_VERSION_NOT_SUPPORTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_VERSION_NOT_SUPPORTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_UNKNOWN_PARSE_ERROR">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_UNKNOWN_PARSE_ERROR</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_CONTENT_LENGTH_MISMATCH">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_CONTENT_LENGTH_MISMATCH</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_EXTRANEOUS_HEADER_FIELD">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_EXTRANEOUS_HEADER_FIELD</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_INVALID_CONTENT_LENGTH">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_INVALID_CONTENT_LENGTH</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REQ_FIELD_OVERLARGE_VALUES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REQ_FIELD_OVERLARGE_VALUES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_RESP_FIELD_OVERLARGE_VALUES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_RESP_FIELD_OVERLARGE_VALUES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_UNTERMINATED_QUOTED_STRING">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_UNTERMINATED_QUOTED_STRING</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_MALFORMED_REQUEST_URI">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_MALFORMED_REQUEST_URI</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_UNKNOWN_PROTOCOL_VERSION">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_UNKNOWN_PROTOCOL_VERSION</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_CSEQ_METHOD_MISMATCH">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_CSEQ_METHOD_MISMATCH</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_CLIENT_BYTES_IN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_CLIENT_BYTES_IN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_CLIENT_BYTES_OUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_CLIENT_BYTES_OUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_CLIENT_PACKETS_IN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_CLIENT_PACKETS_IN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_CLIENT_PACKETS_OUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_CLIENT_PACKETS_OUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_SERVER_BYTES_IN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_SERVER_BYTES_IN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_SERVER_BYTES_OUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_SERVER_BYTES_OUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_SERVER_PACKETS_IN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_SERVER_PACKETS_IN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CRYPTO_SERVER_PACKETS_OUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CRYPTO_SERVER_PACKETS_OUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_EVICTION_POLICY_EVICTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_EVICTION_POLICY_EVICTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CONNECTION_FLOW_MISS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CONNECTION_FLOW_MISS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_SYNCOOKIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_SYNCOOKIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_ACCEPTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_ACCEPTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_REJECTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_REJECTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_HW_SYNCOOKIES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_HW_SYNCOOKIES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_HW_ACCEPTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_HW_ACCEPTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_WL_HITS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_WL_HITS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_WL_ACCEPTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_WL_ACCEPTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SYNCOOKIE_STATS_WL_REJECTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SYNCOOKIE_STATS_WL_REJECTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FW_RULE_LAST_HIT_TIME">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FW_RULE_LAST_HIT_TIME</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SCTP_ASSOCIATIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SCTP_ASSOCIATIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SCTP_CLOSING">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SCTP_CLOSING</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SCTP_CONFIRMED_ADDRESSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SCTP_CONFIRMED_ADDRESSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SCTP_UNCONFIRMED_ADDRESSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SCTP_UNCONFIRMED_ADDRESSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SCTP_ACTIVE_PATHS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SCTP_ACTIVE_PATHS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SCTP_INACTIVE_PATHS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SCTP_INACTIVE_PATHS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_CLIENTLDAP_CONNECTIONS_TLS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_CLIENTLDAP_CONNECTIONS_TLS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SERVERLDAP_CONNECTIONS_TLS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SERVERLDAP_CONNECTIONS_TLS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_AGGREGATE_RENEGOTIATIONS_REJECTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_AGGREGATE_RENEGOTIATIONS_REJECTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FTP_FTPS_SESSIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FTP_FTPS_SESSIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_TFTP_READ_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_TFTP_READ_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_TFTP_WRITE_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_TFTP_WRITE_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_FTP_PASSTHRU_TRANSITIONS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_FTP_PASSTHRU_TRANSITIONS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_TFTP_DISCARDED_REQUESTS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_TFTP_DISCARDED_REQUESTS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_HW_INSPECTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_HW_INSPECTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_HW_MALFORMED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_HW_MALFORMED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_HW_CACHE_LOOKUPS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_HW_CACHE_LOOKUPS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_HW_CACHE_RESPONSES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_HW_CACHE_RESPONSES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_VCMP_RED_PACKETS_IN">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_VCMP_RED_PACKETS_IN</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_SESSION_MIRRORING_SUCCESS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_SESSION_MIRRORING_SUCCESS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_SESSION_MIRRORING_FAILURE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_SESSION_MIRRORING_FAILURE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_PEER_READY">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_PEER_READY</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_CTX_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_CTX_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_CTX_RECV">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_CTX_RECV</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_HS_SUCCESS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_HS_SUCCESS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_FAILURE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_FAILURE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_TIMEOUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_CONNECTION_MIRRORING_HA_TIMEOUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_DTLS_TX_PUSHBACKS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_DTLS_TX_PUSHBACKS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_CIPHER_CAMELLIA_BULK">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_CIPHER_CAMELLIA_BULK</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_DNS_NAPTR_REQS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_DNS_NAPTR_REQS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_TRANSMITTED_PACKETS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_TRANSMITTED_PACKETS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_RECEIVED_PACKETS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_RECEIVED_PACKETS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_DROPPED_RPF">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_DROPPED_RPF</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_DROPPED_WRONG_INTERFACE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_DROPPED_WRONG_INTERFACE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_DROPPED_NO_ROUTE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_DROPPED_NO_ROUTE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_DROPPED_ROUTE_LOOKUP_TIMEOUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_DROPPED_ROUTE_LOOKUP_TIMEOUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_DROPPED_MAX_PENDING_PACKETS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_DROPPED_MAX_PENDING_PACKETS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IP_MULTICAST_DROPPED_MAX_PENDING_ROUTES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IP_MULTICAST_DROPPED_MAX_PENDING_ROUTES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_TRANSMITTED_PACKETS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_TRANSMITTED_PACKETS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_RECEIVED_PACKETS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_RECEIVED_PACKETS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_DROPPED_RPF">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_DROPPED_RPF</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_DROPPED_WRONG_INTERFACE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_DROPPED_WRONG_INTERFACE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_DROPPED_NO_ROUTE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_DROPPED_NO_ROUTE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_DROPPED_ROUTE_LOOKUP_TIMEOUT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_DROPPED_ROUTE_LOOKUP_TIMEOUT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_DROPPED_MAX_PENDING_PACKETS">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_DROPPED_MAX_PENDING_PACKETS</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_IPV6_MULTICAST_DROPPED_MAX_PENDING_ROUTES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_IPV6_MULTICAST_DROPPED_MAX_PENDING_ROUTES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_ACTIVE_HANDSHAKES_REJECTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_ACTIVE_HANDSHAKES_REJECTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_COMMON_CURRENT_ACTIVE_HANDSHAKES">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_COMMON_CURRENT_ACTIVE_HANDSHAKES</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_1K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_1K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_2K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_2K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_3K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_3K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_4K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_4K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_5K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_5K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_6K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_6K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_7K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_7K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_8K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_8K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_9K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_9K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_10K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_10K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_11K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_11K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_12K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_12K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_13K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_13K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_14K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_14K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_15K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_15K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SSL_DYNAMIC_RECORD_16K">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SSL_DYNAMIC_RECORD_16K</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPROUTER_STANDBY_DROPPED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPROUTER_STANDBY_DROPPED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REQUEST_ENTITY_TOO_LARGE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REQUEST_ENTITY_TOO_LARGE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REQUEST_ENTITY_TOO_LARGE_413_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REQUEST_ENTITY_TOO_LARGE_413_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_UNSUPPORTED_URI_SCHEME">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_UNSUPPORTED_URI_SCHEME</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_UNSUPPORTED_URI_SCHEME_416_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_UNSUPPORTED_URI_SCHEME_416_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_TEMPORARILY_UNAVAILABLE_480_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_TEMPORARILY_UNAVAILABLE_480_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_LOOP_DETECTED_482_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_LOOP_DETECTED_482_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_TOO_MANY_HOPS_483_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_TOO_MANY_HOPS_483_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_ADDRESS_INCOMPLETE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_ADDRESS_INCOMPLETE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_ADDRESS_INCOMPLETE_484_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_ADDRESS_INCOMPLETE_484_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOT_ACCEPTABLE_HERE">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOT_ACCEPTABLE_HERE</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOT_ACCEPTABLE_HERE_488_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOT_ACCEPTABLE_HERE_488_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_SERVER_INTERNAL_ERROR_500_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_SERVER_INTERNAL_ERROR_500_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOT_IMPLEMENTED">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOT_IMPLEMENTED</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOT_IMPLEMENTED_501_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOT_IMPLEMENTED_501_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_SERVICE_UNAVAILABLE_503_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_SERVICE_UNAVAILABLE_503_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_VERSION_NOT_SUPPORTED_505_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_VERSION_NOT_SUPPORTED_505_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_BADMSGS_REQ">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_BADMSGS_REQ</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_DROPS_REQ">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_DROPS_REQ</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_INFO">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_INFO</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_REFER">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_REFER</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_UPDATE_REQ">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_UPDATE_REQ</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_BAD_REQUEST_400_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_BAD_REQUEST_400_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
+ <xsd:enumeration value="STATISTIC_SIPSESSION_NOT_FOUND_404_SENT">
+ <xsd:annotation>
+ <xsd:documentation>STATISTIC_SIPSESSION_NOT_FOUND_404_SENT</xsd:documentation>
+ </xsd:annotation>
+ </xsd:enumeration>
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="Security.ProfileDoS.SIPAttackVectorStatisticEntry">
<xsd:sequence>
<xsd:element name="vector_name" type="tns:Security.ProfileDoS.SIPAttackVector"/>
@@ -6394,10 +8353,28 @@
</message>
<message name="Security.ProfileDoS.get_url_based_client_side_integrity_defense_stateResponse">
<part name="return" type="tns:Common.EnabledStateSequenceSequence"/>
</message>
+<message name="Security.ProfileDoS.set_site_wide_client_side_integrity_defense_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+ <part name="states" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_site_wide_client_side_integrity_defense_stateResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_site_wide_client_side_integrity_defense_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+</message>
+<message name="Security.ProfileDoS.get_site_wide_client_side_integrity_defense_stateResponse">
+ <part name="return" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+
<message name="Security.ProfileDoS.set_source_ip_based_rate_limiting_stateRequest">
<part name="profile_names" type="tns:Common.StringSequence"/>
<part name="applications" type="tns:Common.StringSequenceSequence"/>
<part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
<part name="states" type="tns:Common.EnabledStateSequenceSequence"/>
@@ -6430,10 +8407,28 @@
</message>
<message name="Security.ProfileDoS.get_url_based_rate_limiting_stateResponse">
<part name="return" type="tns:Common.EnabledStateSequenceSequence"/>
</message>
+<message name="Security.ProfileDoS.set_site_wide_rate_limiting_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+ <part name="states" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_site_wide_rate_limiting_stateResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_site_wide_rate_limiting_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+</message>
+<message name="Security.ProfileDoS.get_site_wide_rate_limiting_stateResponse">
+ <part name="return" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+
<message name="Security.ProfileDoS.set_ip_tps_increase_rateRequest">
<part name="profile_names" type="tns:Common.StringSequence"/>
<part name="applications" type="tns:Common.StringSequenceSequence"/>
<part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
<part name="values" type="tns:Common.ULongSequenceSequence"/>
@@ -6538,10 +8533,100 @@
</message>
<message name="Security.ProfileDoS.get_url_minimum_tpsResponse">
<part name="return" type="tns:Common.ULongSequenceSequence"/>
</message>
+<message name="Security.ProfileDoS.set_site_wide_tps_increase_rateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_site_wide_tps_increase_rateResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_site_wide_tps_increase_rateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+</message>
+<message name="Security.ProfileDoS.get_site_wide_tps_increase_rateResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_site_wide_maximum_tpsRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_site_wide_maximum_tpsResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_site_wide_maximum_tpsRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+</message>
+<message name="Security.ProfileDoS.get_site_wide_maximum_tpsResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_site_wide_minimum_tpsRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_site_wide_minimum_tpsResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_site_wide_minimum_tpsRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+</message>
+<message name="Security.ProfileDoS.get_site_wide_minimum_tpsResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_escalation_periodRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_escalation_periodResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_escalation_periodRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+</message>
+<message name="Security.ProfileDoS.get_escalation_periodResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_deescalation_periodRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_deescalation_periodResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_deescalation_periodRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
+</message>
+<message name="Security.ProfileDoS.get_deescalation_periodResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
<message name="Security.ProfileDoS.set_maximum_prevention_durationRequest">
<part name="profile_names" type="tns:Common.StringSequence"/>
<part name="applications" type="tns:Common.StringSequenceSequence"/>
<part name="anomaly" type="tns:Security.ProfileDoS.Anomaly"/>
<part name="values" type="tns:Common.ULongSequenceSequence"/>
@@ -6604,10 +8689,186 @@
</message>
<message name="Security.ProfileDoS.get_minimum_latencyResponse">
<part name="return" type="tns:Common.ULongSequenceSequence"/>
</message>
+<message name="Security.ProfileDoS.set_heavy_url_protection_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="states" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_heavy_url_protection_stateResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_heavy_url_protection_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_heavy_url_protection_stateResponse">
+ <part name="return" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_heavy_url_automatic_detection_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="states" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_heavy_url_automatic_detection_stateResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_heavy_url_automatic_detection_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_heavy_url_automatic_detection_stateResponse">
+ <part name="return" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.get_heavy_url_includeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_heavy_url_includeResponse">
+ <part name="return" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.add_heavy_url_includeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="urls" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.add_heavy_url_includeResponse">
+</message>
+
+<message name="Security.ProfileDoS.replace_heavy_url_includeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="urls" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.replace_heavy_url_includeResponse">
+</message>
+
+<message name="Security.ProfileDoS.remove_heavy_url_includeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="urls" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.remove_heavy_url_includeResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_heavy_url_excludeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_heavy_url_excludeResponse">
+ <part name="return" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.add_heavy_url_excludeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="urls" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.add_heavy_url_excludeResponse">
+</message>
+
+<message name="Security.ProfileDoS.replace_heavy_url_excludeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="urls" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.replace_heavy_url_excludeResponse">
+</message>
+
+<message name="Security.ProfileDoS.remove_heavy_url_excludeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="urls" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.remove_heavy_url_excludeResponse">
+</message>
+
+<message name="Security.ProfileDoS.set_heavy_url_latency_thresholdRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_heavy_url_latency_thresholdResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_heavy_url_latency_thresholdRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_heavy_url_latency_thresholdResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_tcp_dump_record_traffic_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="states" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_tcp_dump_record_traffic_stateResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_tcp_dump_record_traffic_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_tcp_dump_record_traffic_stateResponse">
+ <part name="return" type="tns:Common.EnabledStateSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_tcp_dump_maximum_durationRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_tcp_dump_maximum_durationResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_tcp_dump_maximum_durationRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_tcp_dump_maximum_durationResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_tcp_dump_maximum_sizeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_tcp_dump_maximum_sizeResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_tcp_dump_maximum_sizeRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_tcp_dump_maximum_sizeResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_tcp_dump_repetition_intervalRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+ <part name="values" type="tns:Common.ULongSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_tcp_dump_repetition_intervalResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_tcp_dump_repetition_intervalRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="applications" type="tns:Common.StringSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_tcp_dump_repetition_intervalResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequence"/>
+</message>
+
<message name="Security.ProfileDoS.get_white_ipRequest">
<part name="profile_names" type="tns:Common.StringSequence"/>
<part name="applications" type="tns:Common.StringSequenceSequence"/>
</message>
<message name="Security.ProfileDoS.get_white_ipResponse">
@@ -7045,10 +9306,82 @@
</message>
<message name="Security.ProfileDoS.get_network_attack_vector_statisticsResponse">
<part name="return" type="tns:Security.ProfileDoS.NetworkAttackVectorStatisticsSequenceSequence"/>
</message>
+<message name="Security.ProfileDoS.set_network_attack_vector_auto_blacklisting_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+ <part name="states" type="tns:Common.EnabledStateSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_network_attack_vector_auto_blacklisting_stateResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_network_attack_vector_auto_blacklisting_stateRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_network_attack_vector_auto_blacklisting_stateResponse">
+ <part name="return" type="tns:Common.EnabledStateSequenceSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_network_attack_vector_blacklist_detection_secondsRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+ <part name="values" type="tns:Common.ULongSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_network_attack_vector_blacklist_detection_secondsResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_network_attack_vector_blacklist_detection_secondsRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_network_attack_vector_blacklist_detection_secondsResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_network_attack_vector_blacklist_durationRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+ <part name="values" type="tns:Common.ULongSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_network_attack_vector_blacklist_durationResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_network_attack_vector_blacklist_durationRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_network_attack_vector_blacklist_durationResponse">
+ <part name="return" type="tns:Common.ULongSequenceSequenceSequence"/>
+</message>
+
+<message name="Security.ProfileDoS.set_network_attack_vector_blacklist_categoryRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+ <part name="values" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.set_network_attack_vector_blacklist_categoryResponse">
+</message>
+
+<message name="Security.ProfileDoS.get_network_attack_vector_blacklist_categoryRequest">
+ <part name="profile_names" type="tns:Common.StringSequence"/>
+ <part name="networks" type="tns:Common.StringSequenceSequence"/>
+ <part name="vectors" type="tns:Security.ProfileDoS.NetworkAttackVectorSequenceSequenceSequence"/>
+</message>
+<message name="Security.ProfileDoS.get_network_attack_vector_blacklist_categoryResponse">
+ <part name="return" type="tns:Common.StringSequenceSequenceSequence"/>
+</message>
+
<message name="Security.ProfileDoS.get_versionRequest">
</message>
<message name="Security.ProfileDoS.get_versionResponse">
<part name="return" type="xsd:string"/>
</message>
@@ -7136,19 +9469,19 @@
<output message="tns:Security.ProfileDoS.add_applicationResponse"/>
</operation>
<operation name="remove_application">
<documentation>
Removes specific Application Security sub-profiles from the specified profiles.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.remove_applicationRequest"/>
<output message="tns:Security.ProfileDoS.remove_applicationResponse"/>
</operation>
<operation name="remove_all_applications">
<documentation>
Removes all Application Security sub-profiles from the specified profiles.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.remove_all_applicationsRequest"/>
<output message="tns:Security.ProfileDoS.remove_all_applicationsResponse"/>
</operation>
<operation name="get_protocol_dns">
@@ -7174,84 +9507,86 @@
<output message="tns:Security.ProfileDoS.add_protocol_dnsResponse"/>
</operation>
<operation name="remove_protocol_dns">
<documentation>
Removes specific Protocol DNS Security sub-profiles from the specified profiles.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.remove_protocol_dnsRequest"/>
<output message="tns:Security.ProfileDoS.remove_protocol_dnsResponse"/>
</operation>
<operation name="remove_all_protocol_dnses">
<documentation>
Removes all Protocol DNS Security sub-profiles from the specified profiles.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.remove_all_protocol_dnsesRequest"/>
<output message="tns:Security.ProfileDoS.remove_all_protocol_dnsesResponse"/>
</operation>
<operation name="set_trigger_irule_state">
<documentation>
Sets the trigger DoS iRule event state in Application Security.
Trigger DoS iRule event specifies, when enabled, that the system activates an Application DoS iRule event.
- The default setting is disabled.
+ The default is disabled.
Enable it if you have written iRules that process this event, and assigned them to a specific virtual server.
</documentation>
<input message="tns:Security.ProfileDoS.set_trigger_irule_stateRequest"/>
<output message="tns:Security.ProfileDoS.set_trigger_irule_stateResponse"/>
</operation>
<operation name="get_trigger_irule_state">
<documentation>
Gets the trigger DoS iRule event state in Application Security.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_trigger_irule_stateRequest"/>
<output message="tns:Security.ProfileDoS.get_trigger_irule_stateResponse"/>
</operation>
<operation name="set_operation_mode">
<documentation>
Sets the operation mode of the specified anomaly.
The available operation modes are mentioned under the OperationMode enumeration.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.set_operation_modeRequest"/>
<output message="tns:Security.ProfileDoS.set_operation_modeResponse"/>
</operation>
<operation name="get_operation_mode">
<documentation>
Gets the operation mode of the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_operation_modeRequest"/>
<output message="tns:Security.ProfileDoS.get_operation_modeResponse"/>
</operation>
<operation name="set_source_ip_based_client_side_integrity_defense_state">
<documentation>
Sets the Source IP-based client side integrity defense state in the specified anomaly.
- Prevention policy consisting of four methods specifies how the system handles an attack.
+ Prevention policy consisting of six methods specifies how the system handles an attack.
The system begins with the first method that you enabled in this list.
If the system finds this method not effective enough to stop the attack,
it uses the next method that you enabled in this list.
- Source IP-based client side integrity defense: Specifies, when enabled,
that the system determines whether the client is a legal browser or an illegal script
by sending a JavaScript challenge to each suspicious IP address and waiting for a response.
(Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled.
- URL-based client side integrity defense
+ - Site-wide client side integrity defense
- Source IP-based rate limiting
- URL-based rate limiting
+ - Site-wide rate limiting
</documentation>
<input message="tns:Security.ProfileDoS.set_source_ip_based_client_side_integrity_defense_stateRequest"/>
<output message="tns:Security.ProfileDoS.set_source_ip_based_client_side_integrity_defense_stateResponse"/>
</operation>
<operation name="get_source_ip_based_client_side_integrity_defense_state">
<documentation>
Gets the Source IP-based client side integrity defense state in the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_source_ip_based_client_side_integrity_defense_stateRequest"/>
<output message="tns:Security.ProfileDoS.get_source_ip_based_client_side_integrity_defense_stateResponse"/>
</operation>
<operation name="set_url_based_client_side_integrity_defense_state">
@@ -7260,24 +9595,46 @@
Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
- URL-based client side integrity defense: Specifies, when enabled,
that the system determines whether the client is a legal browser or an illegal script
by sending a JavaScript challenge to each suspicious URL and waiting for a response.
- (Legal URLs are able to respond, while illegal scripts cannot.) The default is disabled.
+ (Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled.
</documentation>
<input message="tns:Security.ProfileDoS.set_url_based_client_side_integrity_defense_stateRequest"/>
<output message="tns:Security.ProfileDoS.set_url_based_client_side_integrity_defense_stateResponse"/>
</operation>
<operation name="get_url_based_client_side_integrity_defense_state">
<documentation>
Gets the URL-based client side integrity defense state in the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_url_based_client_side_integrity_defense_stateRequest"/>
<output message="tns:Security.ProfileDoS.get_url_based_client_side_integrity_defense_stateResponse"/>
</operation>
+ <operation name="set_site_wide_client_side_integrity_defense_state">
+ <documentation>
+ Sets the Site-wide client side integrity defense state in the specified anomaly.
+
+ Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
+ - Site-wide client side integrity defense: Specifies, when enabled,
+ that the system determines whether the client is a legal browser or an illegal script
+ by sending a JavaScript challenge to each suspicious site and waiting for a response.
+ (Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_site_wide_client_side_integrity_defense_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.set_site_wide_client_side_integrity_defense_stateResponse"/>
+ </operation>
+ <operation name="get_site_wide_client_side_integrity_defense_state">
+ <documentation>
+ Gets the Site-wide client side integrity defense state in the specified anomaly.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_site_wide_client_side_integrity_defense_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.get_site_wide_client_side_integrity_defense_stateResponse"/>
+ </operation>
<operation name="set_source_ip_based_rate_limiting_state">
<documentation>
Sets the Source IP-based rate limiting state in the specified anomaly.
Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
@@ -7292,19 +9649,19 @@
<output message="tns:Security.ProfileDoS.set_source_ip_based_rate_limiting_stateResponse"/>
</operation>
<operation name="get_source_ip_based_rate_limiting_state">
<documentation>
Gets the Source IP-based rate limiting state in the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_source_ip_based_rate_limiting_stateRequest"/>
<output message="tns:Security.ProfileDoS.get_source_ip_based_rate_limiting_stateResponse"/>
</operation>
<operation name="set_url_based_rate_limiting_state">
<documentation>
Sets the URL-based rate limiting state in the specified anomaly.
-
+
Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
- URL-based rate limiting: Specifies, when enabled,
that the system drops transactions for suspicious URLs,
regardless of whether the IP address is suspicious or not.
The system allows requests for that URL when the request rate per second
@@ -7316,19 +9673,43 @@
<output message="tns:Security.ProfileDoS.set_url_based_rate_limiting_stateResponse"/>
</operation>
<operation name="get_url_based_rate_limiting_state">
<documentation>
Gets the URL-based rate limiting state in the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_url_based_rate_limiting_stateRequest"/>
<output message="tns:Security.ProfileDoS.get_url_based_rate_limiting_stateResponse"/>
</operation>
+ <operation name="set_site_wide_rate_limiting_state">
+ <documentation>
+ Sets the Site-wide rate limiting state in the specified anomaly.
+
+ Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
+ - Site-wide rate limiting: Specifies, when enabled,
+ that the system drops transactions for suspicious sites,
+ regardless of whether the IP address is suspicious or not.
+ The system allows requests for that site when the request rate per second
+ is less than the legitimate history interval (before the attack started),
+ or less than the threshold you configure in the maximum TPS. The default is enabled.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_site_wide_rate_limiting_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.set_site_wide_rate_limiting_stateResponse"/>
+ </operation>
+ <operation name="get_site_wide_rate_limiting_state">
+ <documentation>
+ Gets the Site-wide rate limiting state in the specified anomaly.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_site_wide_rate_limiting_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.get_site_wide_rate_limiting_stateResponse"/>
+ </operation>
<operation name="set_ip_tps_increase_rate">
<documentation>
Sets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
IP detection criteria setting is only available in TPS-based anomaly.
It specifies that if at least one of the following criteria is met, the system treats the IP address as an attacker.
If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval.
The system does not return the blocking response page.
@@ -7349,19 +9730,19 @@
<output message="tns:Security.ProfileDoS.set_ip_tps_increase_rateResponse"/>
</operation>
<operation name="get_ip_tps_increase_rate">
<documentation>
Gets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_ip_tps_increase_rateRequest"/>
<output message="tns:Security.ProfileDoS.get_ip_tps_increase_rateResponse"/>
</operation>
<operation name="set_ip_maximum_tps">
<documentation>
Sets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria.
- Maximum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious)
if the number of requests sent, per second, from an IP address is equal to or greater than this number.
The default setting is 200 requests per second.
@@ -7370,19 +9751,19 @@
<output message="tns:Security.ProfileDoS.set_ip_maximum_tpsResponse"/>
</operation>
<operation name="get_ip_maximum_tps">
<documentation>
Gets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_ip_maximum_tpsRequest"/>
<output message="tns:Security.ProfileDoS.get_ip_maximum_tpsResponse"/>
</operation>
<operation name="set_ip_minimum_tps">
<documentation>
Sets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria.
- Minimum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious)
if the detected TPS for a specific IP address equals, or is greater than, this number,
and the TPS increase rate was reached. If the detected TPS is lower than this number,
the system does not consider this IP address to be an attacker (or suspicious) even if
@@ -7393,19 +9774,19 @@
<output message="tns:Security.ProfileDoS.set_ip_minimum_tpsResponse"/>
</operation>
<operation name="get_ip_minimum_tps">
<documentation>
Gets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_ip_minimum_tpsRequest"/>
<output message="tns:Security.ProfileDoS.get_ip_minimum_tpsResponse"/>
</operation>
<operation name="set_url_tps_increase_rate">
<documentation>
Sets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
URL detection criteria setting is only available in TPS-based anomaly.
It specifies that if at least one of the following criteria is met, the system treats a URL to be under attack.
If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval.
The system does not return the blocking response page.
@@ -7413,32 +9794,32 @@
It specifies that if at least one of the following criteria is met, the system treats the URL as suspicious (suspects the URL to be attacked).
If an attack was detected according to the detection criteria, URL rate limiting will be done on the suspicious URLs.
The system prevents the attack by limiting the number of requests per second to the history interval.
The system does not return the blocking response page.
- - TPS increase rate: Specifies that the system considers an IP address to be an attacker (or treats as suspicious)
+ - TPS increase rate: Specifies that the system considers a URL to be under attack (or treats as suspicious)
if the ratio between the transaction rate detection interval and the transaction rate history interval,
- for one IP address, is greater than this number. The default setting is 500 percent.
+ for one URL, is greater than this number. The default setting is 500 percent.
- Maximum TPS
- Minimum TPS
</documentation>
<input message="tns:Security.ProfileDoS.set_url_tps_increase_rateRequest"/>
<output message="tns:Security.ProfileDoS.set_url_tps_increase_rateResponse"/>
</operation>
<operation name="get_url_tps_increase_rate">
<documentation>
Gets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_url_tps_increase_rateRequest"/>
<output message="tns:Security.ProfileDoS.get_url_tps_increase_rateResponse"/>
</operation>
<operation name="set_url_maximum_tps">
<documentation>
Sets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria.
- Maximum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious)
if the number of requests sent, per second, for the URL is equal to or greater than this number.
The default setting is 1000 requests per second.
@@ -7447,19 +9828,19 @@
<output message="tns:Security.ProfileDoS.set_url_maximum_tpsResponse"/>
</operation>
<operation name="get_url_maximum_tps">
<documentation>
Gets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_url_maximum_tpsRequest"/>
<output message="tns:Security.ProfileDoS.get_url_maximum_tpsResponse"/>
</operation>
<operation name="set_url_minimum_tps">
<documentation>
Sets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria.
- Minimum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious)
if the detected TPS for a specific URL equals, or is greater than, this number,
and the TPS increase rate was reached. If the detected TPS is lower than this number,
the system does not consider this URL to be under attack (or suspicious) even if
@@ -7470,43 +9851,167 @@
<output message="tns:Security.ProfileDoS.set_url_minimum_tpsResponse"/>
</operation>
<operation name="get_url_minimum_tps">
<documentation>
Gets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_url_minimum_tpsRequest"/>
<output message="tns:Security.ProfileDoS.get_url_minimum_tpsResponse"/>
</operation>
+ <operation name="set_site_wide_tps_increase_rate">
+ <documentation>
+ Sets the TPS increase rate value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ Site-wide detection criteria setting is only available in TPS-based anomaly.
+ It specifies that if at least one of the following criteria is met, the system treats the whole site to be under attack.
+ If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval.
+ The system does not return the blocking response page.
+
+ Suspicious Site-wide criteria setting is only available in Latency-based anomaly.
+ It specifies that if at least one of the following criteria is met, the system treats a site as suspicious (suspects the whole site to be attacked).
+ If an attack was detected according to the detection criteria, Site-wide rate limiting will be done on the suspicious sites.
+ The system prevents the attack by limiting the number of requests per second to the history interval.
+ The system does not return the blocking response page.
+
+ - TPS increase rate: Specifies that the system considers a whole site to be under attack (or treats as suspicious)
+ if the ratio between the transaction rate detection interval and the transaction rate history interval,
+ for one site, is greater than this number. The default setting is 500 percent.
+ - Maximum TPS
+ - Minimum TPS
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_site_wide_tps_increase_rateRequest"/>
+ <output message="tns:Security.ProfileDoS.set_site_wide_tps_increase_rateResponse"/>
+ </operation>
+ <operation name="get_site_wide_tps_increase_rate">
+ <documentation>
+ Gets the TPS increase rate value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_site_wide_tps_increase_rateRequest"/>
+ <output message="tns:Security.ProfileDoS.get_site_wide_tps_increase_rateResponse"/>
+ </operation>
+ <operation name="set_site_wide_maximum_tps">
+ <documentation>
+ Sets the maximum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ Please see set_site_wide_tps_increase_rate for more information about Site-wide detection criteria and suspicious Site-wide criteria.
+ - Maximum TPS: Specifies that the system considers a whole site to be under attack (or treats as suspicious)
+ if the number of requests sent, per second, for the site is equal to or greater than this number.
+ The default setting is 10000 requests per second.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_site_wide_maximum_tpsRequest"/>
+ <output message="tns:Security.ProfileDoS.set_site_wide_maximum_tpsResponse"/>
+ </operation>
+ <operation name="get_site_wide_maximum_tps">
+ <documentation>
+ Gets the maximum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_site_wide_maximum_tpsRequest"/>
+ <output message="tns:Security.ProfileDoS.get_site_wide_maximum_tpsResponse"/>
+ </operation>
+ <operation name="set_site_wide_minimum_tps">
+ <documentation>
+ Sets the minimum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ Please see set_site_wide_tps_increase_rate for more information about Site-wide detection criteria and suspicious Site-wide criteria.
+ - Minimum TPS: Specifies that the system considers a whole site to be under attack (or treats as suspicious)
+ if the detected TPS for a specific site equals, or is greater than, this number,
+ and the TPS increase rate was reached. If the detected TPS is lower than this number,
+ the system does not consider this whole site to be under attack (or suspicious) even if
+ the TPS increase rate was reached. The default setting is 2000 transactions per second.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_site_wide_minimum_tpsRequest"/>
+ <output message="tns:Security.ProfileDoS.set_site_wide_minimum_tpsResponse"/>
+ </operation>
+ <operation name="get_site_wide_minimum_tps">
+ <documentation>
+ Gets the minimum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_site_wide_minimum_tpsRequest"/>
+ <output message="tns:Security.ProfileDoS.get_site_wide_minimum_tpsResponse"/>
+ </operation>
+ <operation name="set_escalation_period">
+ <documentation>
+ Sets the escalation period (in seconds) in the specified anomaly.
+
+ Escalation period specifies for how long the system spends in each step until deciding to move to the next step
+ when preventing attacks against an attacker IP address or an attacked URL.
+ The system prevents attacks by rejecting requests either from the attacking IP address, or for the attacked URL.
+ After the system detects and stops a DoS attack, it performs attack prevention for the amount of time configured here
+ in every method that you enabled in prevention policy (see set_source_ip_based_client_side_integrity_defense_state)
+ even if the system detects that the attack continues. The default setting is 120 seconds.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_escalation_periodRequest"/>
+ <output message="tns:Security.ProfileDoS.set_escalation_periodResponse"/>
+ </operation>
+ <operation name="get_escalation_period">
+ <documentation>
+ Gets the escalation period (in seconds) in the specified anomaly.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_escalation_periodRequest"/>
+ <output message="tns:Security.ProfileDoS.get_escalation_periodResponse"/>
+ </operation>
+ <operation name="set_deescalation_period">
+ <documentation>
+ Sets the de-escalation period (in seconds) in the specified anomaly.
+
+ De-escalation period specifies for how long the system spends in the final escalation step until retrying the steps from the top
+ when preventing attacks against an attacker IP address or an attacked URL. Zero value specifies that no de-escalation occurs.
+ Please see set_escalation_period for more information about escalation. The default setting is 7200 seconds.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_deescalation_periodRequest"/>
+ <output message="tns:Security.ProfileDoS.set_deescalation_periodResponse"/>
+ </operation>
+ <operation name="get_deescalation_period">
+ <documentation>
+ Gets the de-escalation period (in seconds) in the specified anomaly.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_deescalation_periodRequest"/>
+ <output message="tns:Security.ProfileDoS.get_deescalation_periodResponse"/>
+ </operation>
<operation name="set_maximum_prevention_duration">
<documentation>
+ This method has been deprecated. Please use set_escalation_period / set_deescalation_period instead.
+
Sets the maximum prevention duration (in seconds) in the specified anomaly.
Prevention duration specifies for how long the system prevents attacks against an attacker IP address or an attacked URL.
The system prevents attacks by rejecting requests either from the attacking IP address, or for the attacked URL.
- Unlimited (zero value): Specifies that after the system detects and stops a DoS attack,
it performs attack prevention until it detects the end of the attack. This is the default.
- - Number of seconds (positive value): Specifies that after the system detects and stops a DoS attack,
+ - Number of seconds (positive value): Specifies that after the system detects and stops a DoS attack,
it performs attack prevention either for the amount of time configured here even if the system detects
that the attack continues, or until the system detects the end of the attack, whichever is earlier.
</documentation>
<input message="tns:Security.ProfileDoS.set_maximum_prevention_durationRequest"/>
<output message="tns:Security.ProfileDoS.set_maximum_prevention_durationResponse"/>
</operation>
<operation name="get_maximum_prevention_duration">
<documentation>
+ This method has been deprecated. Please use get_escalation_period / get_deescalation_period instead.
+
Gets the maximum prevention duration (in seconds) in the specified anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_maximum_prevention_durationRequest"/>
<output message="tns:Security.ProfileDoS.get_maximum_prevention_durationResponse"/>
</operation>
<operation name="set_latency_increase_rate">
<documentation>
Sets the latency increase rate value in detection criteria of Latency-based anomaly.
-
+
Detection criteria setting is only available in Latency-based anomaly.
It specifies the criteria under which the system considers traffic to be an attack.
First, the minimum latency must be reached, and then either the latency increase rate or the maximum latency must be reached.
- Latency increase rate: Specifies that the system considers traffic to be an attack if
the ratio of the latency detection interval to the latency history interval,
@@ -7519,19 +10024,19 @@
<output message="tns:Security.ProfileDoS.set_latency_increase_rateResponse"/>
</operation>
<operation name="get_latency_increase_rate">
<documentation>
Gets the latency increase rate value in detection criteria of Latency-based anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_latency_increase_rateRequest"/>
<output message="tns:Security.ProfileDoS.get_latency_increase_rateResponse"/>
</operation>
<operation name="set_maximum_latency">
<documentation>
Sets the maximum latency value in detection criteria of Latency-based anomaly.
-
+
Please see set_latency_increase_rate for more information about detection criteria.
- Maximum latency: Specifies that the system considers traffic to be an attack if
the latency detection interval for a specific URL is greater than this number.
The default setting is 10000 milliseconds.
@@ -7540,19 +10045,19 @@
<output message="tns:Security.ProfileDoS.set_maximum_latencyResponse"/>
</operation>
<operation name="get_maximum_latency">
<documentation>
Gets the maximum latency value in detection criteria of Latency-based anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_maximum_latencyRequest"/>
<output message="tns:Security.ProfileDoS.get_maximum_latencyResponse"/>
</operation>
<operation name="set_minimum_latency">
<documentation>
Sets the minimum latency value in detection criteria of Latency-based anomaly.
-
+
Please see set_latency_increase_rate for more information about detection criteria.
- Minimum latency: Specifies that the system considers traffic to be an attack if
the detection interval for a specific URL equals, or is greater than, this number,
and at least one of the latency increase rate or maximum latency was reached.
If the detection interval is lower than this number, the system does not consider
@@ -7564,15 +10069,242 @@
<output message="tns:Security.ProfileDoS.set_minimum_latencyResponse"/>
</operation>
<operation name="get_minimum_latency">
<documentation>
Gets the minimum latency value in detection criteria of Latency-based anomaly.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_minimum_latencyRequest"/>
<output message="tns:Security.ProfileDoS.get_minimum_latencyResponse"/>
</operation>
+ <operation name="set_heavy_url_protection_state">
+ <documentation>
+ Sets the heavy URL protection state in Application Security.
+
+ Heavy URLs are those ones that may consume considerable server resources per request,
+ thus it takes only low rate requests to those URLs in order to cause DoS attacks.
+ Attacks will continue to be detected using the TPS-based and Latency-based anomalies.
+ Heavy URL protection specifies, when enabled, that whenever an attack is detected,
+ the system protects the heavy URLs using the URL-based methods that you enabled in prevention policy
+ (see set_source_ip_based_client_side_integrity_defense_state). If no such prevention method is enabled,
+ attacks will be only reported. The default is enabled.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_heavy_url_protection_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.set_heavy_url_protection_stateResponse"/>
+ </operation>
+ <operation name="get_heavy_url_protection_state">
+ <documentation>
+ Gets the heavy URL protection state in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_heavy_url_protection_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.get_heavy_url_protection_stateResponse"/>
+ </operation>
+ <operation name="set_heavy_url_automatic_detection_state">
+ <documentation>
+ Sets the automatic heavy URL detection state in Application Security.
+
+ Automatic heavy URL detection specifies, when enabled, that the system automatically detects heavy URLs,
+ in addition to the manually configured ones (see set_heavy_url_includes and set_heavy_url_excludes).
+ For the sake of detecting heavy URLs, the system measures the latency tail weight, defined as
+ the ratio of transactions that have latency beyond the latency threshold (see set_heavy_url_latency_threshold)
+ out of all the transactions. A URL is considered heavy if the tail is considerably above the global average
+ in the long run. In order to enable this setting, you must first enable heavy URL protection.
+ The default is enabled.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_heavy_url_automatic_detection_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.set_heavy_url_automatic_detection_stateResponse"/>
+ </operation>
+ <operation name="get_heavy_url_automatic_detection_state">
+ <documentation>
+ Gets the automatic heavy URL detection state in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_heavy_url_automatic_detection_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.get_heavy_url_automatic_detection_stateResponse"/>
+ </operation>
+ <operation name="get_heavy_url_include">
+ <documentation>
+ Gets the included heavy URLs in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_heavy_url_includeRequest"/>
+ <output message="tns:Security.ProfileDoS.get_heavy_url_includeResponse"/>
+ </operation>
+ <operation name="add_heavy_url_include">
+ <documentation>
+ Adds a list of URLs to the manually-configured (included) heavy URLs in Application Security.
+
+ Included heavy URLs specify URLs that are expected to be heavy from a-priori knowledge
+ even if they are not automatically detected as heavy.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.add_heavy_url_includeRequest"/>
+ <output message="tns:Security.ProfileDoS.add_heavy_url_includeResponse"/>
+ </operation>
+ <operation name="replace_heavy_url_include">
+ <documentation>
+ Replaces the existing included heavy URLs with new ones in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.replace_heavy_url_includeRequest"/>
+ <output message="tns:Security.ProfileDoS.replace_heavy_url_includeResponse"/>
+ </operation>
+ <operation name="remove_heavy_url_include">
+ <documentation>
+ Removes specific URLs from the included heavy URLs in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.remove_heavy_url_includeRequest"/>
+ <output message="tns:Security.ProfileDoS.remove_heavy_url_includeResponse"/>
+ </operation>
+ <operation name="get_heavy_url_exclude">
+ <documentation>
+ Gets the excluded heavy URLs in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_heavy_url_excludeRequest"/>
+ <output message="tns:Security.ProfileDoS.get_heavy_url_excludeResponse"/>
+ </operation>
+ <operation name="add_heavy_url_exclude">
+ <documentation>
+ Adds a list of URLs to the ignored (excluded) heavy URLs in Application Security.
+
+ Excluded heavy URLs specify URLs that are not considered heavy even if automatically detected.
+ The exclude list can contain prefix wildcards.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.add_heavy_url_excludeRequest"/>
+ <output message="tns:Security.ProfileDoS.add_heavy_url_excludeResponse"/>
+ </operation>
+ <operation name="replace_heavy_url_exclude">
+ <documentation>
+ Replaces the existing excluded heavy URLs with new ones in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.replace_heavy_url_excludeRequest"/>
+ <output message="tns:Security.ProfileDoS.replace_heavy_url_excludeResponse"/>
+ </operation>
+ <operation name="remove_heavy_url_exclude">
+ <documentation>
+ Removes specific URLs from the excluded heavy URLs in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.remove_heavy_url_excludeRequest"/>
+ <output message="tns:Security.ProfileDoS.remove_heavy_url_excludeResponse"/>
+ </operation>
+ <operation name="set_heavy_url_latency_threshold">
+ <documentation>
+ Sets latency threshold for automatic heavy URL detection (in milliseconds) in Application Security.
+
+ Please see set_heavy_url_automatic_detection_state for more information about automatic heavy URL detection.
+ You must enable automatic heavy URL detection in order to configure the latency threshold.
+ You can increase or decrease this number to improve accuracy of the automatically detected heavy URLs,
+ if too many or too few URLs are found by the system to be heavy. The default setting is 1000 milliseconds.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_heavy_url_latency_thresholdRequest"/>
+ <output message="tns:Security.ProfileDoS.set_heavy_url_latency_thresholdResponse"/>
+ </operation>
+ <operation name="get_heavy_url_latency_threshold">
+ <documentation>
+ Gets the latency threshold for automatic heavy URL detection (in milliseconds) in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_heavy_url_latency_thresholdRequest"/>
+ <output message="tns:Security.ProfileDoS.get_heavy_url_latency_thresholdResponse"/>
+ </operation>
+ <operation name="set_tcp_dump_record_traffic_state">
+ <documentation>
+ Sets the TCP dump record traffic state in Application Security.
+
+ Specifies when enabled that the system records traffic (performs a TCP dump)
+ when a DoS attack is underway. The system records traffic during DoS attacks
+ on the virtual server in which the attack was detected. The TCP dump files can be collected
+ into the QuickView file so that F5 support can use it for solving customer cases.
+ The files are located in the system in the following file path: /shared/dosl7/tcpdumps,
+ and have a pcap extension.
+ The default is disabled.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_tcp_dump_record_traffic_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.set_tcp_dump_record_traffic_stateResponse"/>
+ </operation>
+ <operation name="get_tcp_dump_record_traffic_state">
+ <documentation>
+ Gets the TCP dump record traffic state in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_tcp_dump_record_traffic_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.get_tcp_dump_record_traffic_stateResponse"/>
+ </operation>
+ <operation name="set_tcp_dump_maximum_duration">
+ <documentation>
+ Sets the TCP dump maximum duration (in seconds) in Application Security.
+
+ The maximum time for one dump cycle. Legal values are between 1 and 300.
+ Please see set_tcp_dump_record_traffic_state for more information about recording the traffic/TCP dump.
+ The default setting is 30 seconds.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_tcp_dump_maximum_durationRequest"/>
+ <output message="tns:Security.ProfileDoS.set_tcp_dump_maximum_durationResponse"/>
+ </operation>
+ <operation name="get_tcp_dump_maximum_duration">
+ <documentation>
+ Gets the TCP dump maximum duration (in seconds) in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_tcp_dump_maximum_durationRequest"/>
+ <output message="tns:Security.ProfileDoS.get_tcp_dump_maximum_durationResponse"/>
+ </operation>
+ <operation name="set_tcp_dump_maximum_size">
+ <documentation>
+ Sets the TCP dump maximum size (in megabytes) in Application Security.
+
+ The maximum size for a dump cycle. Legal values are between 1 and 50.
+ Please see set_tcp_dump_record_traffic_state for more information about recording the traffic/TCP dump.
+ The default setting is 10 megabytes.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_tcp_dump_maximum_sizeRequest"/>
+ <output message="tns:Security.ProfileDoS.set_tcp_dump_maximum_sizeResponse"/>
+ </operation>
+ <operation name="get_tcp_dump_maximum_size">
+ <documentation>
+ Gets the TCP dump maximum size (in megabytes) in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_tcp_dump_maximum_sizeRequest"/>
+ <output message="tns:Security.ProfileDoS.get_tcp_dump_maximum_sizeResponse"/>
+ </operation>
+ <operation name="set_tcp_dump_repetition_interval">
+ <documentation>
+ Sets the TCP dump repetition interval (in seconds) in Application Security.
+
+ Specifies whether the system performs one dump for each DoS attack, or multiple dumps.
+ When value is 0: Specifies that the system performs one dump for each DoS attack.
+ When value is greater than 0: Specifies that the system performs multiple dumps for each DoS attack,
+ and how long the system waits after finishing a dump cycle before starting a new cycle.
+ Legal values are between 0 and 2600 seconds.
+ Please see set_tcp_dump_record_traffic_state for more information about recording the traffic/TCP dump.
+ The default setting is 120 seconds.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_tcp_dump_repetition_intervalRequest"/>
+ <output message="tns:Security.ProfileDoS.set_tcp_dump_repetition_intervalResponse"/>
+ </operation>
+ <operation name="get_tcp_dump_repetition_interval">
+ <documentation>
+ Gets the TCP dump repetition interval (in seconds) in Application Security.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_tcp_dump_repetition_intervalRequest"/>
+ <output message="tns:Security.ProfileDoS.get_tcp_dump_repetition_intervalResponse"/>
+ </operation>
<operation name="get_white_ip">
<documentation>
Gets the entire IP address whitelist of DoS profile Application Security.
</documentation>
@@ -7580,11 +10312,11 @@
<output message="tns:Security.ProfileDoS.get_white_ipResponse"/>
</operation>
<operation name="add_white_ip">
<documentation>
Adds a list of IP addresses with subnet masks to the whitelist of DoS profile Application Security.
-
+
IP address whitelist specifies IP addresses, including subnet masks, that the system considers
legitimate and does not examine when performing DoS prevention.
</documentation>
<input message="tns:Security.ProfileDoS.add_white_ipRequest"/>
@@ -7676,70 +10408,70 @@
<operation name="set_sip_attack_vector_rate_increase">
<documentation>
Sets the rate increase percentage for the specified SIP Attack Vectors. When the rate increases
above this percentage then BIG-IP will detect the specified SIP Attack Vectors.
Note: This value cannot be set below 100.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.set_sip_attack_vector_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.set_sip_attack_vector_rate_increaseResponse"/>
</operation>
<operation name="get_sip_attack_vector_rate_increase">
<documentation>
Gets the rate increase percentage for the specified SIP Attack Vectors.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_sip_attack_vector_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.get_sip_attack_vector_rate_increaseResponse"/>
</operation>
<operation name="set_sip_attack_vector_rate_threshold">
<documentation>
Sets the rate threshold for the specified SIP Attack Vectors. When the rate increases above this threshold
then BIG-IP will detect the specified SIP Attack Vectors.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.set_sip_attack_vector_rate_thresholdRequest"/>
<output message="tns:Security.ProfileDoS.set_sip_attack_vector_rate_thresholdResponse"/>
</operation>
<operation name="get_sip_attack_vector_rate_threshold">
<documentation>
Gets the rate threshold for the specified SIP Attack Vectors.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_sip_attack_vector_rate_thresholdRequest"/>
<output message="tns:Security.ProfileDoS.get_sip_attack_vector_rate_thresholdResponse"/>
</operation>
<operation name="set_protocol_sip_error_attack_rate_increase">
<documentation>
Sets the rate increase for SIP protocol errors DoS attack vector. When the rate increases above this percentage
then BIG-IP will detect a protocol errors SIP DoS attack.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.set_protocol_sip_error_attack_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.set_protocol_sip_error_attack_rate_increaseResponse"/>
</operation>
<operation name="get_protocol_sip_error_attack_rate_increase">
<documentation>
Gets the rate increase for SIP protocol errors DoS attack vector.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_protocol_sip_error_attack_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.get_protocol_sip_error_attack_rate_increaseResponse"/>
</operation>
<operation name="set_protocol_sip_error_attack_rate_threshold">
<documentation>
Sets the rate threshold for SIP protocol errors DoS attack vector. When the rate increases above this threshold
then BIG-IP will detect a protocol errors SIP DoS attack.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.set_protocol_sip_error_attack_rate_thresholdRequest"/>
<output message="tns:Security.ProfileDoS.set_protocol_sip_error_attack_rate_thresholdResponse"/>
</operation>
<operation name="get_protocol_sip_error_attack_rate_threshold">
<documentation>
Gets the rate threshold for SIP protocol errors DoS attack vector.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_protocol_sip_error_attack_rate_thresholdRequest"/>
<output message="tns:Security.ProfileDoS.get_protocol_sip_error_attack_rate_thresholdResponse"/>
</operation>
<operation name="set_protocol_sip_error_attack_detection_state">
@@ -7752,29 +10484,27 @@
<output message="tns:Security.ProfileDoS.set_protocol_sip_error_attack_detection_stateResponse"/>
</operation>
<operation name="get_protocol_sip_error_attack_detection_state">
<documentation>
Gets the SIP Protocol Error Attack Detection state in Protocol SIP Security.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_protocol_sip_error_attack_detection_stateRequest"/>
<output message="tns:Security.ProfileDoS.get_protocol_sip_error_attack_detection_stateResponse"/>
</operation>
<operation name="reset_sip_attack_vector_statistics">
<documentation>
Resets the statistics for the specified SIP Attack Vectors.
- Note that at this time, the "vectors" argument is ignored, and
- statistics for all vectors are reset.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.reset_sip_attack_vector_statisticsRequest"/>
<output message="tns:Security.ProfileDoS.reset_sip_attack_vector_statisticsResponse"/>
</operation>
<operation name="get_all_sip_attack_vector_statistics">
<documentation>
Gets the statistics for all SIP Attack Vectors (of the specified Protocol SIP Security sub-profiles).
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_all_sip_attack_vector_statisticsRequest"/>
<output message="tns:Security.ProfileDoS.get_all_sip_attack_vector_statisticsResponse"/>
</operation>
<operation name="get_sip_attack_vector_statistics">
@@ -7817,26 +10547,26 @@
<input message="tns:Security.ProfileDoS.remove_all_dns_query_vectorsRequest"/>
<output message="tns:Security.ProfileDoS.remove_all_dns_query_vectorsResponse"/>
</operation>
<operation name="set_dns_query_vector_rate_increase">
<documentation>
- Sets the rate increase percentage for the specified DNS Query Vectors.
+ Sets the rate increase percentage for the specified DNS Query Vectors.
The system calculates the rate increase percentage for a given
vector by comparing the 1 minute average to the 1 hour average, and
compares the result to the percentage set. If the set percentage is
less than or equal to the calculated value, a DoS attack is registered.
Note that this value cannot be set below 100.
The attack ends when this condition is no longer true.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.set_dns_query_vector_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.set_dns_query_vector_rate_increaseResponse"/>
</operation>
<operation name="get_dns_query_vector_rate_increase">
<documentation>
Gets the rate increase percentage for the specified DNS Query Vectors.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_dns_query_vector_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.get_dns_query_vector_rate_increaseResponse"/>
</operation>
<operation name="set_dns_query_vector_rate_threshold">
@@ -7849,66 +10579,64 @@
<output message="tns:Security.ProfileDoS.set_dns_query_vector_rate_thresholdResponse"/>
</operation>
<operation name="get_dns_query_vector_rate_threshold">
<documentation>
Gets the query vector rate threshold for the specified DNS Query Vectors.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_dns_query_vector_rate_thresholdRequest"/>
<output message="tns:Security.ProfileDoS.get_dns_query_vector_rate_thresholdResponse"/>
</operation>
<operation name="set_protocol_dns_error_attack_rate_increase">
<documentation>
Sets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles.
- This is the rate increase (as a percentage) of traffic for Malformed and Malicious
- DNS packets to register a DoS attack. This number is calculated by comparing the 1
+ This is the rate increase (as a percentage) of traffic for Malformed and Malicious
+ DNS packets to register a DoS attack. This number is calculated by comparing the 1
minute average to the 1 hour average.
</documentation>
<input message="tns:Security.ProfileDoS.set_protocol_dns_error_attack_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.set_protocol_dns_error_attack_rate_increaseResponse"/>
</operation>
<operation name="get_protocol_dns_error_attack_rate_increase">
<documentation>
Gets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_protocol_dns_error_attack_rate_increaseRequest"/>
<output message="tns:Security.ProfileDoS.get_protocol_dns_error_attack_rate_increaseResponse"/>
</operation>
<operation name="set_protocol_dns_error_attack_detection_state">
<documentation>
Sets the Protocol DNS Error Attack Detection state for the specified Protocol DNS Security sub-profiles.
- This Determines whether or not to include Malformed and Malicious DNS packets
+ This Determines whether or not to include Malformed and Malicious DNS packets
in DoS attack detection.
</documentation>
<input message="tns:Security.ProfileDoS.set_protocol_dns_error_attack_detection_stateRequest"/>
<output message="tns:Security.ProfileDoS.set_protocol_dns_error_attack_detection_stateResponse"/>
</operation>
<operation name="get_protocol_dns_error_attack_detection_state">
<documentation>
Gets the DNS Protocol Error Attack Detection state for the specified Protocol DNS Security sub-profiles.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_protocol_dns_error_attack_detection_stateRequest"/>
<output message="tns:Security.ProfileDoS.get_protocol_dns_error_attack_detection_stateResponse"/>
</operation>
<operation name="reset_dns_query_vector_statistics">
<documentation>
Resets the statistics for the specified DNS Query Vectors.
- Note that at this time, the "vectors" argument is ignored, and
- statistics for all vectors are reset.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.reset_dns_query_vector_statisticsRequest"/>
<output message="tns:Security.ProfileDoS.reset_dns_query_vector_statisticsResponse"/>
</operation>
<operation name="get_all_dns_query_vector_statistics">
<documentation>
Gets the statistics for all DNS Query Vectors for the specified Protocol DNS Security sub-profiles.
-
+
</documentation>
<input message="tns:Security.ProfileDoS.get_all_dns_query_vector_statisticsRequest"/>
<output message="tns:Security.ProfileDoS.get_all_dns_query_vector_statisticsResponse"/>
</operation>
<operation name="get_dns_query_vector_statistics">
@@ -7920,91 +10648,91 @@
<output message="tns:Security.ProfileDoS.get_dns_query_vector_statisticsResponse"/>
</operation>
<operation name="get_dos_network">
<documentation>
Gets the DoS Network sub-profiles for the specified DoS profiles.
- With this sub-profile, the Layer 4 attacks are detected and
- actions are taken to drop the packets over the limit in one
+ With this sub-profile, the Layer 4 attacks are detected and
+ actions are taken to drop the packets over the limit in one
second.
</documentation>
<input message="tns:Security.ProfileDoS.get_dos_networkRequest"/>
<output message="tns:Security.ProfileDoS.get_dos_networkResponse"/>
</operation>
<operation name="add_dos_network">
<documentation>
- Adds a list of DoS Network sub-profiles for the specified DoS
- profiles. Note: Only one Security DoS Network sub-profile can
+ Adds a list of DoS Network sub-profiles for the specified DoS
+ profiles. Note: Only one Security DoS Network sub-profile can
exist per profile.
</documentation>
<input message="tns:Security.ProfileDoS.add_dos_networkRequest"/>
<output message="tns:Security.ProfileDoS.add_dos_networkResponse"/>
</operation>
<operation name="remove_dos_network">
<documentation>
- Removes a list of DoS Network sub-profiles from the specified
+ Removes a list of DoS Network sub-profiles from the specified
DoS profiles.
</documentation>
<input message="tns:Security.ProfileDoS.remove_dos_networkRequest"/>
<output message="tns:Security.ProfileDoS.remove_dos_networkResponse"/>
</operation>
<operation name="remove_all_dos_networks">
<documentation>
- Removes all DoS Network sub-profiles from the specified DoS
+ Removes all DoS Network sub-profiles from the specified DoS
profiles.
</documentation>
<input message="tns:Security.ProfileDoS.remove_all_dos_networksRequest"/>
<output message="tns:Security.ProfileDoS.remove_all_dos_networksResponse"/>
</operation>
<operation name="get_network_attack_vector">
<documentation>
- Gets the Network Attack Vectors for the specified DoS Network
+ Gets the Network Attack Vectors for the specified DoS Network
sub-profiles.
- A Network Attack Vector allows the user to enable DoS attack
- detection on a specific attack vector and also lets the user
+ A Network Attack Vector allows the user to enable DoS attack
+ detection on a specific attack vector and also lets the user
configure attack sensitivity (rate limit & threshold).
</documentation>
<input message="tns:Security.ProfileDoS.get_network_attack_vectorRequest"/>
<output message="tns:Security.ProfileDoS.get_network_attack_vectorResponse"/>
</operation>
<operation name="add_network_attack_vector">
<documentation>
- Adds a list of Network Attack Vectors for the specified DoS
+ Adds a list of Network Attack Vectors for the specified DoS
Network sub-profiles.
</documentation>
<input message="tns:Security.ProfileDoS.add_network_attack_vectorRequest"/>
<output message="tns:Security.ProfileDoS.add_network_attack_vectorResponse"/>
</operation>
<operation name="remove_network_attack_vector">
<documentation>
- Removes a list of Network Attack Vectors from the specified DoS
+ Removes a list of Network Attack Vectors from the specified DoS
Network sub-profiles.
</documentation>
<input message="tns:Security.ProfileDoS.remove_network_attack_vectorRequest"/>
<output message="tns:Security.ProfileDoS.remove_network_attack_vectorResponse"/>
</operation>
<operation name="remove_all_network_attack_vectors">
<documentation>
- Removes all Network Attack Vectors from the specified DoS
+ Removes all Network Attack Vectors from the specified DoS
Network sub-profiles.
</documentation>
<input message="tns:Security.ProfileDoS.remove_all_network_attack_vectorsRequest"/>
<output message="tns:Security.ProfileDoS.remove_all_network_attack_vectorsResponse"/>
</operation>
<operation name="set_network_attack_vector_rate_limit">
<documentation>
Sets the Rate Limits for the specified Network Attack Vectors.
- When the incoming packet number per second for the specified
- Network Attack Vectors is over this limit then the system will
- drop all the over limit packets in this second. The limit number
+ When the incoming packet number per second for the specified
+ Network Attack Vectors is over this limit then the system will
+ drop all the over limit packets in this second. The limit number
of incoming packets will be allowed again in the next second.
</documentation>
<input message="tns:Security.ProfileDoS.set_network_attack_vector_rate_limitRequest"/>
<output message="tns:Security.ProfileDoS.set_network_attack_vector_rate_limitResponse"/>
@@ -8017,43 +10745,41 @@
<input message="tns:Security.ProfileDoS.get_network_attack_vector_rate_limitRequest"/>
<output message="tns:Security.ProfileDoS.get_network_attack_vector_rate_limitResponse"/>
</operation>
<operation name="set_network_attack_vector_rate_threshold">
<documentation>
- Sets the Rate Thresholds for the specified Network Attack
+ Sets the Rate Thresholds for the specified Network Attack
Vectors.
- When the incoming packet number per second for the specified
- Network Attack Vectors goes above this threshold then the system
- will detect this kind of Layer 4 attack and take the action to
+ When the incoming packet number per second for the specified
+ Network Attack Vectors goes above this threshold then the system
+ will detect this kind of Layer 4 attack and take the action to
log.
</documentation>
<input message="tns:Security.ProfileDoS.set_network_attack_vector_rate_thresholdRequest"/>
<output message="tns:Security.ProfileDoS.set_network_attack_vector_rate_thresholdResponse"/>
</operation>
<operation name="get_network_attack_vector_rate_threshold">
<documentation>
- Gets the Rate Thresholds for the specified Network Attack
+ Gets the Rate Thresholds for the specified Network Attack
Vectors.
</documentation>
<input message="tns:Security.ProfileDoS.get_network_attack_vector_rate_thresholdRequest"/>
<output message="tns:Security.ProfileDoS.get_network_attack_vector_rate_thresholdResponse"/>
</operation>
<operation name="reset_network_attack_vector_statistics">
<documentation>
Resets the statistics for the specified Network Attack Vectors.
- Note that at this time, the "vectors" argument is ignored, and
- statistics for all vectors are reset.
</documentation>
<input message="tns:Security.ProfileDoS.reset_network_attack_vector_statisticsRequest"/>
<output message="tns:Security.ProfileDoS.reset_network_attack_vector_statisticsResponse"/>
</operation>
<operation name="get_all_network_attack_vector_statistics">
<documentation>
- Gets the statistics for all Network Attack Vectors of the
+ Gets the statistics for all Network Attack Vectors of the
specified DoS Network sub-profiles.
</documentation>
<input message="tns:Security.ProfileDoS.get_all_network_attack_vector_statisticsRequest"/>
<output message="tns:Security.ProfileDoS.get_all_network_attack_vector_statisticsResponse"/>
@@ -8064,10 +10790,81 @@
</documentation>
<input message="tns:Security.ProfileDoS.get_network_attack_vector_statisticsRequest"/>
<output message="tns:Security.ProfileDoS.get_network_attack_vector_statisticsResponse"/>
</operation>
+ <operation name="set_network_attack_vector_auto_blacklisting_state">
+ <documentation>
+ Sets the auto blacklisting state for the specified Network Attack Vectors.
+ If auto blacklisting is enabled, offending IPs will be automatically
+ blocked for the specified blacklist duration. See
+ set_network_attack_vector_blacklist_duration for more details.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_network_attack_vector_auto_blacklisting_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.set_network_attack_vector_auto_blacklisting_stateResponse"/>
+ </operation>
+ <operation name="get_network_attack_vector_auto_blacklisting_state">
+ <documentation>
+ Gets the auto blacklisting state for the specified Network Attack Vectors.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_network_attack_vector_auto_blacklisting_stateRequest"/>
+ <output message="tns:Security.ProfileDoS.get_network_attack_vector_auto_blacklisting_stateResponse"/>
+ </operation>
+ <operation name="set_network_attack_vector_blacklist_detection_seconds">
+ <documentation>
+ Sets the blacklist detection value (seconds) for the specified Network Attack Vectors.
+ The blacklist detection value is the time that a given IP must be offending before
+ being added to the blacklist.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_network_attack_vector_blacklist_detection_secondsRequest"/>
+ <output message="tns:Security.ProfileDoS.set_network_attack_vector_blacklist_detection_secondsResponse"/>
+ </operation>
+ <operation name="get_network_attack_vector_blacklist_detection_seconds">
+ <documentation>
+ Gets the blacklist detection value for the specified Network Attack Vectors.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_network_attack_vector_blacklist_detection_secondsRequest"/>
+ <output message="tns:Security.ProfileDoS.get_network_attack_vector_blacklist_detection_secondsResponse"/>
+ </operation>
+ <operation name="set_network_attack_vector_blacklist_duration">
+ <documentation>
+ Sets the blacklist duration (seconds) for the specified Network Attack Vectors.
+ The blacklist duration is the time that an offending IP will remain in the blacklist.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_network_attack_vector_blacklist_durationRequest"/>
+ <output message="tns:Security.ProfileDoS.set_network_attack_vector_blacklist_durationResponse"/>
+ </operation>
+ <operation name="get_network_attack_vector_blacklist_duration">
+ <documentation>
+ Gets the blacklist duration for the specified Network Attack Vectors.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_network_attack_vector_blacklist_durationRequest"/>
+ <output message="tns:Security.ProfileDoS.get_network_attack_vector_blacklist_durationResponse"/>
+ </operation>
+ <operation name="set_network_attack_vector_blacklist_category">
+ <documentation>
+ Sets the blacklist categories for the specified Network Attack Vectors.
+ The blacklist categories which blacklisted IPs should be added to.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.set_network_attack_vector_blacklist_categoryRequest"/>
+ <output message="tns:Security.ProfileDoS.set_network_attack_vector_blacklist_categoryResponse"/>
+ </operation>
+ <operation name="get_network_attack_vector_blacklist_category">
+ <documentation>
+ Gets the blacklist category for the specified Network Attack Vectors.
+
+ </documentation>
+ <input message="tns:Security.ProfileDoS.get_network_attack_vector_blacklist_categoryRequest"/>
+ <output message="tns:Security.ProfileDoS.get_network_attack_vector_blacklist_categoryResponse"/>
+ </operation>
<operation name="get_version">
<documentation>
Gets the version information for this interface.
</documentation>
@@ -8268,11 +11065,11 @@
</operation>
<operation name="remove_application">
<documentation>
Removes specific Application Security sub-profiles from the specified profiles.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8288,11 +11085,11 @@
</operation>
<operation name="remove_all_applications">
<documentation>
Removes all Application Security sub-profiles from the specified profiles.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8354,11 +11151,11 @@
</operation>
<operation name="remove_protocol_dns">
<documentation>
Removes specific Protocol DNS Security sub-profiles from the specified profiles.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8374,11 +11171,11 @@
</operation>
<operation name="remove_all_protocol_dnses">
<documentation>
Removes all Protocol DNS Security sub-profiles from the specified profiles.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8396,11 +11193,11 @@
<operation name="set_trigger_irule_state">
<documentation>
Sets the trigger DoS iRule event state in Application Security.
Trigger DoS iRule event specifies, when enabled, that the system activates an Application DoS iRule event.
- The default setting is disabled.
+ The default is disabled.
Enable it if you have written iRules that process this event, and assigned them to a specific virtual server.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -8418,11 +11215,11 @@
</operation>
<operation name="get_trigger_irule_state">
<documentation>
Gets the trigger DoS iRule event state in Application Security.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8439,11 +11236,11 @@
<operation name="set_operation_mode">
<documentation>
Sets the operation mode of the specified anomaly.
The available operation modes are mentioned under the OperationMode enumeration.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8459,11 +11256,11 @@
</operation>
<operation name="get_operation_mode">
<documentation>
Gets the operation mode of the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8480,21 +11277,23 @@
<operation name="set_source_ip_based_client_side_integrity_defense_state">
<documentation>
Sets the Source IP-based client side integrity defense state in the specified anomaly.
- Prevention policy consisting of four methods specifies how the system handles an attack.
+ Prevention policy consisting of six methods specifies how the system handles an attack.
The system begins with the first method that you enabled in this list.
If the system finds this method not effective enough to stop the attack,
it uses the next method that you enabled in this list.
- Source IP-based client side integrity defense: Specifies, when enabled,
that the system determines whether the client is a legal browser or an illegal script
by sending a JavaScript challenge to each suspicious IP address and waiting for a response.
(Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled.
- URL-based client side integrity defense
+ - Site-wide client side integrity defense
- Source IP-based rate limiting
- URL-based rate limiting
+ - Site-wide rate limiting
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
@@ -8511,11 +11310,11 @@
</operation>
<operation name="get_source_ip_based_client_side_integrity_defense_state">
<documentation>
Gets the Source IP-based client side integrity defense state in the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8536,11 +11335,11 @@
Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
- URL-based client side integrity defense: Specifies, when enabled,
that the system determines whether the client is a legal browser or an illegal script
by sending a JavaScript challenge to each suspicious URL and waiting for a response.
- (Legal URLs are able to respond, while illegal scripts cannot.) The default is disabled.
+ (Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
@@ -8557,11 +11356,11 @@
</operation>
<operation name="get_url_based_client_side_integrity_defense_state">
<documentation>
Gets the URL-based client side integrity defense state in the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8574,10 +11373,56 @@
namespace="urn:iControl:Security/ProfileDoS"
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</output>
</operation>
+ <operation name="set_site_wide_client_side_integrity_defense_state">
+ <documentation>
+ Sets the Site-wide client side integrity defense state in the specified anomaly.
+
+ Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
+ - Site-wide client side integrity defense: Specifies, when enabled,
+ that the system determines whether the client is a legal browser or an illegal script
+ by sending a JavaScript challenge to each suspicious site and waiting for a response.
+ (Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_site_wide_client_side_integrity_defense_state">
+ <documentation>
+ Gets the Site-wide client side integrity defense state in the specified anomaly.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
<operation name="set_source_ip_based_rate_limiting_state">
<documentation>
Sets the Source IP-based rate limiting state in the specified anomaly.
Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
@@ -8604,11 +11449,11 @@
</operation>
<operation name="get_source_ip_based_rate_limiting_state">
<documentation>
Gets the Source IP-based rate limiting state in the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8624,11 +11469,11 @@
</operation>
<operation name="set_url_based_rate_limiting_state">
<documentation>
Sets the URL-based rate limiting state in the specified anomaly.
-
+
Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
- URL-based rate limiting: Specifies, when enabled,
that the system drops transactions for suspicious URLs,
regardless of whether the IP address is suspicious or not.
The system allows requests for that URL when the request rate per second
@@ -8652,11 +11497,11 @@
</operation>
<operation name="get_url_based_rate_limiting_state">
<documentation>
Gets the URL-based rate limiting state in the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8669,14 +11514,62 @@
namespace="urn:iControl:Security/ProfileDoS"
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</output>
</operation>
+ <operation name="set_site_wide_rate_limiting_state">
+ <documentation>
+ Sets the Site-wide rate limiting state in the specified anomaly.
+
+ Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy.
+ - Site-wide rate limiting: Specifies, when enabled,
+ that the system drops transactions for suspicious sites,
+ regardless of whether the IP address is suspicious or not.
+ The system allows requests for that site when the request rate per second
+ is less than the legitimate history interval (before the attack started),
+ or less than the threshold you configure in the maximum TPS. The default is enabled.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_site_wide_rate_limiting_state">
+ <documentation>
+ Gets the Site-wide rate limiting state in the specified anomaly.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
<operation name="set_ip_tps_increase_rate">
<documentation>
Sets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
IP detection criteria setting is only available in TPS-based anomaly.
It specifies that if at least one of the following criteria is met, the system treats the IP address as an attacker.
If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval.
The system does not return the blocking response page.
@@ -8709,11 +11602,11 @@
</operation>
<operation name="get_ip_tps_increase_rate">
<documentation>
Gets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8729,11 +11622,11 @@
</operation>
<operation name="set_ip_maximum_tps">
<documentation>
Sets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria.
- Maximum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious)
if the number of requests sent, per second, from an IP address is equal to or greater than this number.
The default setting is 200 requests per second.
@@ -8754,11 +11647,11 @@
</operation>
<operation name="get_ip_maximum_tps">
<documentation>
Gets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8774,11 +11667,11 @@
</operation>
<operation name="set_ip_minimum_tps">
<documentation>
Sets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria.
- Minimum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious)
if the detected TPS for a specific IP address equals, or is greater than, this number,
and the TPS increase rate was reached. If the detected TPS is lower than this number,
the system does not consider this IP address to be an attacker (or suspicious) even if
@@ -8801,11 +11694,11 @@
</operation>
<operation name="get_ip_minimum_tps">
<documentation>
Gets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8821,11 +11714,11 @@
</operation>
<operation name="set_url_tps_increase_rate">
<documentation>
Sets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
URL detection criteria setting is only available in TPS-based anomaly.
It specifies that if at least one of the following criteria is met, the system treats a URL to be under attack.
If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval.
The system does not return the blocking response page.
@@ -8833,13 +11726,13 @@
It specifies that if at least one of the following criteria is met, the system treats the URL as suspicious (suspects the URL to be attacked).
If an attack was detected according to the detection criteria, URL rate limiting will be done on the suspicious URLs.
The system prevents the attack by limiting the number of requests per second to the history interval.
The system does not return the blocking response page.
- - TPS increase rate: Specifies that the system considers an IP address to be an attacker (or treats as suspicious)
+ - TPS increase rate: Specifies that the system considers a URL to be under attack (or treats as suspicious)
if the ratio between the transaction rate detection interval and the transaction rate history interval,
- for one IP address, is greater than this number. The default setting is 500 percent.
+ for one URL, is greater than this number. The default setting is 500 percent.
- Maximum TPS
- Minimum TPS
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
@@ -8858,11 +11751,11 @@
</operation>
<operation name="get_url_tps_increase_rate">
<documentation>
Gets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8878,11 +11771,11 @@
</operation>
<operation name="set_url_maximum_tps">
<documentation>
Sets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria.
- Maximum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious)
if the number of requests sent, per second, for the URL is equal to or greater than this number.
The default setting is 1000 requests per second.
@@ -8903,11 +11796,11 @@
</operation>
<operation name="get_url_maximum_tps">
<documentation>
Gets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8923,11 +11816,11 @@
</operation>
<operation name="set_url_minimum_tps">
<documentation>
Sets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria.
- Minimum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious)
if the detected TPS for a specific URL equals, or is greater than, this number,
and the TPS increase rate was reached. If the detected TPS is lower than this number,
the system does not consider this URL to be under attack (or suspicious) even if
@@ -8950,11 +11843,11 @@
</operation>
<operation name="get_url_minimum_tps">
<documentation>
Gets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -8967,19 +11860,261 @@
namespace="urn:iControl:Security/ProfileDoS"
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</output>
</operation>
+ <operation name="set_site_wide_tps_increase_rate">
+ <documentation>
+ Sets the TPS increase rate value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ Site-wide detection criteria setting is only available in TPS-based anomaly.
+ It specifies that if at least one of the following criteria is met, the system treats the whole site to be under attack.
+ If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval.
+ The system does not return the blocking response page.
+
+ Suspicious Site-wide criteria setting is only available in Latency-based anomaly.
+ It specifies that if at least one of the following criteria is met, the system treats a site as suspicious (suspects the whole site to be attacked).
+ If an attack was detected according to the detection criteria, Site-wide rate limiting will be done on the suspicious sites.
+ The system prevents the attack by limiting the number of requests per second to the history interval.
+ The system does not return the blocking response page.
+
+ - TPS increase rate: Specifies that the system considers a whole site to be under attack (or treats as suspicious)
+ if the ratio between the transaction rate detection interval and the transaction rate history interval,
+ for one site, is greater than this number. The default setting is 500 percent.
+ - Maximum TPS
+ - Minimum TPS
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_site_wide_tps_increase_rate">
+ <documentation>
+ Gets the TPS increase rate value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_site_wide_maximum_tps">
+ <documentation>
+ Sets the maximum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ Please see set_site_wide_tps_increase_rate for more information about Site-wide detection criteria and suspicious Site-wide criteria.
+ - Maximum TPS: Specifies that the system considers a whole site to be under attack (or treats as suspicious)
+ if the number of requests sent, per second, for the site is equal to or greater than this number.
+ The default setting is 10000 requests per second.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_site_wide_maximum_tps">
+ <documentation>
+ Gets the maximum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_site_wide_minimum_tps">
+ <documentation>
+ Sets the minimum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ Please see set_site_wide_tps_increase_rate for more information about Site-wide detection criteria and suspicious Site-wide criteria.
+ - Minimum TPS: Specifies that the system considers a whole site to be under attack (or treats as suspicious)
+ if the detected TPS for a specific site equals, or is greater than, this number,
+ and the TPS increase rate was reached. If the detected TPS is lower than this number,
+ the system does not consider this whole site to be under attack (or suspicious) even if
+ the TPS increase rate was reached. The default setting is 2000 transactions per second.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_site_wide_minimum_tps">
+ <documentation>
+ Gets the minimum TPS value in Site-wide detection criteria (or suspicious Site-wide criteria) of the specified anomaly.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_escalation_period">
+ <documentation>
+ Sets the escalation period (in seconds) in the specified anomaly.
+
+ Escalation period specifies for how long the system spends in each step until deciding to move to the next step
+ when preventing attacks against an attacker IP address or an attacked URL.
+ The system prevents attacks by rejecting requests either from the attacking IP address, or for the attacked URL.
+ After the system detects and stops a DoS attack, it performs attack prevention for the amount of time configured here
+ in every method that you enabled in prevention policy (see set_source_ip_based_client_side_integrity_defense_state)
+ even if the system detects that the attack continues. The default setting is 120 seconds.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_escalation_period">
+ <documentation>
+ Gets the escalation period (in seconds) in the specified anomaly.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_deescalation_period">
+ <documentation>
+ Sets the de-escalation period (in seconds) in the specified anomaly.
+
+ De-escalation period specifies for how long the system spends in the final escalation step until retrying the steps from the top
+ when preventing attacks against an attacker IP address or an attacked URL. Zero value specifies that no de-escalation occurs.
+ Please see set_escalation_period for more information about escalation. The default setting is 7200 seconds.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_deescalation_period">
+ <documentation>
+ Gets the de-escalation period (in seconds) in the specified anomaly.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
<operation name="set_maximum_prevention_duration">
<documentation>
+ This method has been deprecated. Please use set_escalation_period / set_deescalation_period instead.
+
Sets the maximum prevention duration (in seconds) in the specified anomaly.
Prevention duration specifies for how long the system prevents attacks against an attacker IP address or an attacked URL.
The system prevents attacks by rejecting requests either from the attacking IP address, or for the attacked URL.
- Unlimited (zero value): Specifies that after the system detects and stops a DoS attack,
it performs attack prevention until it detects the end of the attack. This is the default.
- - Number of seconds (positive value): Specifies that after the system detects and stops a DoS attack,
+ - Number of seconds (positive value): Specifies that after the system detects and stops a DoS attack,
it performs attack prevention either for the amount of time configured here even if the system detects
that the attack continues, or until the system detects the end of the attack, whichever is earlier.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
@@ -8997,12 +12132,14 @@
</output>
</operation>
<operation name="get_maximum_prevention_duration">
<documentation>
+ This method has been deprecated. Please use get_escalation_period / get_deescalation_period instead.
+
Gets the maximum prevention duration (in seconds) in the specified anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9018,11 +12155,11 @@
</operation>
<operation name="set_latency_increase_rate">
<documentation>
Sets the latency increase rate value in detection criteria of Latency-based anomaly.
-
+
Detection criteria setting is only available in Latency-based anomaly.
It specifies the criteria under which the system considers traffic to be an attack.
First, the minimum latency must be reached, and then either the latency increase rate or the maximum latency must be reached.
- Latency increase rate: Specifies that the system considers traffic to be an attack if
the ratio of the latency detection interval to the latency history interval,
@@ -9047,11 +12184,11 @@
</operation>
<operation name="get_latency_increase_rate">
<documentation>
Gets the latency increase rate value in detection criteria of Latency-based anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9067,11 +12204,11 @@
</operation>
<operation name="set_maximum_latency">
<documentation>
Sets the maximum latency value in detection criteria of Latency-based anomaly.
-
+
Please see set_latency_increase_rate for more information about detection criteria.
- Maximum latency: Specifies that the system considers traffic to be an attack if
the latency detection interval for a specific URL is greater than this number.
The default setting is 10000 milliseconds.
@@ -9092,11 +12229,11 @@
</operation>
<operation name="get_maximum_latency">
<documentation>
Gets the maximum latency value in detection criteria of Latency-based anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9112,11 +12249,11 @@
</operation>
<operation name="set_minimum_latency">
<documentation>
Sets the minimum latency value in detection criteria of Latency-based anomaly.
-
+
Please see set_latency_increase_rate for more information about detection criteria.
- Minimum latency: Specifies that the system considers traffic to be an attack if
the detection interval for a specific URL equals, or is greater than, this number,
and at least one of the latency increase rate or maximum latency was reached.
If the detection interval is lower than this number, the system does not consider
@@ -9140,11 +12277,11 @@
</operation>
<operation name="get_minimum_latency">
<documentation>
Gets the minimum latency value in detection criteria of Latency-based anomaly.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9157,10 +12294,501 @@
namespace="urn:iControl:Security/ProfileDoS"
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</output>
</operation>
+ <operation name="set_heavy_url_protection_state">
+ <documentation>
+ Sets the heavy URL protection state in Application Security.
+
+ Heavy URLs are those ones that may consume considerable server resources per request,
+ thus it takes only low rate requests to those URLs in order to cause DoS attacks.
+ Attacks will continue to be detected using the TPS-based and Latency-based anomalies.
+ Heavy URL protection specifies, when enabled, that whenever an attack is detected,
+ the system protects the heavy URLs using the URL-based methods that you enabled in prevention policy
+ (see set_source_ip_based_client_side_integrity_defense_state). If no such prevention method is enabled,
+ attacks will be only reported. The default is enabled.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_heavy_url_protection_state">
+ <documentation>
+ Gets the heavy URL protection state in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_heavy_url_automatic_detection_state">
+ <documentation>
+ Sets the automatic heavy URL detection state in Application Security.
+
+ Automatic heavy URL detection specifies, when enabled, that the system automatically detects heavy URLs,
+ in addition to the manually configured ones (see set_heavy_url_includes and set_heavy_url_excludes).
+ For the sake of detecting heavy URLs, the system measures the latency tail weight, defined as
+ the ratio of transactions that have latency beyond the latency threshold (see set_heavy_url_latency_threshold)
+ out of all the transactions. A URL is considered heavy if the tail is considerably above the global average
+ in the long run. In order to enable this setting, you must first enable heavy URL protection.
+ The default is enabled.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_heavy_url_automatic_detection_state">
+ <documentation>
+ Gets the automatic heavy URL detection state in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_heavy_url_include">
+ <documentation>
+ Gets the included heavy URLs in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="add_heavy_url_include">
+ <documentation>
+ Adds a list of URLs to the manually-configured (included) heavy URLs in Application Security.
+
+ Included heavy URLs specify URLs that are expected to be heavy from a-priori knowledge
+ even if they are not automatically detected as heavy.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="replace_heavy_url_include">
+ <documentation>
+ Replaces the existing included heavy URLs with new ones in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="remove_heavy_url_include">
+ <documentation>
+ Removes specific URLs from the included heavy URLs in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_heavy_url_exclude">
+ <documentation>
+ Gets the excluded heavy URLs in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="add_heavy_url_exclude">
+ <documentation>
+ Adds a list of URLs to the ignored (excluded) heavy URLs in Application Security.
+
+ Excluded heavy URLs specify URLs that are not considered heavy even if automatically detected.
+ The exclude list can contain prefix wildcards.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="replace_heavy_url_exclude">
+ <documentation>
+ Replaces the existing excluded heavy URLs with new ones in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="remove_heavy_url_exclude">
+ <documentation>
+ Removes specific URLs from the excluded heavy URLs in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_heavy_url_latency_threshold">
+ <documentation>
+ Sets latency threshold for automatic heavy URL detection (in milliseconds) in Application Security.
+
+ Please see set_heavy_url_automatic_detection_state for more information about automatic heavy URL detection.
+ You must enable automatic heavy URL detection in order to configure the latency threshold.
+ You can increase or decrease this number to improve accuracy of the automatically detected heavy URLs,
+ if too many or too few URLs are found by the system to be heavy. The default setting is 1000 milliseconds.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_heavy_url_latency_threshold">
+ <documentation>
+ Gets the latency threshold for automatic heavy URL detection (in milliseconds) in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_tcp_dump_record_traffic_state">
+ <documentation>
+ Sets the TCP dump record traffic state in Application Security.
+
+ Specifies when enabled that the system records traffic (performs a TCP dump)
+ when a DoS attack is underway. The system records traffic during DoS attacks
+ on the virtual server in which the attack was detected. The TCP dump files can be collected
+ into the QuickView file so that F5 support can use it for solving customer cases.
+ The files are located in the system in the following file path: /shared/dosl7/tcpdumps,
+ and have a pcap extension.
+ The default is disabled.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_tcp_dump_record_traffic_state">
+ <documentation>
+ Gets the TCP dump record traffic state in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_tcp_dump_maximum_duration">
+ <documentation>
+ Sets the TCP dump maximum duration (in seconds) in Application Security.
+
+ The maximum time for one dump cycle. Legal values are between 1 and 300.
+ Please see set_tcp_dump_record_traffic_state for more information about recording the traffic/TCP dump.
+ The default setting is 30 seconds.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_tcp_dump_maximum_duration">
+ <documentation>
+ Gets the TCP dump maximum duration (in seconds) in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_tcp_dump_maximum_size">
+ <documentation>
+ Sets the TCP dump maximum size (in megabytes) in Application Security.
+
+ The maximum size for a dump cycle. Legal values are between 1 and 50.
+ Please see set_tcp_dump_record_traffic_state for more information about recording the traffic/TCP dump.
+ The default setting is 10 megabytes.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_tcp_dump_maximum_size">
+ <documentation>
+ Gets the TCP dump maximum size (in megabytes) in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_tcp_dump_repetition_interval">
+ <documentation>
+ Sets the TCP dump repetition interval (in seconds) in Application Security.
+
+ Specifies whether the system performs one dump for each DoS attack, or multiple dumps.
+ When value is 0: Specifies that the system performs one dump for each DoS attack.
+ When value is greater than 0: Specifies that the system performs multiple dumps for each DoS attack,
+ and how long the system waits after finishing a dump cycle before starting a new cycle.
+ Legal values are between 0 and 2600 seconds.
+ Please see set_tcp_dump_record_traffic_state for more information about recording the traffic/TCP dump.
+ The default setting is 120 seconds.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_tcp_dump_repetition_interval">
+ <documentation>
+ Gets the TCP dump repetition interval (in seconds) in Application Security.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
<operation name="get_white_ip">
<documentation>
Gets the entire IP address whitelist of DoS profile Application Security.
</documentation>
@@ -9180,11 +12808,11 @@
</operation>
<operation name="add_white_ip">
<documentation>
Adds a list of IP addresses with subnet masks to the whitelist of DoS profile Application Security.
-
+
IP address whitelist specifies IP addresses, including subnet masks, that the system considers
legitimate and does not examine when performing DoS prevention.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
@@ -9408,11 +13036,11 @@
<operation name="set_sip_attack_vector_rate_increase">
<documentation>
Sets the rate increase percentage for the specified SIP Attack Vectors. When the rate increases
above this percentage then BIG-IP will detect the specified SIP Attack Vectors.
Note: This value cannot be set below 100.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9428,11 +13056,11 @@
</operation>
<operation name="get_sip_attack_vector_rate_increase">
<documentation>
Gets the rate increase percentage for the specified SIP Attack Vectors.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9449,11 +13077,11 @@
<operation name="set_sip_attack_vector_rate_threshold">
<documentation>
Sets the rate threshold for the specified SIP Attack Vectors. When the rate increases above this threshold
then BIG-IP will detect the specified SIP Attack Vectors.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9469,11 +13097,11 @@
</operation>
<operation name="get_sip_attack_vector_rate_threshold">
<documentation>
Gets the rate threshold for the specified SIP Attack Vectors.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9490,11 +13118,11 @@
<operation name="set_protocol_sip_error_attack_rate_increase">
<documentation>
Sets the rate increase for SIP protocol errors DoS attack vector. When the rate increases above this percentage
then BIG-IP will detect a protocol errors SIP DoS attack.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9510,11 +13138,11 @@
</operation>
<operation name="get_protocol_sip_error_attack_rate_increase">
<documentation>
Gets the rate increase for SIP protocol errors DoS attack vector.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9531,11 +13159,11 @@
<operation name="set_protocol_sip_error_attack_rate_threshold">
<documentation>
Sets the rate threshold for SIP protocol errors DoS attack vector. When the rate increases above this threshold
then BIG-IP will detect a protocol errors SIP DoS attack.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9551,11 +13179,11 @@
</operation>
<operation name="get_protocol_sip_error_attack_rate_threshold">
<documentation>
Gets the rate threshold for SIP protocol errors DoS attack vector.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9592,11 +13220,11 @@
</operation>
<operation name="get_protocol_sip_error_attack_detection_state">
<documentation>
Gets the SIP Protocol Error Attack Detection state in Protocol SIP Security.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9612,13 +13240,11 @@
</operation>
<operation name="reset_sip_attack_vector_statistics">
<documentation>
Resets the statistics for the specified SIP Attack Vectors.
- Note that at this time, the "vectors" argument is ignored, and
- statistics for all vectors are reset.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9634,11 +13260,11 @@
</operation>
<operation name="get_all_sip_attack_vector_statistics">
<documentation>
Gets the statistics for all SIP Attack Vectors (of the specified Protocol SIP Security sub-profiles).
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9753,18 +13379,18 @@
</output>
</operation>
<operation name="set_dns_query_vector_rate_increase">
<documentation>
- Sets the rate increase percentage for the specified DNS Query Vectors.
+ Sets the rate increase percentage for the specified DNS Query Vectors.
The system calculates the rate increase percentage for a given
vector by comparing the 1 minute average to the 1 hour average, and
compares the result to the percentage set. If the set percentage is
less than or equal to the calculated value, a DoS attack is registered.
Note that this value cannot be set below 100.
The attack ends when this condition is no longer true.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9780,11 +13406,11 @@
</operation>
<operation name="get_dns_query_vector_rate_increase">
<documentation>
Gets the rate increase percentage for the specified DNS Query Vectors.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9821,11 +13447,11 @@
</operation>
<operation name="get_dns_query_vector_rate_threshold">
<documentation>
Gets the query vector rate threshold for the specified DNS Query Vectors.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9841,12 +13467,12 @@
</operation>
<operation name="set_protocol_dns_error_attack_rate_increase">
<documentation>
Sets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles.
- This is the rate increase (as a percentage) of traffic for Malformed and Malicious
- DNS packets to register a DoS attack. This number is calculated by comparing the 1
+ This is the rate increase (as a percentage) of traffic for Malformed and Malicious
+ DNS packets to register a DoS attack. This number is calculated by comparing the 1
minute average to the 1 hour average.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -9864,11 +13490,11 @@
</operation>
<operation name="get_protocol_dns_error_attack_rate_increase">
<documentation>
Gets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9884,11 +13510,11 @@
</operation>
<operation name="set_protocol_dns_error_attack_detection_state">
<documentation>
Sets the Protocol DNS Error Attack Detection state for the specified Protocol DNS Security sub-profiles.
- This Determines whether or not to include Malformed and Malicious DNS packets
+ This Determines whether or not to include Malformed and Malicious DNS packets
in DoS attack detection.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -9906,11 +13532,11 @@
</operation>
<operation name="get_protocol_dns_error_attack_detection_state">
<documentation>
Gets the DNS Protocol Error Attack Detection state for the specified Protocol DNS Security sub-profiles.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9926,13 +13552,11 @@
</operation>
<operation name="reset_dns_query_vector_statistics">
<documentation>
Resets the statistics for the specified DNS Query Vectors.
- Note that at this time, the "vectors" argument is ignored, and
- statistics for all vectors are reset.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9948,11 +13572,11 @@
</operation>
<operation name="get_all_dns_query_vector_statistics">
<documentation>
Gets the statistics for all DNS Query Vectors for the specified Protocol DNS Security sub-profiles.
-
+
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
use="encoded"
@@ -9988,12 +13612,12 @@
</operation>
<operation name="get_dos_network">
<documentation>
Gets the DoS Network sub-profiles for the specified DoS profiles.
- With this sub-profile, the Layer 4 attacks are detected and
- actions are taken to drop the packets over the limit in one
+ With this sub-profile, the Layer 4 attacks are detected and
+ actions are taken to drop the packets over the limit in one
second.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10010,12 +13634,12 @@
</output>
</operation>
<operation name="add_dos_network">
<documentation>
- Adds a list of DoS Network sub-profiles for the specified DoS
- profiles. Note: Only one Security DoS Network sub-profile can
+ Adds a list of DoS Network sub-profiles for the specified DoS
+ profiles. Note: Only one Security DoS Network sub-profile can
exist per profile.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10032,11 +13656,11 @@
</output>
</operation>
<operation name="remove_dos_network">
<documentation>
- Removes a list of DoS Network sub-profiles from the specified
+ Removes a list of DoS Network sub-profiles from the specified
DoS profiles.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10053,11 +13677,11 @@
</output>
</operation>
<operation name="remove_all_dos_networks">
<documentation>
- Removes all DoS Network sub-profiles from the specified DoS
+ Removes all DoS Network sub-profiles from the specified DoS
profiles.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10074,14 +13698,14 @@
</output>
</operation>
<operation name="get_network_attack_vector">
<documentation>
- Gets the Network Attack Vectors for the specified DoS Network
+ Gets the Network Attack Vectors for the specified DoS Network
sub-profiles.
- A Network Attack Vector allows the user to enable DoS attack
- detection on a specific attack vector and also lets the user
+ A Network Attack Vector allows the user to enable DoS attack
+ detection on a specific attack vector and also lets the user
configure attack sensitivity (rate limit & threshold).
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10098,11 +13722,11 @@
</output>
</operation>
<operation name="add_network_attack_vector">
<documentation>
- Adds a list of Network Attack Vectors for the specified DoS
+ Adds a list of Network Attack Vectors for the specified DoS
Network sub-profiles.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10119,11 +13743,11 @@
</output>
</operation>
<operation name="remove_network_attack_vector">
<documentation>
- Removes a list of Network Attack Vectors from the specified DoS
+ Removes a list of Network Attack Vectors from the specified DoS
Network sub-profiles.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10140,11 +13764,11 @@
</output>
</operation>
<operation name="remove_all_network_attack_vectors">
<documentation>
- Removes all Network Attack Vectors from the specified DoS
+ Removes all Network Attack Vectors from the specified DoS
Network sub-profiles.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10162,13 +13786,13 @@
</operation>
<operation name="set_network_attack_vector_rate_limit">
<documentation>
Sets the Rate Limits for the specified Network Attack Vectors.
- When the incoming packet number per second for the specified
- Network Attack Vectors is over this limit then the system will
- drop all the over limit packets in this second. The limit number
+ When the incoming packet number per second for the specified
+ Network Attack Vectors is over this limit then the system will
+ drop all the over limit packets in this second. The limit number
of incoming packets will be allowed again in the next second.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10205,15 +13829,15 @@
</output>
</operation>
<operation name="set_network_attack_vector_rate_threshold">
<documentation>
- Sets the Rate Thresholds for the specified Network Attack
+ Sets the Rate Thresholds for the specified Network Attack
Vectors.
- When the incoming packet number per second for the specified
- Network Attack Vectors goes above this threshold then the system
- will detect this kind of Layer 4 attack and take the action to
+ When the incoming packet number per second for the specified
+ Network Attack Vectors goes above this threshold then the system
+ will detect this kind of Layer 4 attack and take the action to
log.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10230,11 +13854,11 @@
</output>
</operation>
<operation name="get_network_attack_vector_rate_threshold">
<documentation>
- Gets the Rate Thresholds for the specified Network Attack
+ Gets the Rate Thresholds for the specified Network Attack
Vectors.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10252,12 +13876,10 @@
</operation>
<operation name="reset_network_attack_vector_statistics">
<documentation>
Resets the statistics for the specified Network Attack Vectors.
- Note that at this time, the "vectors" argument is ignored, and
- statistics for all vectors are reset.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
<soap:body
@@ -10273,11 +13895,11 @@
</output>
</operation>
<operation name="get_all_network_attack_vector_statistics">
<documentation>
- Gets the statistics for all Network Attack Vectors of the
+ Gets the statistics for all Network Attack Vectors of the
specified DoS Network sub-profiles.
</documentation>
<soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
<input>
@@ -10312,10 +13934,177 @@
namespace="urn:iControl:Security/ProfileDoS"
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</output>
</operation>
+ <operation name="set_network_attack_vector_auto_blacklisting_state">
+ <documentation>
+ Sets the auto blacklisting state for the specified Network Attack Vectors.
+ If auto blacklisting is enabled, offending IPs will be automatically
+ blocked for the specified blacklist duration. See
+ set_network_attack_vector_blacklist_duration for more details.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_network_attack_vector_auto_blacklisting_state">
+ <documentation>
+ Gets the auto blacklisting state for the specified Network Attack Vectors.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_network_attack_vector_blacklist_detection_seconds">
+ <documentation>
+ Sets the blacklist detection value (seconds) for the specified Network Attack Vectors.
+ The blacklist detection value is the time that a given IP must be offending before
+ being added to the blacklist.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_network_attack_vector_blacklist_detection_seconds">
+ <documentation>
+ Gets the blacklist detection value for the specified Network Attack Vectors.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_network_attack_vector_blacklist_duration">
+ <documentation>
+ Sets the blacklist duration (seconds) for the specified Network Attack Vectors.
+ The blacklist duration is the time that an offending IP will remain in the blacklist.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_network_attack_vector_blacklist_duration">
+ <documentation>
+ Gets the blacklist duration for the specified Network Attack Vectors.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="set_network_attack_vector_blacklist_category">
+ <documentation>
+ Sets the blacklist categories for the specified Network Attack Vectors.
+ The blacklist categories which blacklisted IPs should be added to.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
+ <operation name="get_network_attack_vector_blacklist_category">
+ <documentation>
+ Gets the blacklist category for the specified Network Attack Vectors.
+
+ </documentation>
+ <soap:operation soapAction="urn:iControl:Security/ProfileDoS"/>
+ <input>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </input>
+ <output>
+ <soap:body
+ use="encoded"
+ namespace="urn:iControl:Security/ProfileDoS"
+ encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
+ </output>
+ </operation>
+
<operation name="get_version">
<documentation>
Gets the version information for this interface.
</documentation>
@@ -10370,11 +14159,11 @@
If the ratio of the latency detection interval to the latency history interval is greater than
the specific percentage you configure in this sub-profile (the latency increase rate),
the system detects that this URL is under attack.
In order to stop the attack, the system drops some requests from the suspicious IP address and/or to the suspicious URL.
- The Protocol DNS Security sub-profile allows you to specify DNS Query Vectors
- to be considered for DoS attack detection. You can also select whether
+ The Protocol DNS Security sub-profile allows you to specify DNS Query Vectors
+ to be considered for DoS attack detection. You can also select whether
or not to consider Malformed and Malicious DNS packets for DoS attack
detection, and configure values at which to start dropping these packets.
A Protocol SIP Security sub-profile allows the user to configure SIP Attack Vectors that are to be considered for DoS attack detection. It also provides the
capability to enable detection of Malformed SIP packet DoS attacks. The detection sensitivity for each of the configured DoS vectors can also