scm.getZoneProtectionProfile

Strata Cloud Manager v0.4.3, Nov 8 25

Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-scm

Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-scm

Using getZoneProtectionProfile

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getZoneProtectionProfile(args: GetZoneProtectionProfileArgs, opts?: InvokeOptions): Promise<GetZoneProtectionProfileResult>
function getZoneProtectionProfileOutput(args: GetZoneProtectionProfileOutputArgs, opts?: InvokeOptions): Output<GetZoneProtectionProfileResult>

def get_zone_protection_profile(id: Optional[str] = None,
                                name: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetZoneProtectionProfileResult
def get_zone_protection_profile_output(id: Optional[pulumi.Input[str]] = None,
                                name: Optional[pulumi.Input[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetZoneProtectionProfileResult]

func LookupZoneProtectionProfile(ctx *Context, args *LookupZoneProtectionProfileArgs, opts ...InvokeOption) (*LookupZoneProtectionProfileResult, error)
func LookupZoneProtectionProfileOutput(ctx *Context, args *LookupZoneProtectionProfileOutputArgs, opts ...InvokeOption) LookupZoneProtectionProfileResultOutput

> Note: This function is named LookupZoneProtectionProfile in the Go SDK.

public static class GetZoneProtectionProfile 
{
    public static Task<GetZoneProtectionProfileResult> InvokeAsync(GetZoneProtectionProfileArgs args, InvokeOptions? opts = null)
    public static Output<GetZoneProtectionProfileResult> Invoke(GetZoneProtectionProfileInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetZoneProtectionProfileResult> getZoneProtectionProfile(GetZoneProtectionProfileArgs args, InvokeOptions options)
public static Output<GetZoneProtectionProfileResult> getZoneProtectionProfile(GetZoneProtectionProfileArgs args, InvokeOptions options)

fn::invoke:
  function: scm:index/getZoneProtectionProfile:getZoneProtectionProfile
  arguments:
    # arguments dictionary

The following arguments are supported:

Id string
Name string

Id string
Name string

id String
name String

id string
name string

id str
name str

id String
name String

getZoneProtectionProfile Result

The following output properties are available:

AsymmetricPath string
Description string
Device string
DiscardIcmpEmbeddedError bool
Flood GetZoneProtectionProfileFlood
Folder string
FragmentedTrafficDiscard bool
IcmpFragDiscard bool
IcmpLargePacketDiscard bool
IcmpPingZeroIdDiscard bool
Id string
Ipv6 GetZoneProtectionProfileIpv6
L2SecGroupTagProtection GetZoneProtectionProfileL2SecGroupTagProtection
LooseSourceRoutingDiscard bool
MalformedOptionDiscard bool
MismatchedOverlappingTcpSegmentDiscard bool
MptcpOptionStrip string
Name string
NonIpProtocol GetZoneProtectionProfileNonIpProtocol
RecordRouteDiscard bool
RejectNonSynTcp string
ScanWhiteLists List<GetZoneProtectionProfileScanWhiteList>
Scans List<GetZoneProtectionProfileScan>
SecurityDiscard bool
Snippet string
SpoofedIpDiscard bool
StreamIdDiscard bool
StrictIpCheck bool
StrictSourceRoutingDiscard bool
SuppressIcmpNeedfrag bool
SuppressIcmpTimeexceeded bool
TcpFastOpenAndDataStrip bool
TcpHandshakeDiscard bool
TcpSynWithDataDiscard bool
TcpSynackWithDataDiscard bool
TcpTimestampStrip bool
Tfid string
TimestampDiscard bool
UnknownOptionDiscard bool

AsymmetricPath string
Description string
Device string
DiscardIcmpEmbeddedError bool
Flood GetZoneProtectionProfileFlood
Folder string
FragmentedTrafficDiscard bool
IcmpFragDiscard bool
IcmpLargePacketDiscard bool
IcmpPingZeroIdDiscard bool
Id string
Ipv6 GetZoneProtectionProfileIpv6
L2SecGroupTagProtection GetZoneProtectionProfileL2SecGroupTagProtection
LooseSourceRoutingDiscard bool
MalformedOptionDiscard bool
MismatchedOverlappingTcpSegmentDiscard bool
MptcpOptionStrip string
Name string
NonIpProtocol GetZoneProtectionProfileNonIpProtocol
RecordRouteDiscard bool
RejectNonSynTcp string
ScanWhiteLists []GetZoneProtectionProfileScanWhiteList
Scans []GetZoneProtectionProfileScan
SecurityDiscard bool
Snippet string
SpoofedIpDiscard bool
StreamIdDiscard bool
StrictIpCheck bool
StrictSourceRoutingDiscard bool
SuppressIcmpNeedfrag bool
SuppressIcmpTimeexceeded bool
TcpFastOpenAndDataStrip bool
TcpHandshakeDiscard bool
TcpSynWithDataDiscard bool
TcpSynackWithDataDiscard bool
TcpTimestampStrip bool
Tfid string
TimestampDiscard bool
UnknownOptionDiscard bool

asymmetricPath String
description String
device String
discardIcmpEmbeddedError Boolean
flood GetZoneProtectionProfileFlood
folder String
fragmentedTrafficDiscard Boolean
icmpFragDiscard Boolean
icmpLargePacketDiscard Boolean
icmpPingZeroIdDiscard Boolean
id String
ipv6 GetZoneProtectionProfileIpv6
l2SecGroupTagProtection GetZoneProtectionProfileL2SecGroupTagProtection
looseSourceRoutingDiscard Boolean
malformedOptionDiscard Boolean
mismatchedOverlappingTcpSegmentDiscard Boolean
mptcpOptionStrip String
name String
nonIpProtocol GetZoneProtectionProfileNonIpProtocol
recordRouteDiscard Boolean
rejectNonSynTcp String
scanWhiteLists List<GetZoneProtectionProfileScanWhiteList>
scans List<GetZoneProtectionProfileScan>
securityDiscard Boolean
snippet String
spoofedIpDiscard Boolean
streamIdDiscard Boolean
strictIpCheck Boolean
strictSourceRoutingDiscard Boolean
suppressIcmpNeedfrag Boolean
suppressIcmpTimeexceeded Boolean
tcpFastOpenAndDataStrip Boolean
tcpHandshakeDiscard Boolean
tcpSynWithDataDiscard Boolean
tcpSynackWithDataDiscard Boolean
tcpTimestampStrip Boolean
tfid String
timestampDiscard Boolean
unknownOptionDiscard Boolean

asymmetricPath string
description string
device string
discardIcmpEmbeddedError boolean
flood GetZoneProtectionProfileFlood
folder string
fragmentedTrafficDiscard boolean
icmpFragDiscard boolean
icmpLargePacketDiscard boolean
icmpPingZeroIdDiscard boolean
id string
ipv6 GetZoneProtectionProfileIpv6
l2SecGroupTagProtection GetZoneProtectionProfileL2SecGroupTagProtection
looseSourceRoutingDiscard boolean
malformedOptionDiscard boolean
mismatchedOverlappingTcpSegmentDiscard boolean
mptcpOptionStrip string
name string
nonIpProtocol GetZoneProtectionProfileNonIpProtocol
recordRouteDiscard boolean
rejectNonSynTcp string
scanWhiteLists GetZoneProtectionProfileScanWhiteList[]
scans GetZoneProtectionProfileScan[]
securityDiscard boolean
snippet string
spoofedIpDiscard boolean
streamIdDiscard boolean
strictIpCheck boolean
strictSourceRoutingDiscard boolean
suppressIcmpNeedfrag boolean
suppressIcmpTimeexceeded boolean
tcpFastOpenAndDataStrip boolean
tcpHandshakeDiscard boolean
tcpSynWithDataDiscard boolean
tcpSynackWithDataDiscard boolean
tcpTimestampStrip boolean
tfid string
timestampDiscard boolean
unknownOptionDiscard boolean

asymmetric_path str
description str
device str
discard_icmp_embedded_error bool
flood GetZoneProtectionProfileFlood
folder str
fragmented_traffic_discard bool
icmp_frag_discard bool
icmp_large_packet_discard bool
icmp_ping_zero_id_discard bool
id str
ipv6 GetZoneProtectionProfileIpv6
l2_sec_group_tag_protection GetZoneProtectionProfileL2SecGroupTagProtection
loose_source_routing_discard bool
malformed_option_discard bool
mismatched_overlapping_tcp_segment_discard bool
mptcp_option_strip str
name str
non_ip_protocol GetZoneProtectionProfileNonIpProtocol
record_route_discard bool
reject_non_syn_tcp str
scan_white_lists Sequence[GetZoneProtectionProfileScanWhiteList]
scans Sequence[GetZoneProtectionProfileScan]
security_discard bool
snippet str
spoofed_ip_discard bool
stream_id_discard bool
strict_ip_check bool
strict_source_routing_discard bool
suppress_icmp_needfrag bool
suppress_icmp_timeexceeded bool
tcp_fast_open_and_data_strip bool
tcp_handshake_discard bool
tcp_syn_with_data_discard bool
tcp_synack_with_data_discard bool
tcp_timestamp_strip bool
tfid str
timestamp_discard bool
unknown_option_discard bool

asymmetricPath String
description String
device String
discardIcmpEmbeddedError Boolean
flood Property Map
folder String
fragmentedTrafficDiscard Boolean
icmpFragDiscard Boolean
icmpLargePacketDiscard Boolean
icmpPingZeroIdDiscard Boolean
id String
ipv6 Property Map
l2SecGroupTagProtection Property Map
looseSourceRoutingDiscard Boolean
malformedOptionDiscard Boolean
mismatchedOverlappingTcpSegmentDiscard Boolean
mptcpOptionStrip String
name String
nonIpProtocol Property Map
recordRouteDiscard Boolean
rejectNonSynTcp String
scanWhiteLists List<Property Map>
scans List<Property Map>
securityDiscard Boolean
snippet String
spoofedIpDiscard Boolean
streamIdDiscard Boolean
strictIpCheck Boolean
strictSourceRoutingDiscard Boolean
suppressIcmpNeedfrag Boolean
suppressIcmpTimeexceeded Boolean
tcpFastOpenAndDataStrip Boolean
tcpHandshakeDiscard Boolean
tcpSynWithDataDiscard Boolean
tcpSynackWithDataDiscard Boolean
tcpTimestampStrip Boolean
tfid String
timestampDiscard Boolean
unknownOptionDiscard Boolean

Supporting Types

GetZoneProtectionProfileFlood

Icmp GetZoneProtectionProfileFloodIcmp: Icmp
Icmpv6 GetZoneProtectionProfileFloodIcmpv6: Icmpv6
OtherIp GetZoneProtectionProfileFloodOtherIp: Other ip
SctpInit GetZoneProtectionProfileFloodSctpInit: Sctp init
TcpSyn GetZoneProtectionProfileFloodTcpSyn: Tcp syn
Udp GetZoneProtectionProfileFloodUdp: Udp

Icmp GetZoneProtectionProfileFloodIcmp: Icmp
Icmpv6 GetZoneProtectionProfileFloodIcmpv6: Icmpv6
OtherIp GetZoneProtectionProfileFloodOtherIp: Other ip
SctpInit GetZoneProtectionProfileFloodSctpInit: Sctp init
TcpSyn GetZoneProtectionProfileFloodTcpSyn: Tcp syn
Udp GetZoneProtectionProfileFloodUdp: Udp

icmp GetZoneProtectionProfileFloodIcmp: Icmp
icmpv6 GetZoneProtectionProfileFloodIcmpv6: Icmpv6
otherIp GetZoneProtectionProfileFloodOtherIp: Other ip
sctpInit GetZoneProtectionProfileFloodSctpInit: Sctp init
tcpSyn GetZoneProtectionProfileFloodTcpSyn: Tcp syn
udp GetZoneProtectionProfileFloodUdp: Udp

icmp GetZoneProtectionProfileFloodIcmp: Icmp
icmpv6 GetZoneProtectionProfileFloodIcmpv6: Icmpv6
otherIp GetZoneProtectionProfileFloodOtherIp: Other ip
sctpInit GetZoneProtectionProfileFloodSctpInit: Sctp init
tcpSyn GetZoneProtectionProfileFloodTcpSyn: Tcp syn
udp GetZoneProtectionProfileFloodUdp: Udp

icmp GetZoneProtectionProfileFloodIcmp: Icmp
icmpv6 GetZoneProtectionProfileFloodIcmpv6: Icmpv6
other_ip GetZoneProtectionProfileFloodOtherIp: Other ip
sctp_init GetZoneProtectionProfileFloodSctpInit: Sctp init
tcp_syn GetZoneProtectionProfileFloodTcpSyn: Tcp syn
udp GetZoneProtectionProfileFloodUdp: Udp

icmp Property Map: Icmp
icmpv6 Property Map: Icmpv6
otherIp Property Map: Other ip
sctpInit Property Map: Sctp init
tcpSyn Property Map: Tcp syn
udp Property Map: Udp

GetZoneProtectionProfileFloodIcmp

Enable bool: Enable protection against ICMP floods?
Red GetZoneProtectionProfileFloodIcmpRed: Red

Enable bool: Enable protection against ICMP floods?
Red GetZoneProtectionProfileFloodIcmpRed: Red

enable Boolean: Enable protection against ICMP floods?
red GetZoneProtectionProfileFloodIcmpRed: Red

enable boolean: Enable protection against ICMP floods?
red GetZoneProtectionProfileFloodIcmpRed: Red

enable bool: Enable protection against ICMP floods?
red GetZoneProtectionProfileFloodIcmpRed: Red

enable Boolean: Enable protection against ICMP floods?
red Property Map: Red

GetZoneProtectionProfileFloodIcmpRed

ActivateRate int: The number of ICMP packets (not matching an existing session) that the zone receives per second before subsequent ICMP packets are dropped.
AlarmRate int: The number of ICMP echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of ICMP packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

ActivateRate int: The number of ICMP packets (not matching an existing session) that the zone receives per second before subsequent ICMP packets are dropped.
AlarmRate int: The number of ICMP echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of ICMP packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate Integer: The number of ICMP packets (not matching an existing session) that the zone receives per second before subsequent ICMP packets are dropped.
alarmRate Integer: The number of ICMP echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Integer: The maximum number of ICMP packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate number: The number of ICMP packets (not matching an existing session) that the zone receives per second before subsequent ICMP packets are dropped.
alarmRate number: The number of ICMP echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate number: The maximum number of ICMP packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activate_rate int: The number of ICMP packets (not matching an existing session) that the zone receives per second before subsequent ICMP packets are dropped.
alarm_rate int: The number of ICMP echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximal_rate int: The maximum number of ICMP packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate Number: The number of ICMP packets (not matching an existing session) that the zone receives per second before subsequent ICMP packets are dropped.
alarmRate Number: The number of ICMP echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Number: The maximum number of ICMP packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

GetZoneProtectionProfileFloodIcmpv6

Enable bool: Enable protection against ICMPv6 floods?
Red GetZoneProtectionProfileFloodIcmpv6Red: Red

Enable bool: Enable protection against ICMPv6 floods?
Red GetZoneProtectionProfileFloodIcmpv6Red: Red

enable Boolean: Enable protection against ICMPv6 floods?
red GetZoneProtectionProfileFloodIcmpv6Red: Red

enable boolean: Enable protection against ICMPv6 floods?
red GetZoneProtectionProfileFloodIcmpv6Red: Red

enable bool: Enable protection against ICMPv6 floods?
red GetZoneProtectionProfileFloodIcmpv6Red: Red

enable Boolean: Enable protection against ICMPv6 floods?
red Property Map: Red

GetZoneProtectionProfileFloodIcmpv6Red

ActivateRate int: The number of ICMPv6 packets (not matching an existing session) that the zone receives per second before subsequent ICMPv6 packets are dropped.
AlarmRate int: The number of ICMPv6 echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of ICMPv6 packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

ActivateRate int: The number of ICMPv6 packets (not matching an existing session) that the zone receives per second before subsequent ICMPv6 packets are dropped.
AlarmRate int: The number of ICMPv6 echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of ICMPv6 packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate Integer: The number of ICMPv6 packets (not matching an existing session) that the zone receives per second before subsequent ICMPv6 packets are dropped.
alarmRate Integer: The number of ICMPv6 echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Integer: The maximum number of ICMPv6 packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate number: The number of ICMPv6 packets (not matching an existing session) that the zone receives per second before subsequent ICMPv6 packets are dropped.
alarmRate number: The number of ICMPv6 echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate number: The maximum number of ICMPv6 packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activate_rate int: The number of ICMPv6 packets (not matching an existing session) that the zone receives per second before subsequent ICMPv6 packets are dropped.
alarm_rate int: The number of ICMPv6 echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximal_rate int: The maximum number of ICMPv6 packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate Number: The number of ICMPv6 packets (not matching an existing session) that the zone receives per second before subsequent ICMPv6 packets are dropped.
alarmRate Number: The number of ICMPv6 echo requests (pings not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Number: The maximum number of ICMPv6 packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

GetZoneProtectionProfileFloodOtherIp

Enable bool: Enable protection against other IP (non-TCP, non-ICMP, non-ICMPv6, non-SCTP, and non-UDP) floods?
Red GetZoneProtectionProfileFloodOtherIpRed: Red

Enable bool: Enable protection against other IP (non-TCP, non-ICMP, non-ICMPv6, non-SCTP, and non-UDP) floods?
Red GetZoneProtectionProfileFloodOtherIpRed: Red

enable Boolean: Enable protection against other IP (non-TCP, non-ICMP, non-ICMPv6, non-SCTP, and non-UDP) floods?
red GetZoneProtectionProfileFloodOtherIpRed: Red

enable boolean: Enable protection against other IP (non-TCP, non-ICMP, non-ICMPv6, non-SCTP, and non-UDP) floods?
red GetZoneProtectionProfileFloodOtherIpRed: Red

enable bool: Enable protection against other IP (non-TCP, non-ICMP, non-ICMPv6, non-SCTP, and non-UDP) floods?
red GetZoneProtectionProfileFloodOtherIpRed: Red

enable Boolean: Enable protection against other IP (non-TCP, non-ICMP, non-ICMPv6, non-SCTP, and non-UDP) floods?
red Property Map: Red

GetZoneProtectionProfileFloodOtherIpRed

ActivateRate int: Activate rate
AlarmRate int: Alarm rate
MaximalRate int: Maximal rate

ActivateRate int: Activate rate
AlarmRate int: Alarm rate
MaximalRate int: Maximal rate

activateRate Integer: Activate rate
alarmRate Integer: Alarm rate
maximalRate Integer: Maximal rate

activateRate number: Activate rate
alarmRate number: Alarm rate
maximalRate number: Maximal rate

activate_rate int: Activate rate
alarm_rate int: Alarm rate
maximal_rate int: Maximal rate

activateRate Number: Activate rate
alarmRate Number: Alarm rate
maximalRate Number: Maximal rate

GetZoneProtectionProfileFloodSctpInit

Enable bool: Enable protection against floods of Stream Control Transmission Protocol (SCTP) packets that contain an Initiation (INIT) chunk?
Red GetZoneProtectionProfileFloodSctpInitRed: Red

Enable bool: Enable protection against floods of Stream Control Transmission Protocol (SCTP) packets that contain an Initiation (INIT) chunk?
Red GetZoneProtectionProfileFloodSctpInitRed: Red

enable Boolean: Enable protection against floods of Stream Control Transmission Protocol (SCTP) packets that contain an Initiation (INIT) chunk?
red GetZoneProtectionProfileFloodSctpInitRed: Red

enable boolean: Enable protection against floods of Stream Control Transmission Protocol (SCTP) packets that contain an Initiation (INIT) chunk?
red GetZoneProtectionProfileFloodSctpInitRed: Red

enable bool: Enable protection against floods of Stream Control Transmission Protocol (SCTP) packets that contain an Initiation (INIT) chunk?
red GetZoneProtectionProfileFloodSctpInitRed: Red

enable Boolean: Enable protection against floods of Stream Control Transmission Protocol (SCTP) packets that contain an Initiation (INIT) chunk?
red Property Map: Red

GetZoneProtectionProfileFloodSctpInitRed

ActivateRate int: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second before subsequent SCTP INIT packets are dropped.
AlarmRate int: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of SCTP INIT packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

ActivateRate int: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second before subsequent SCTP INIT packets are dropped.
AlarmRate int: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of SCTP INIT packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate Integer: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second before subsequent SCTP INIT packets are dropped.
alarmRate Integer: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Integer: The maximum number of SCTP INIT packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate number: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second before subsequent SCTP INIT packets are dropped.
alarmRate number: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate number: The maximum number of SCTP INIT packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activate_rate int: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second before subsequent SCTP INIT packets are dropped.
alarm_rate int: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximal_rate int: The maximum number of SCTP INIT packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

activateRate Number: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second before subsequent SCTP INIT packets are dropped.
alarmRate Number: The number of SCTP INIT packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Number: The maximum number of SCTP INIT packets (not matching an existing session) that the zone receives per second before packets exceeding the maximum are dropped.

GetZoneProtectionProfileFloodTcpSyn

Enable bool: Enable protection against SYN floods?
Red GetZoneProtectionProfileFloodTcpSynRed: Red
SynCookies GetZoneProtectionProfileFloodTcpSynSynCookies: Syn cookies

Enable bool: Enable protection against SYN floods?
Red GetZoneProtectionProfileFloodTcpSynRed: Red
SynCookies GetZoneProtectionProfileFloodTcpSynSynCookies: Syn cookies

enable Boolean: Enable protection against SYN floods?
red GetZoneProtectionProfileFloodTcpSynRed: Red
synCookies GetZoneProtectionProfileFloodTcpSynSynCookies: Syn cookies

enable boolean: Enable protection against SYN floods?
red GetZoneProtectionProfileFloodTcpSynRed: Red
synCookies GetZoneProtectionProfileFloodTcpSynSynCookies: Syn cookies

enable bool: Enable protection against SYN floods?
red GetZoneProtectionProfileFloodTcpSynRed: Red
syn_cookies GetZoneProtectionProfileFloodTcpSynSynCookies: Syn cookies

enable Boolean: Enable protection against SYN floods?
red Property Map: Red
synCookies Property Map: Syn cookies

GetZoneProtectionProfileFloodTcpSynRed

ActivateRate int: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
AlarmRate int: When the flow exceeds the alert_rate` threshold, an alarm is generated.
MaximalRate int: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

ActivateRate int: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
AlarmRate int: When the flow exceeds the alert_rate` threshold, an alarm is generated.
MaximalRate int: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activateRate Integer: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarmRate Integer: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximalRate Integer: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activateRate number: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarmRate number: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximalRate number: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activate_rate int: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarm_rate int: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximal_rate int: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activateRate Number: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarmRate Number: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximalRate Number: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

GetZoneProtectionProfileFloodTcpSynSynCookies

ActivateRate int: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
AlarmRate int: When the flow exceeds the alert_rate` threshold, an alarm is generated.
MaximalRate int: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

ActivateRate int: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
AlarmRate int: When the flow exceeds the alert_rate` threshold, an alarm is generated.
MaximalRate int: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activateRate Integer: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarmRate Integer: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximalRate Integer: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activateRate number: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarmRate number: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximalRate number: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activate_rate int: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarm_rate int: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximal_rate int: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

activateRate Number: When the flow exceeds the activate_rate` threshold, the firewall drops individual SYN packets randomly to restrict the flow.
alarmRate Number: When the flow exceeds the alert_rate` threshold, an alarm is generated.
maximalRate Number: When the flow exceeds the maximal_rate threshold, 100% of incoming SYN packets are dropped.

GetZoneProtectionProfileFloodUdp

Enable bool: Enable protection against UDP floods?
Red GetZoneProtectionProfileFloodUdpRed: Red

Enable bool: Enable protection against UDP floods?
Red GetZoneProtectionProfileFloodUdpRed: Red

enable Boolean: Enable protection against UDP floods?
red GetZoneProtectionProfileFloodUdpRed: Red

enable boolean: Enable protection against UDP floods?
red GetZoneProtectionProfileFloodUdpRed: Red

enable bool: Enable protection against UDP floods?
red GetZoneProtectionProfileFloodUdpRed: Red

enable Boolean: Enable protection against UDP floods?
red Property Map: Red

GetZoneProtectionProfileFloodUdpRed

ActivateRate int: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers random dropping of UDP packets.
AlarmRate int: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of UDP packets (not matching an existing session) the zone receives per second before packets exceeding the maximum are dropped.

ActivateRate int: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers random dropping of UDP packets.
AlarmRate int: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
MaximalRate int: The maximum number of UDP packets (not matching an existing session) the zone receives per second before packets exceeding the maximum are dropped.

activateRate Integer: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers random dropping of UDP packets.
alarmRate Integer: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Integer: The maximum number of UDP packets (not matching an existing session) the zone receives per second before packets exceeding the maximum are dropped.

activateRate number: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers random dropping of UDP packets.
alarmRate number: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate number: The maximum number of UDP packets (not matching an existing session) the zone receives per second before packets exceeding the maximum are dropped.

activate_rate int: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers random dropping of UDP packets.
alarm_rate int: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximal_rate int: The maximum number of UDP packets (not matching an existing session) the zone receives per second before packets exceeding the maximum are dropped.

activateRate Number: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers random dropping of UDP packets.
alarmRate Number: The number of UDP packets (not matching an existing session) that the zone receives per second that triggers an attack alarm.
maximalRate Number: The maximum number of UDP packets (not matching an existing session) the zone receives per second before packets exceeding the maximum are dropped.

GetZoneProtectionProfileIpv6

AnycastSource bool: Discard IPv6 packets that contain an anycast source address.
FilterExtHdr GetZoneProtectionProfileIpv6FilterExtHdr: Filter ext hdr
Icmpv6TooBigSmallMtuDiscard bool: Discard IPv6 packets that contain a Packet Too Big ICMPv6 message when the maximum transmission unit (MTU) is less than 1,280 bytes.
IgnoreInvPkt GetZoneProtectionProfileIpv6IgnoreInvPkt: Ignore inv pkt
Ipv4CompatibleAddress bool: Discard IPv6 packets that are defined as an RFC 4291 IPv4-Compatible IPv6 address.
NeedlessFragmentHdr bool: Discard IPv6 packets with the last fragment flag (M=0) and offset of zero.
OptionsInvalidIpv6Discard bool: Discard IPv6 packets that contain invalid IPv6 options in an extension header.
ReservedFieldSetDiscard bool: Discard IPv6 packets that have a header with a reserved field not set to zero.
RoutingHeader0 bool: Drop packets with type 0 routing header.
RoutingHeader1 bool: Drop packets with type 1 routing header.
RoutingHeader253 bool: Drop packets with type 253 routing header.
RoutingHeader254 bool: Drop packets with type 254 routing header.
RoutingHeader255 bool: Drop packets with type 255 routing header.
RoutingHeader3 bool: Drop packets with type 3 routing header.
RoutingHeader4252 bool: Drop packets with type 4 to type 252 routing header.

AnycastSource bool: Discard IPv6 packets that contain an anycast source address.
FilterExtHdr GetZoneProtectionProfileIpv6FilterExtHdr: Filter ext hdr
Icmpv6TooBigSmallMtuDiscard bool: Discard IPv6 packets that contain a Packet Too Big ICMPv6 message when the maximum transmission unit (MTU) is less than 1,280 bytes.
IgnoreInvPkt GetZoneProtectionProfileIpv6IgnoreInvPkt: Ignore inv pkt
Ipv4CompatibleAddress bool: Discard IPv6 packets that are defined as an RFC 4291 IPv4-Compatible IPv6 address.
NeedlessFragmentHdr bool: Discard IPv6 packets with the last fragment flag (M=0) and offset of zero.
OptionsInvalidIpv6Discard bool: Discard IPv6 packets that contain invalid IPv6 options in an extension header.
ReservedFieldSetDiscard bool: Discard IPv6 packets that have a header with a reserved field not set to zero.
RoutingHeader0 bool: Drop packets with type 0 routing header.
RoutingHeader1 bool: Drop packets with type 1 routing header.
RoutingHeader253 bool: Drop packets with type 253 routing header.
RoutingHeader254 bool: Drop packets with type 254 routing header.
RoutingHeader255 bool: Drop packets with type 255 routing header.
RoutingHeader3 bool: Drop packets with type 3 routing header.
RoutingHeader4252 bool: Drop packets with type 4 to type 252 routing header.

anycastSource Boolean: Discard IPv6 packets that contain an anycast source address.
filterExtHdr GetZoneProtectionProfileIpv6FilterExtHdr: Filter ext hdr
icmpv6TooBigSmallMtuDiscard Boolean: Discard IPv6 packets that contain a Packet Too Big ICMPv6 message when the maximum transmission unit (MTU) is less than 1,280 bytes.
ignoreInvPkt GetZoneProtectionProfileIpv6IgnoreInvPkt: Ignore inv pkt
ipv4CompatibleAddress Boolean: Discard IPv6 packets that are defined as an RFC 4291 IPv4-Compatible IPv6 address.
needlessFragmentHdr Boolean: Discard IPv6 packets with the last fragment flag (M=0) and offset of zero.
optionsInvalidIpv6Discard Boolean: Discard IPv6 packets that contain invalid IPv6 options in an extension header.
reservedFieldSetDiscard Boolean: Discard IPv6 packets that have a header with a reserved field not set to zero.
routingHeader0 Boolean: Drop packets with type 0 routing header.
routingHeader1 Boolean: Drop packets with type 1 routing header.
routingHeader253 Boolean: Drop packets with type 253 routing header.
routingHeader254 Boolean: Drop packets with type 254 routing header.
routingHeader255 Boolean: Drop packets with type 255 routing header.
routingHeader3 Boolean: Drop packets with type 3 routing header.
routingHeader4252 Boolean: Drop packets with type 4 to type 252 routing header.

anycastSource boolean: Discard IPv6 packets that contain an anycast source address.
filterExtHdr GetZoneProtectionProfileIpv6FilterExtHdr: Filter ext hdr
icmpv6TooBigSmallMtuDiscard boolean: Discard IPv6 packets that contain a Packet Too Big ICMPv6 message when the maximum transmission unit (MTU) is less than 1,280 bytes.
ignoreInvPkt GetZoneProtectionProfileIpv6IgnoreInvPkt: Ignore inv pkt
ipv4CompatibleAddress boolean: Discard IPv6 packets that are defined as an RFC 4291 IPv4-Compatible IPv6 address.
needlessFragmentHdr boolean: Discard IPv6 packets with the last fragment flag (M=0) and offset of zero.
optionsInvalidIpv6Discard boolean: Discard IPv6 packets that contain invalid IPv6 options in an extension header.
reservedFieldSetDiscard boolean: Discard IPv6 packets that have a header with a reserved field not set to zero.
routingHeader0 boolean: Drop packets with type 0 routing header.
routingHeader1 boolean: Drop packets with type 1 routing header.
routingHeader253 boolean: Drop packets with type 253 routing header.
routingHeader254 boolean: Drop packets with type 254 routing header.
routingHeader255 boolean: Drop packets with type 255 routing header.
routingHeader3 boolean: Drop packets with type 3 routing header.
routingHeader4252 boolean: Drop packets with type 4 to type 252 routing header.

anycast_source bool: Discard IPv6 packets that contain an anycast source address.
filter_ext_hdr GetZoneProtectionProfileIpv6FilterExtHdr: Filter ext hdr
icmpv6_too_big_small_mtu_discard bool: Discard IPv6 packets that contain a Packet Too Big ICMPv6 message when the maximum transmission unit (MTU) is less than 1,280 bytes.
ignore_inv_pkt GetZoneProtectionProfileIpv6IgnoreInvPkt: Ignore inv pkt
ipv4_compatible_address bool: Discard IPv6 packets that are defined as an RFC 4291 IPv4-Compatible IPv6 address.
needless_fragment_hdr bool: Discard IPv6 packets with the last fragment flag (M=0) and offset of zero.
options_invalid_ipv6_discard bool: Discard IPv6 packets that contain invalid IPv6 options in an extension header.
reserved_field_set_discard bool: Discard IPv6 packets that have a header with a reserved field not set to zero.
routing_header0 bool: Drop packets with type 0 routing header.
routing_header1 bool: Drop packets with type 1 routing header.
routing_header253 bool: Drop packets with type 253 routing header.
routing_header254 bool: Drop packets with type 254 routing header.
routing_header255 bool: Drop packets with type 255 routing header.
routing_header3 bool: Drop packets with type 3 routing header.
routing_header4252 bool: Drop packets with type 4 to type 252 routing header.

anycastSource Boolean: Discard IPv6 packets that contain an anycast source address.
filterExtHdr Property Map: Filter ext hdr
icmpv6TooBigSmallMtuDiscard Boolean: Discard IPv6 packets that contain a Packet Too Big ICMPv6 message when the maximum transmission unit (MTU) is less than 1,280 bytes.
ignoreInvPkt Property Map: Ignore inv pkt
ipv4CompatibleAddress Boolean: Discard IPv6 packets that are defined as an RFC 4291 IPv4-Compatible IPv6 address.
needlessFragmentHdr Boolean: Discard IPv6 packets with the last fragment flag (M=0) and offset of zero.
optionsInvalidIpv6Discard Boolean: Discard IPv6 packets that contain invalid IPv6 options in an extension header.
reservedFieldSetDiscard Boolean: Discard IPv6 packets that have a header with a reserved field not set to zero.
routingHeader0 Boolean: Drop packets with type 0 routing header.
routingHeader1 Boolean: Drop packets with type 1 routing header.
routingHeader253 Boolean: Drop packets with type 253 routing header.
routingHeader254 Boolean: Drop packets with type 254 routing header.
routingHeader255 Boolean: Drop packets with type 255 routing header.
routingHeader3 Boolean: Drop packets with type 3 routing header.
routingHeader4252 Boolean: Drop packets with type 4 to type 252 routing header.

GetZoneProtectionProfileIpv6FilterExtHdr

DestOptionHdr bool: Discard IPv6 packets that contain the Destination Options extension, which contains options intended only for the destination of the packet.
HopByHopHdr bool: Discard IPv6 packets that contain the Hop-by-Hop Options extension header.
RoutingHdr bool: Discard IPv6 packets that contain the Routing extension header, which directs packets to one or more intermediate nodes on its way to its destination.

DestOptionHdr bool: Discard IPv6 packets that contain the Destination Options extension, which contains options intended only for the destination of the packet.
HopByHopHdr bool: Discard IPv6 packets that contain the Hop-by-Hop Options extension header.
RoutingHdr bool: Discard IPv6 packets that contain the Routing extension header, which directs packets to one or more intermediate nodes on its way to its destination.

destOptionHdr Boolean: Discard IPv6 packets that contain the Destination Options extension, which contains options intended only for the destination of the packet.
hopByHopHdr Boolean: Discard IPv6 packets that contain the Hop-by-Hop Options extension header.
routingHdr Boolean: Discard IPv6 packets that contain the Routing extension header, which directs packets to one or more intermediate nodes on its way to its destination.

destOptionHdr boolean: Discard IPv6 packets that contain the Destination Options extension, which contains options intended only for the destination of the packet.
hopByHopHdr boolean: Discard IPv6 packets that contain the Hop-by-Hop Options extension header.
routingHdr boolean: Discard IPv6 packets that contain the Routing extension header, which directs packets to one or more intermediate nodes on its way to its destination.

dest_option_hdr bool: Discard IPv6 packets that contain the Destination Options extension, which contains options intended only for the destination of the packet.
hop_by_hop_hdr bool: Discard IPv6 packets that contain the Hop-by-Hop Options extension header.
routing_hdr bool: Discard IPv6 packets that contain the Routing extension header, which directs packets to one or more intermediate nodes on its way to its destination.

destOptionHdr Boolean: Discard IPv6 packets that contain the Destination Options extension, which contains options intended only for the destination of the packet.
hopByHopHdr Boolean: Discard IPv6 packets that contain the Hop-by-Hop Options extension header.
routingHdr Boolean: Discard IPv6 packets that contain the Routing extension header, which directs packets to one or more intermediate nodes on its way to its destination.

GetZoneProtectionProfileIpv6IgnoreInvPkt

DestUnreach bool: Require an explicit Security policy match for Destination Unreachable ICMPv6 messages, even when the message is associated with an existing session.
ParamProblem bool: Require an explicit Security policy match for Parameter Problem ICMPv6 messages, even when the message is associated with an existing session.
PktTooBig bool: Require an explicit Security policy match for Packet Too Big ICMPv6 messages, even when the message is associated with an existing session.
Redirect bool: Require an explicit Security policy match for Redirect Message ICMPv6 messages, even when the message is associated with an existing session.
TimeExceeded bool: Require an explicit Security policy match for Time Exceeded ICMPv6 messages, even when the message is associated with an existing session.

DestUnreach bool: Require an explicit Security policy match for Destination Unreachable ICMPv6 messages, even when the message is associated with an existing session.
ParamProblem bool: Require an explicit Security policy match for Parameter Problem ICMPv6 messages, even when the message is associated with an existing session.
PktTooBig bool: Require an explicit Security policy match for Packet Too Big ICMPv6 messages, even when the message is associated with an existing session.
Redirect bool: Require an explicit Security policy match for Redirect Message ICMPv6 messages, even when the message is associated with an existing session.
TimeExceeded bool: Require an explicit Security policy match for Time Exceeded ICMPv6 messages, even when the message is associated with an existing session.

destUnreach Boolean: Require an explicit Security policy match for Destination Unreachable ICMPv6 messages, even when the message is associated with an existing session.
paramProblem Boolean: Require an explicit Security policy match for Parameter Problem ICMPv6 messages, even when the message is associated with an existing session.
pktTooBig Boolean: Require an explicit Security policy match for Packet Too Big ICMPv6 messages, even when the message is associated with an existing session.
redirect Boolean: Require an explicit Security policy match for Redirect Message ICMPv6 messages, even when the message is associated with an existing session.
timeExceeded Boolean: Require an explicit Security policy match for Time Exceeded ICMPv6 messages, even when the message is associated with an existing session.

destUnreach boolean: Require an explicit Security policy match for Destination Unreachable ICMPv6 messages, even when the message is associated with an existing session.
paramProblem boolean: Require an explicit Security policy match for Parameter Problem ICMPv6 messages, even when the message is associated with an existing session.
pktTooBig boolean: Require an explicit Security policy match for Packet Too Big ICMPv6 messages, even when the message is associated with an existing session.
redirect boolean: Require an explicit Security policy match for Redirect Message ICMPv6 messages, even when the message is associated with an existing session.
timeExceeded boolean: Require an explicit Security policy match for Time Exceeded ICMPv6 messages, even when the message is associated with an existing session.

dest_unreach bool: Require an explicit Security policy match for Destination Unreachable ICMPv6 messages, even when the message is associated with an existing session.
param_problem bool: Require an explicit Security policy match for Parameter Problem ICMPv6 messages, even when the message is associated with an existing session.
pkt_too_big bool: Require an explicit Security policy match for Packet Too Big ICMPv6 messages, even when the message is associated with an existing session.
redirect bool: Require an explicit Security policy match for Redirect Message ICMPv6 messages, even when the message is associated with an existing session.
time_exceeded bool: Require an explicit Security policy match for Time Exceeded ICMPv6 messages, even when the message is associated with an existing session.

destUnreach Boolean: Require an explicit Security policy match for Destination Unreachable ICMPv6 messages, even when the message is associated with an existing session.
paramProblem Boolean: Require an explicit Security policy match for Parameter Problem ICMPv6 messages, even when the message is associated with an existing session.
pktTooBig Boolean: Require an explicit Security policy match for Packet Too Big ICMPv6 messages, even when the message is associated with an existing session.
redirect Boolean: Require an explicit Security policy match for Redirect Message ICMPv6 messages, even when the message is associated with an existing session.
timeExceeded Boolean: Require an explicit Security policy match for Time Exceeded ICMPv6 messages, even when the message is associated with an existing session.

GetZoneProtectionProfileL2SecGroupTagProtection

Tags List<GetZoneProtectionProfileL2SecGroupTagProtectionTag>: Tags

Tags []GetZoneProtectionProfileL2SecGroupTagProtectionTag: Tags

tags List<GetZoneProtectionProfileL2SecGroupTagProtectionTag>: Tags

tags GetZoneProtectionProfileL2SecGroupTagProtectionTag[]: Tags

tags Sequence[GetZoneProtectionProfileL2SecGroupTagProtectionTag]: Tags

tags List<Property Map>: Tags

GetZoneProtectionProfileL2SecGroupTagProtectionTag

Enable bool: Enable this exclude list for Ethernet SGT protection.
Name string: Name for the list of Security Group Tags (SGTs).
Tag string: The Layer 2 SGTs in headers of packets that you want to exclude (drop) when the SGT matches this list in the Zone Protection profile applied to a zone (range is 0 to 65,535).

Enable bool: Enable this exclude list for Ethernet SGT protection.
Name string: Name for the list of Security Group Tags (SGTs).
Tag string: The Layer 2 SGTs in headers of packets that you want to exclude (drop) when the SGT matches this list in the Zone Protection profile applied to a zone (range is 0 to 65,535).

enable Boolean: Enable this exclude list for Ethernet SGT protection.
name String: Name for the list of Security Group Tags (SGTs).
tag String: The Layer 2 SGTs in headers of packets that you want to exclude (drop) when the SGT matches this list in the Zone Protection profile applied to a zone (range is 0 to 65,535).

enable boolean: Enable this exclude list for Ethernet SGT protection.
name string: Name for the list of Security Group Tags (SGTs).
tag string: The Layer 2 SGTs in headers of packets that you want to exclude (drop) when the SGT matches this list in the Zone Protection profile applied to a zone (range is 0 to 65,535).

enable bool: Enable this exclude list for Ethernet SGT protection.
name str: Name for the list of Security Group Tags (SGTs).
tag str: The Layer 2 SGTs in headers of packets that you want to exclude (drop) when the SGT matches this list in the Zone Protection profile applied to a zone (range is 0 to 65,535).

enable Boolean: Enable this exclude list for Ethernet SGT protection.
name String: Name for the list of Security Group Tags (SGTs).
tag String: The Layer 2 SGTs in headers of packets that you want to exclude (drop) when the SGT matches this list in the Zone Protection profile applied to a zone (range is 0 to 65,535).

GetZoneProtectionProfileNonIpProtocol

ListType string

Specify the type of list you are creating for protocol protection:

Include List—Only the protocols on the list are allowed—in addition to IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), and VLAN tagged frames (0x8100). All other protocols are implicitly denied (blocked).
Exclude List—Only the protocols on the list are denied; all other protocols are implicitly allowed. You cannot exclude IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), or VLAN tagged frames (0x8100).

Protocols List<GetZoneProtectionProfileNonIpProtocolProtocol>

Protocol

ListType string

Specify the type of list you are creating for protocol protection:

Include List—Only the protocols on the list are allowed—in addition to IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), and VLAN tagged frames (0x8100). All other protocols are implicitly denied (blocked).
Exclude List—Only the protocols on the list are denied; all other protocols are implicitly allowed. You cannot exclude IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), or VLAN tagged frames (0x8100).

Protocols []GetZoneProtectionProfileNonIpProtocolProtocol

Protocol

listType String

Specify the type of list you are creating for protocol protection:

Include List—Only the protocols on the list are allowed—in addition to IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), and VLAN tagged frames (0x8100). All other protocols are implicitly denied (blocked).
Exclude List—Only the protocols on the list are denied; all other protocols are implicitly allowed. You cannot exclude IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), or VLAN tagged frames (0x8100).

protocols List<GetZoneProtectionProfileNonIpProtocolProtocol>

Protocol

listType string

Specify the type of list you are creating for protocol protection:

Include List—Only the protocols on the list are allowed—in addition to IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), and VLAN tagged frames (0x8100). All other protocols are implicitly denied (blocked).
Exclude List—Only the protocols on the list are denied; all other protocols are implicitly allowed. You cannot exclude IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), or VLAN tagged frames (0x8100).

protocols GetZoneProtectionProfileNonIpProtocolProtocol[]

Protocol

list_type str

Specify the type of list you are creating for protocol protection:

Include List—Only the protocols on the list are allowed—in addition to IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), and VLAN tagged frames (0x8100). All other protocols are implicitly denied (blocked).
Exclude List—Only the protocols on the list are denied; all other protocols are implicitly allowed. You cannot exclude IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), or VLAN tagged frames (0x8100).

protocols Sequence[GetZoneProtectionProfileNonIpProtocolProtocol]

Protocol

listType String

Specify the type of list you are creating for protocol protection:

Include List—Only the protocols on the list are allowed—in addition to IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), and VLAN tagged frames (0x8100). All other protocols are implicitly denied (blocked).
Exclude List—Only the protocols on the list are denied; all other protocols are implicitly allowed. You cannot exclude IPv4 (0x0800), IPv6 (0x86DD), ARP (0x0806), or VLAN tagged frames (0x8100).

protocols List<Property Map>

Protocol