certificatemetadata
An object to store metadata about an end entity's certificate.
vportinfo
Represents the vport status info at individual gateway for ethernet segment group
threatpreventionnodeinfo
Represents the Individual Threat Prevention Node object in cluster deployment
forwardingclass
Contains the Forwarding Class and its usage for load balancing.
sysmonuplinkconnection
Models the connection between a VRS and the controller.
allocationpool
IP Address range requested for a VM IP Reservation.
bfdsessions
Represents the Bidirectional Forwarding Detection session that can be configured on an uplink/BR connection.
connectionendpoints
SSH (Secure Shell) is used to provide secure remote console access to NSGs deployed in branch locations. For additional security, you may restrict SSH access from specific host(s) by providing a list of source IP addresses.
csnatpools
Customer Alias IP range to be used in provider domain. This pool is used to map customer private IPs from customer domain to customer public IPs in provider domain.
ctranslationmaps
1:1 mapping of customer private IPs in customer domain to customer alias (public) IPs in provider domain and N:1 mapping to customer alias SPAT IP in the provider domain.
customproperties
Developed in the context of the Uplink Connection on the NSG, this API could be used for other types of objects. It is used as a collection of name-value (or key-value) pairs for custom attributes that could be used to enrich existing class instances.
deploymentfailures
A deployment failure represents a deployment operation initiated by the VSD that resulted in a failure.
ducgroupbindings
No description available
ducgroups
A logical group of 1 or more NSGs of personality NSG-UBR, that are used to provide connectivity between NSGs in disjoint underlays.
firewallacls
No description available
firewallrules
No description available
gnmiprofiles
Represents configuration to access device using gNMI protocol
gnmisessions
Represents GNMI session between gateway and Config Manager, This can only be created by netconfmgr user
idpprofileactions
An IDP Profile/Rule Action specifies what signatures to search for in the network traffic, and what action to take if those signatures are found.
idpsignatures
Intrusion Detection & Prevention Signature groups
infrastructureevdfprofiles
An Infrastructure eVDF Profile instance contains common parameters used to bootstrap instances of eVDF (encryption enabled virtual distributed firewall).
netconfsessions
Represents session between gateway and Netconf Manager, This can only be created by netconfmgr user
networkperformancemeasurements
Network Performance Measurement is a container for group of applications and monitor scopes
nexthops
Next-hop address used to leak the routes from source domain onto the destination domain.
nsggroups
A logical group of NSG and NSG-BR instances that can be used to assign NSG-UBRs to all NSGs in the group, to provide connectivity to NSGs in disjoint underlays.
nsgroutingpolicybindings
The NSG routing policy binding is used to assign routing policies to an NSG or group of NSGs as defined by the routing policy group. The local routing policies assigned to an NSG in a policy binding are preferred over global routing policies defined at the OSPF instance level.
overlaymanagementprofiles
Overlay Management Profiles link a DNA Subnet used for management traffic and other objects such as Syslog Destinations
overlaymanagementsubnetprofiles
The Overlay Management Subnet profile that maps to a DNA subnet and contains the syslog destinations. Where DNS means Do Not Advertise (Advertise=False)
patches
This entity defines a patch installed somewhere (ie. NSG Patch)
policyentries
No description available
policyobjectgroups
Policy Object Groups are a collection of existing Network Services Gateways. These groups can be used in routing policies for domain links.
policystatements
No description available
psnatpools
Provider alias IP range to map provider private IPs from provider domain to provider public IPs in the customer domain.
pspatmaps
Reserved provider SPAT IPs to be used to SPAT a collection of provider private IPs in customer domain.
ptranslationmaps
1:1 mappings of private IPs in provider domain to the provider alias (public) IPs in customer domain and N:1 mappings of a collection of provider private IPs to a provider alias IP into the customer domain.
roleentries
Entry for each end point with assoicatiated permissions.
roles
Entity to create a new role for role based authentication
saasapplicationgroups
Collection of SaaS Application Types.
spatsourcespools
The list of source IPs from the provider domain to be SPATed.
sshkeys
SSH (Secure Shell) is used to provide secure remote console access to NSGs deployed in branch locations. When key-based authentication is in use, the SSH keys represent the list of public keys that are authorized to open an SSH connection with the username set at the Access Profile level.
supplementalinfraconfig
Supplemental infrastructure configuration which includes information in addition to the existing infrastructure configuration. Encapsulates properties with large data or those properties for which the existing infraconfig work-flow is not to be disturbed.
syslogdestinations
Syslog Destination provides the definition for a Syslog Server Destination
threatpreventionserverconnections
Represents connection between VSD instance and Threat Prevention Server
trunks
A trunk is used to attach multiple vPorts to a single NIC on a VM. These sub-vPorts are separated by a segmentation identifier (currently the VLAN ID) so the attached VM can distinguish between traffic on the sub-vPorts.
underlays
Underlays identify the transport networks that provide connectivity between NSGs, e.g. the Internet or a carrier MPLS VPN. The modelling of an underlay is required when using multiple disjoint underlays that are interconnected via one or more NSG-UBRs. The underlay object is used at the NSG Control uplink and at the NSG-UBR Underlay uplink. If no underlays are defined a default underlay is used.
underlaytests
Underlay Test is a wrapper object for a Test Suite Run from the built in Underlay Tests Test Suite.
virtualuplinks
Virtual Uplinks are entities that represent on an NSG the properties that are set for corresponding control uplink instances that are residing on the NSG RG Peer when tied together by a Shunt Link.

addressmgmt

vmipreservations
VM IP Reservation under Subnet/L2Domain.

alarm

alarms
The alarm API allows the management of system alarms.
allalarms
The alarm API allows the management of system alarms.

appd

links
Border router links provide a way to interconnect VNS domains in the wide-area to datacenter domains. Service chaining links allow domain leaking in order to simplify and enhance capabilities of doing service chaining and traffic steering for NFV and service-provider-grade VPN services.

bgp

bgpneighbors
Virtual Cloud Services (VCS) in the data center BGP PE-CE is configured at vport level . Network Service Gateways (NSG) BGP is configured at subnet level.
bgpprofiles
Definitions for default import/export routing policies and dampening profiles

certificate

certificates
This object represents a X509 Certificate Request

cms

cms
Object that identifies a cloud management system.

common

aggregatemetadatas
Metadata associated to a entity
globalmetadatas
Metadata associated to a entity.
metadatas
Metadata contains user-defined data that can be attached to any VSD object. The value of a metadata can be interpreted by various external systems for any needs. Local Metadata are directly created under an object.
sites
Remote Site info.
vsdconfigs
The VSD Configuration which can be dynamically managed using REST Api.

container

containerinterfaces
API that can retrieve the container interface associated with a domain, zone or subnet for mediation created container's for REST created container interfaces you need to set the additional proxy header in http request : X-Nuage-ProxyUservalue of the header has to be either :1) enterpriseName@UserName (example :bob@Nokia), or 2) external ID of user in VSD, typically is UUID generally decided by the CMS tool in questionUser needs to have CMS privileges to use proxy user header.
containerresync
Provide information about the state of a container resync request.
containers
API that can retrieve the containers associated with a domain, zone or subnet for mediation created containers for REST created containers you need to set the additional proxy user header in http request : X-Nuage-ProxyUservalue of the header has to be either :1) enterpriseName@UserName (example : Nokia@bob), or 2) external ID of user in VSD, typically is UUID generally decided by the CMS tool in questionUser needs to have CMS privileges to use proxy user header.

diagnostics

testdefinitions
A Test definition describes a command to run inside a diagnositcs container on an NSGateway. It represents a command with arguments that will be run in the container as part of a Test Suite run
testruns
A Test Run object represents the execution of a specific Test as part of a Test Suite Run.
tests
A Test defines a command to run inside a diagnositc container on an NSG. It represents a command with arguments that will be executed within the diagnostic container as part of a Test Suite run
testsuiteruns
A Test Suite Run represents the execution of a given Test Suite within a diagnostic container on an NSG. It groups together multiple Test Runs.
testsuites
A Test Suite is grouping a number of diagnostic Tests that can be run consecutively from a given source (NSGateway or VPort) toward a specified destination.

domain

domainkindsummaries
Represents a readonly domain summary object - various attributes of this object are gathered from Domain, Zones, SubNetwork, NSGInfo objects

eventlog

eventlogs
The API retrieves the events related to a particular entity

gateway

addressmaps
Defines an address mapping between a private IP and a port with a public IP address and port.
allgateways
A read-only API to get all gateway objects in the VSD environment. Use the ID field to then actually manage the gateway using the gateway API entity.
allredundancygroups
A read only API to get all redundancy gateway objects in the VSD environment. Use the ID field to then actually manage the redundancy gateway using the redundancy gateway API entity.
autodiscoveredgateways
Represents Auto discovered Gateway.
bootstrapactivations
NSG Gateway initiated Bootstrap Activation
bootstraps
Gateway bootstrap details.
enterprisepermissions
Represents Enterprise Permission for a CSP entity.
ethernetsegmentgroups
Group of Ethernet Segments with same ID.
ethernetsegmentgwgroups
Group of Gateways with common Ethernet Segment IDs (upto 4 Gateways).
gatewayredundantports
Represents a redundant Port under a particular gateway object or redundant group object.
gateways
Represents Gateway object.
gatewaytemplates
A gateway is your point of exit to an external network. It can be a physical or a virtual device. Gateways are templatable. You can attach gateway's VLANs to any existing host or bridge VPorts.
infraconfig
Represents Infrastructure Config
locations
Gateway location details.
natmapentries
Defines a MAP between the private ip and public ip.
netconfgateways
Represents Netconf Gateway object.
nsredundantports
Represents a Port under a particular gateway object or redundant group object.
overlayaddresspools
The address pool the public IP of the PAT/NAT entries belong too.
overlaypatnatentries
Create a static NAT 1:1 IP mapping between a Pool IP and a host IP in the branch domain, to provide access to the branch resource.
patipentries
PATIPEntry is auto-generated (southbound case, decentralized for containers) or through REST (for centralized case, user can choose a IP).
patmappers
PAT Mapper is a construct which will be associated with 1-N FIP Domains
patnatpools
Address Translation Pools are a range of externally routable IP addresses. User or application traffic is translated prior to being forwarded across the network.
portmappings
missing documentation.
ports
A port represents specific connection point of a gateway. It can be used for internal networking, like an uplink connection or a management network. It can also be used for domain's access.
porttemplates
Represents a Port Template object under a given gateway template object.
redundancygroups
Represents Redundant Group formed by two Gateways.
services
Represents a WAN Service Object.
vlans
VLANs are Virtual Local Area Networks. They allow to differentiate several traffic flows inside a single Port. A VLAN with a value set to 0 can be used to tell the system to not use any tagging.
vlantemplates
Represents VLAN Template under a Port Template object.
vsgredundantports
Represents a redundant Port under a particular gateway object or redundant group object.

idsips

idpprofiles
IDP Profile/Rules are used to detect intrusion attempts and/or inspect network traffic and take appropriate action.

ike

ikecertificates
Represents an IKE Trusted Certificate
ikeencryptionprofiles
Represents an IKE Profile
ikegatewayconfig
Represents an IKE Gateway Configuration Object
ikegatewayconnections
Set the attributes like NSG role, authentication method etc for establishing IKE security association with remote gateway.
ikegatewayprofiles
Define attributes of the remote IKE gateway.
ikegateways
Represents an IKE Gateway
ikepsks
Shared secret used during the authentication phase of IKE protocol.
ikesubnets
Represents an IKE Subnet (remote side)

infrastructure

downloadprogress
An object representing the progress of gateway image download
infrastructureaccessprofiles
Infrastructure Access Profiles identify a set of NSG template level platform attributes specifically related to user and access control, inherited by gateways as they are instantiated.
infrastructuregatewayprofiles
Infrastructure Gateway Profiles are gateway-level platform attributes inherited by gateways as they are instantiated, connecting them to Nuage management infrastructure.
infrastructurevscprofiles
Infrastructure VSC Profiles identify a set of controllers which will be used to connect bootstrapped NSGs.
netconfprofiles
Represents configuration to access device using Netconf protocol
nsgpatchprofiles
An NSG Patch Profile contains upgrade information that can be given to an NSG Instance. The profile contains details on where the NSG can retrieve the image to upgrade to, and some criteria related to when the upgrade is to happen once the NSG device has received the information for upgrading.
nsgupgradeprofiles
An NSG Upgrade Profile contains upgrade information that can be given to an NSG Instance. The profile contains details on where the NSG can retrieve the image to upgrade to, and some criteria related to when the upgrade is to happen once the NSG device has received the information for upgrading.

ipsec

enterprisesecureddatas
This object represents the secured data object under the enterprise
enterprisesecurities
This object represents the enterprise security
gatewaysecureddatas
This object represents the secured data object under the gateway
gatewaysecurities
This object represents the gateway security object

job

jobs
Represents JOB entity. The job API accepts a command and parameters and executes the job and returns the results. Jobs API are typically used for long running tasks.

keyserver

groupkeyencryptionprofiles
Represents a Group Key Profile
keyservermembers
Represents a KeyServer
keyservermonitorencryptedseeds
Represents a Keyserver Monitor Encrypted Seed Snapshot.
keyservermonitors
Represents a Keyserver Monitor Snapshot.
keyservermonitorseeds
Represents a Keyserver Monitor Seed Snapshot.
keyservermonitorseks
Represents a Keyserver Monitor SEK Snapshot.

licensemgmt

licenses
Enables retrieval/modification and creation of license files. Most of the attributes are retrieved from the encrypted license. The create API simply provides the encrypted license that is in base64 format.
licensestatus
No description available

netconf

netconfmanagers
Identifies Netconf Manager communicating with VSD, This can only be created by netconfmgr user

netconfdcgw

egressprofiles
An Egress Profile represents an aggregation of IP, MAC and egress QoS profiles that are applied on a VPort instance.
ingressprofiles
An Ingress Profile represents an aggregation of IP, MAC and ingress QoS profiles that are applied on a VPort instance.
ipfilterprofiles
7x50 IP Filter profile
ipv6filterprofiles
7x50 IPv6 Filter profile
macfilterprofiles
7x50 MAC Filter profile
sapegressqosprofiles
7x50 SAP Egress QoS profile
sapingressqosprofiles
7x50 SAP Ingress QoS profile

network

addressranges
Address ranges are used for dynamic IP address allocation within the subnet. Multiple address ranges may be used to support non-contiuous IP address ranges. VMs and hosts without static IP addresses assigned will receive an address within the available ranges.
aggregateddomains
Aggregated Domains represents a VPRN that aggregates regular L3 Domains, and then it does leaking from the VPRN to the GRT as an option.
defaultgateways
This object represent default Gateway associated with Subnet
dhcpoptions
Allows the definition of one or more DHCP options that will be provided to all VMs that are associated with a given domain. DHCP options are provided as Type- Length-Value (TLV). There is no validation by VSD on whether these options are valid or not. It is up to the user to guarantee that the options make sense for their application.
dhcpv6options
Allows the definition of one or more DHCPv6 options that will be provided to all VMs that are associated with a given domain. DHCPv6 options are provided as Type- Length-Value (TLV). There is no validation by VSD on whether these options are valid or not. It is up to the user to guarantee that the options make sense for their application.
domains
This object is used to manipulate domain state. A domain corresponds to a distributed Virtual Router and Switch.
domaintemplates
A domain is a distributed logical router that enables L2 and L3 communication. A domain template is a model that can be instantiated as often as required, thereby creating real, functioning domains.
enterprisenetworks
Network Macros are organization wide defined macros that can be used as a destination of a policy rule. For instance, you can create a network that represents your internal Intranet access, and use it as a destination of a policy rule to drop any packet that is coming from a particular port. Macros can now be created under SaaS Application Types. SaaS Application Types can then be associated to a SaaS Application Group which can be used as a destination of a policy rule.
floatingips
Floating IP that is associated to a Domain. This floating IP could be used in the VM interface for NAT functionality.
ipreservations
You can reserve and allocate IP addresses according to the host MAC address
l2domains
This is the definition of a l2 domain associated with a Enterprise.
l2domaintemplates
An L2 Domain is a distributed logical switch that enables L2 communication. An L2 Domain template is a model that can be instantiated as often as required, thereby creating real, functioning L2 Domains.
multicastchannelmaps
Multicast channel maps define the available multicast groups that can be joined by VMs belonging to enterprises to which the maps have been assigned to. A map can contain one or more ranges defining the available channels. Ranges are non overlapping within a single map.
multicastlists
This is the definition of a MultiCast Channel List.
multicastranges
A multicast channel range defines a set of multicast groups that will be allowed to be joined. They act as a set of "white-list" addresses that a VM will be allowed to join. A multicast channel map requires at least one range defined to be of use. Ranges within the same channel map must be non-overlapping between each other. Groups not covered by a range won't be joinable from the VMs.
networklayout
This API defines the AS number that should be used in the data center as well as the IP address of the route reflector.
networkmacrogroups
Network Macro Groups are a collection of existing Network Macros. These groups can be used in Security Policies in order to create rules that matches multiple Network Macros.
ospfareas
OSPF relies on the concept of logical areas. The use of areas enables the hiding of topology information between areas whilst still providing reachability. Each router in the area shares the same routing tables, which simplifies the network topology and helps to optimize the route calculation algorithm.
ospfinstances
The OSPF instance is the highest hierarchical OSPF configuration object in a domain. The OSPF instance allows you to assign global import and export routing policies for OSPF traffic in the domain.
ospfinterfaces
The OSPF interface represents the connection of a router to the OSPF network. The OSPF interface defines the protocol metrics and security parameters for OSPF traffic on a V-Port on the specified subnet. An OSPF interface can exist in only one OSPF area.
proxyarpfilters
Proxy ARP filters represent black-list of address ranges for NSG acting as ARP proxy
publicnetworks
Similar to the enterprise macros, the public network macro allows an administrator of an enterprise to define range of subnets that can be used by users in the ACL definition.
routingpolicies
Pre-defined sets of attributes used in policy match conditions: prefix lists, entries, damping profiles, etc.
routingpolicybindings
The routing policy binding is used to assign routing policies to a Gateway or group of Gateways as defined by the routing policy group. The local routing policies assigned to a Gateway in a policy binding are preferred over global routing policies defined at the OSPF instance level.
sharednetworkresources
This defines shared infrastructure resources that are created by user with CSPROOT role. These resources can be used by all the enterprises in the data center for various purposes. Examples of shared resources are public subnet, floating subnet, public L2 domain.
staticroutes
Static routes allow end users to define how traffic is routed through the dVRS in addition to the routes learned by VSC through VM activation. By using static routes, end users can define for example that all traffic with a destination address towards a specific subnet must be forwarded to a specific VM attached in the dVRS and this VM could be a firewall
subnets
This is the definition of a subnet associated with a Zone.
subnettemplates
As domain and zone objects, subnet objects are created in VSD as derived by templates. This object describes the subnet template.
uplinkconnections
Configuration of VNS Gateway uplinks
uplinkroutedistinguishers
Represents a network port uplink route distinguisher value.
vpnconnections
Attaching this object to a WAN Service allows to extend its connectivity to and from external resources defined on your Data Center Edge Gateway.
zones
The zone is a collection of subnets attached to a domain. The zone concept enables the definition of policies for collections of subnets.
zonetemplates
As in domains and subnets, zones are derived from templates. This object provides the definition of the template.

nsg

captiveportalprofiles
Object representing a Wireless Access Captive Portal Profile which can be associated with SSID entities from which end users may be presented with instructions and condition of use when connecting to an open wireless access point.
gatewayslocations
Gateway location details
lteinformations
Contains information about the LTE dongle plugged in USB port on NSG. This would have information like - Modem Manufacturer, Model Number, Subscriber Number, Operator etc. This information could vary from vendor to vendor.
nsgateways
Network Services Gateways are a policy enforcement end-points responsible for the delivery of networking services. NSG access ports/VLANs may be attached to existing host or bridge VPorts.
nsgatewayscounts
NSGateway count is a summary object per enterprise which contains the counts of inactive and NSGs by alarm severity. This object is used in Application Aware Routing (AAR) visualization
nsgatewaysmonitors
This API can be used to gather read-only information about an NSG, including information on its state, system metrics, alarm counts, location and version. It is a single view of the full data available for an NSG.
nsgatewayssummaries
Summary information such as alarm counts, location, version, boostrap status for Network Services Gateway
nsgatewaytemplates
Represents a Network Service Gateway Template.
nsginfos
Device information coming from the NSG. That includes the hardware type of the NSG (CPU, memory, family), the version of BIOS, build information, and software application packages installed.
nsgredundancygroups
Represents Redundant Group formed by two VNS Gateways.
nsports
Represents a Port of a particular NS Gateway object.
nsporttemplates
Represents Port Template object under a given gateway template object.
portinfos
This API provides a list of monitoring ports and a list of configured ports for a NSG
shuntlinks
A shunt link represents an alliance of uplink interface resources between two NSGs belonging to a Redundant Group. An operator specifies which network port-VLAN from each NSG peers to be considered as shunted together so that control uplinks from each NSG may be used by the other.
ssidconnections
An SSID Connection instance represents an SSID defined on a WiFi interface. One SSID Connection is required per SSID created on a WiFi Card/Port.
wirelessports
Represents a Wireless (WiFi) interface configured on a Network Service Gateway (NSG) instance. The WirelessPort instance may map to a physical WiFi card or a WiFi port.
zfbautoassignments
Pre-created matching criteria that allows CSPRoot to auto-assign incoming auto-bootstrapping requests to an Enterprise should a match occur.
zfbrequests
Pending requests reflect Network Services Gateways that have initiated request for bootstrapping. Requests can be assigned, or matched, to continue the bootstrapping process. If a request is rejected, the NSG will terminate the auto-bootstrapping attempts.

operation

commands
A Command represents an operation that needs to be executed on an entity (NSG, Gateway, ...) which requires little processing by VSD, but may result in a long activity on the external entity. An example would be to trigger an action on VSD so that a Gateway download a new image. VSDs handling of the request is limited to generating a message to be sent to the device on which the download process is expected. The device then acts on the request and proceeds with the download... That may be a long process. The commands API is similar to the Jobs API with regards to triggering operations on objects.

perfrouting

applicationbindings
Association of Applications in a priority order to an Application Performance Management Group. Priorities may be explicitly defined or auto-generated. Applications with higher priorities (lower numeric values) are evaluated first when classifying traffic.
applicationperformancemanagementbindings
Association object for maintaining the priority of AppliationGroup(s) associated to a Domain
applicationperformancemanagements
Application Group is a container for group of applications
applications
represents a application with L4/L7 classification
l7applicationsignatures
Layer 7 ApplicationType , these are auto created as part of VSD bringup
networkperformancebindings
Association of Network Performance Measurement policies enable the measurement of path SLA metrics between NSGs in the domain.
performancemonitors
To enable the network performance monitoring between NSGs in an NSG Group and NSG-UBRs in an NSG-UBR Group.

policy

dscpforwardingclassmappings
Provides the definition of a single DSCP to a Forwarding class mapping that is part of a Table used in QoS policies.
dscpforwardingclasstables
DSCP Mapping Tables define a list of mappings from customer's DSCP markings to Forwarding Classes. They can be referenced in QoS policies.
egressdomainfloatingipaclentrytemplates
Defines the template of Egress Domain ACL Template entries
egressdomainfloatingipacltemplates
Defines the template for an Domain Floating IP ACL
forwardingpathlistentries
Forwarding path list entry to be associated with forwarding path list for l4 based policy to PAT / IKE to underlay.
forwardingpathlists
Forwarding path list is l4 based policy to PAT / IKE to underlay.
l4servicegroups
Service Group is a set of Services that can be used in ACLs.
l4services
Service is a port range and protocol combination that can be used in ACLs
policydecisions
This object is a read only object that provides the policy decisions for a particular VM interface.
saasapplicationtypes
SaaS applications like office365 with the published list of IPs and/or URLs for creating firewall rules for IT admins.

policy/acl

egressaclentrytemplates
Security Policy Entries defines what action to take for a particular type of traffic, based on its origin and its destination, its protocol, EtherType, eventual ports, DSCP value and other information.
egressacltemplates
An egress security policy is a set of rules defining how network traffic is treated within a domain. Egress Security Policies control traffic flowing out of the network.
egressadvfwdentrytemplates
Egress forwarding policy rules define what action to take for a particular type of traffic, based on its origin, destination, protocol, EtherType, ports, DSCP value and other information. Supported actions are to redirect traffic, change the forwarding class of the traffic or to allow traffic to pass untouched.
egressadvfwdtemplates
Create a table for egress forwarding policy rules. These include flow redirect rules and forwarding class override rules.
egressauditaclentrytemplates
Egress Audit Policy Entries defines what action to take for a particular type of traffic, based on its origin and its destination, its protocol, EtherType, eventual ports, DSCP value and other information.
egressauditacltemplates
An egress audit policy is a set of rules defining how network traffic is monitored and mirrored from a domain for Audit purposes
ingressaclentrytemplates
Security Policy Entries defines what action to take for a particular type of traffic, based on its origin and its destination, its protocol, EtherType, eventual ports, DSCP value and other information.
ingressacltemplates
An ingress security policy is a set of rules defining how network traffic is treated within a domain. Ingress Security Policies control traffic flowing into the network.
ingressadvfwdentrytemplates
Security Policy Entries defines what action to take for a particular type of traffic, based on its origin and its destination, its protocol, EtherType, eventual ports, DSCP value and other information.
ingressadvfwdtemplates
Create a table for ingress forwarding policy rules. These include flow redirect rules and forwarding class override rules.
ingressauditaclentrytemplates
Security Policy Entries defines what action to take for a particular type of traffic, based on its origin and its destination, its protocol, EtherType, eventual ports, DSCP value and other information.
ingressauditacltemplates
An ingress audit policy is a set of rules defining how network traffic is treated within a domain.

policy/dscpmapping

cosremarkingpolicies
Provides the definition of a single Forwarding class to CoS mapping that is part of a COS Remarking Policy Table used in QoS policies.
cosremarkingpolicytables
Provides the definition of a table that holds multiple FC to Dot1p mappings . Used in Egress QoS policies.
dscpremarkingpolicies
Provides the definition of a single Forwarding class to DSCP mapping that is part of a DSCP Remarking table used in Egress QoS policies.
dscpremarkingpolicytables
Provides the definition of a table that holds multiple Forwarding class to DSCP mappings. Used in Egress QoS policies.

policy/qos

egressqospolicies
An Egress QoS Policy is a policy that groups rate-limiting profiles, traffic directionality and classifiers to govern the rate of traffic being sent or received by an end-host or application.
ingressqospolicies
A Tunnel Shaper QoS Policy is a policy that groups rate-limiting profiles, traffic directionality and classifiers to govern the rate of traffic being sent or received by an end-host or application.
qos
QoS policies enable you to classify and limit network traffic.
qospolicers
QoS Policer ensures that traffic adheres to the stipulated QoS defined in your network. Contains Rate and Burst configurations and can be associated to VLANs.
ratelimiters
Set of traffic management parameters describing a desired traffic profile. Rate-limiters are used by QoS policies to enforce per Class of Server rate-conformance.

policy/urlfiltering

destinationurls
destination URL under tier
tiers
When the customer creates an HTTP probe, VSD will automatically create Tier1 and Tier2 under it with default properties.

stats

bulkstatistics
Retrieves the statistics for a particular Entity and its immediate child entity.
esilmpolicies
An Elasticsearch Index Lifecycle Management Policy defines the phases and actions to manage the lifecycle of an ES index.
esindexconfigs
Elasticsearch Index configuration
ltestatistics
Retrieves statistical information for LTE uplinks.
statistics
Retrieves the statistics for a particular domain, zone, subnet, or VM.
statisticscollector
Identifies the IP address of the stats collector entity that must be used.
statisticspolicies
Defines the frequency of statistics collection associated with an object.
tcas
Provides the definition of the Threshold Control Alarms.

sysmon

bgppeers
Encapsulates the BGP peer information for system monitor entity.
components
System Monitoring details for components of VSD system.
controllervrslinks
System Monitoring details for VRS connected to VSC or HSC
hscs
System Monitoring details for hardware service controllers.
monitoringports
Encapsulates the port information for system monitoring entity.
monitorscopes
Monitoring Scope bound Performance monitors to either ALL or a sub-set of NSGs. Scope is defined by selecting NSGs that should execute Performance Monitors.
multinicvports
Encapsulates the Multi NIC VPort information for system monitoring entity.
vrss
System Monitoring details for VRS connected to VSC or HSC
vscs
System Monitoring details for VSC.
vsds
System Monitoring details for VSD. This is deprecated and no longer provided through the Nuage API. This information can now be gathered through the Monit API.
vsps
System Monitoring details for VSP.

systemconfig

systemconfigs
The System Configuration which can be dynamically managed using REST Api.

threatprevent

threatpreventioninfos
Represents information about Threat Prevention service/instance on NSG. This is read only entity.

tpcloud

azureclouds
Represents Azure Cloud account to configure IKE entities.

underlaytest

udpprobetestresult
UDP Probe Test Result
tcpconnecttestresult
TCP Connect Test Result
bandwidthtestresult
Bandwidth Test Result
mtudiscoverytestresult
MTU Discovery Test Result

usermgmt

avatars
Avatar
enterpriseprofiles
Enterprise profile, used to store an enterprise's policies, quota etc.
enterprises
Definition of the enterprise object. This is the top level object that represents an enterprise.
groups
Identifies a group within an enterprise
ldapconfigurations
Configuration of LDAP parameters associated with an enterprise. This will enable authentication through an external LDAP server for this enterprise.
me
Object that identifies the user functions
permissions
User groups that are granted permissions for objects such as domains, zones, and subnets can see and manipulate everything within the object.
usercontexts
This defines a proxy class to expose some of the configuration parameters which are required by UI
users
Users represent people of your organization. A user can be placed into a group and this group can have some permissions to add VMs into a domain for instance.

virtualfirewall

virtualfirewallpolicies
Defines the template for a Virtual Firewall Policy that helps to group a set of rules either based on functions or actions
virtualfirewallrules
Virtual firewall rules define intent based security policy entries to control traffic between source/destinations in the network. Virtual firewall rules are inherently stateful and are enforced as Ingress/Egress stateful ACLs in Nuage policy enforcement points

vm

diskstats
Encapsulates the disk usage metrics for system monitor entity.
resync
Provide information about the state of a VM resync request.
vminterfaces
API that can retrieve the VM interface associated with a domain, zone or subnet for mediation created VM's for REST created VM interfaces you need to set the additional proxy header in http request : X-Nuage-ProxyUservalue of the header has to be either :1) enterpriseName@UserName (example :bob@Nokia), or 2) external ID of user in VSD, typically is UUID generally decided by the CMS tool in questionUser needs to have CMS privileges to use proxy user header.
vms
API that can retrieve the VMs associated with a domain, zone or subnet for mediation created VM's for REST created VM's you need to set the additional proxy user header in http request : X-Nuage-ProxyUservalue of the header has to be either :1) enterpriseName@UserName (example : Nokia@bob), or 2) external ID of user in VSD, typically is UUID generally decided by the CMS tool in questionUser needs to have CMS privileges to use proxy user header.

vmware

autodiscoveredclusters
No description available
autodiscovereddatacenters
No description available
autodiscoveredhypervisors
No description available
eamconfigs
The EAM solution configuration.
vcenterclusters
VCenter Clusters.
vcenterdatacenters
VCenter DataCenters.
vcenterhypervisors
Host or Hypervisors.
vcenters
Represents a VCenter.
vrsaddressranges
This is the definition of a Address Range associated with a VRS.
vrsconfigs
Default VRS Configuration parameters
vrsmetrics
No description available
vrsredeploymentpolicies
No description available

vnf

vnfcatalogs
Represents VNF Catalog
vnfdescriptors
The behavioral and deployment information of a VNF is defined in the VNF descriptor template. The template is based on the libvirt domain XML and is on-boarded in a VNF catalog. The resource requirements for CPU, memory and storage are defined in this screen and the rest of the template is inherited from the VNF Metadata object.
vnfdomainmappings
This represents domain segment identifier which is unique for domain per NSGateway.
vnfinterfacedescriptors
The interfaces attached to the VNF descriptor. The interfaces are used for management and datapath traffic. Atleast one interface should be designated as a management interface
vnfinterfaces
Represent VNF interface, This can not be created directly, it will be generated from VNF Interface Descriptor when VNF instance is created.
vnfmetadatas
The VNF deployment properties that includes the location of the image, bootstrap config and rest of the libvirt domain XML template defined as text file.
vnfs
Instantiation of a VNF on a specified Network Services Gateway that has the resources to manage a VNF.
vnfthresholdpolicies
VNF Threshold Policy represents thresholds for resources consumed by VNF instance running on NS Gateway and action to be taken when resource utilization crosses configured thresholds.

vport

brconnections
Configuration of VNS Gateway Border Router connection
bridgeinterfaces
Provides information for each bridge interface.
demarcationservices
Demarcation services provide the interconnection between the datacenter networks and the Wide Area Network.
hostinterfaces
Provides information for each host interface.
mirrordestinationgroups
Mirror destination group is a collection of mirror destination objects.
mirrordestinations
Mirror Destinations are underlay-reachable IP addresses to which the mirrored traffic will be sent. On the server identified by the IP, a tool like Wireshark can be used to capture and analyse the traffic going through a VPort. The mirrored traffic is sent to the collector using GRE encapsulation.
overlaymirrordestinations
Overlay mirror destinations are pointed to by advanced forwarding policies as the destination for redirected traffic. Targets can be of two types, L3 or virtual wire. For L3 targets a virtual IP should be provided as it allows the system to track among which of the end-points belonging to the overlay mirror destination is the active one. For this type of redirect the packet's destination MAC address is changed to match that of the Virtual IP. For virtual-wire redirection targets, the packets are untouched and forwarded directly to the end-point.
overlaymirrordestinationtemplates
Overlay mirror destinations are pointed to by advanced forwarding policies as the destination for redirected traffic. Targets can be of two types, L3 or virtual wire. For L3 targets a virtual IP should be provided as it allows the system to track among which of the end-points belonging to the overlay mirror destination is the active one. For this type of redirect the packet's destination MAC address is changed to match that of the Virtual IP. For virtual-wire redirection targets, the packets are untouched and forwarded directly to the end-point.
pgexpressions
Policy Group Expression is an expression consisting of policy groups defined at Domain or L2 Domain Instance.
pgexpressiontemplates
Policy Group Expression Template is an expression consisting of policy groups defined at Domain Template or L2 Domain Template
policygroupcategories
Policy Group Categories are used to group Policy Group tags of similar type (e.g., Application, App-Tier, Location etc.) to provide additional context for flow visualization and analytics
policygroups
Policy groups are collections of VPorts that are used as building blocks for security policies encompassing multiple end-points. One or more vports can be added to a policy group using this interface.
policygrouptemplates
PolicyGroupTemplate represents the template of a policy group object. PolicyGroup is group of vports on which a user can policies like ACL, QoS, etc.
redirectiontargets
Redirection targets are pointed to by advanced forwarding policies as the destination for redirected traffic. Targets can be of two types, L3 or virtual wire. For L3 targets a virtual IP should be provided as it allows the system to track among which of the end-points belonging to the redirection target is the active one. For this type of redirect the packet's destination MAC address is changed to match that of the Virtual IP. For virtual-wire redirection targets, the packets are untouched and forwarded directly to the end-point.
redirectiontargettemplates
Template for a vporttag. It can be created only at the template level and available for all instances.
virtualips
Virtual IPs are IP addresses owned by one or more vports that can move among those vports. VSP will track the owner of a virtual IP and steer traffic accordingly. Virtual IPs can be used as next-hops for static routes and other re-direction purposes.
vportmirrors
VPort Mirror represents the relationship between a vport and a mirror destination.
vports
VPorts are a new level in the domain hierarchy, intended to provide more granular configuration than at subnet, and also support a split workflow, where the vPort is configured and associated with a VM port (or gateway port) before the port exists.

vrs

remotevrsinfos
Represents a VRS present in a remote DC across WAN. SRIC populates this object. This is used for NFIX(Network Function Interconnect).
vrsinfos
Represents the VRSs managed by VSD. nodeSegmentID is populated by SRIC. This is used for NFIX(Network Function Interconnect).

webcategory

webcategories
This entity provides the definition of Web Category. It will be used in ACL definition to filter web traffic.
webdomainnames
A domain name is an identification string that defines a realm of administrative autonomy, authority or control within the Internet