NetconfCentral:

Grouping	Objects	Abstract
access-profile-template	name apply-groups apply-groups-except apply-macroconfig-payload-password	Configure an access profile
address-book-type	apply-groups apply-groups-except apply-macroaddress address-set	Configure security address book for the zone
address_set_type	name apply-groups apply-groups-except apply-macrodescription address address-set
address_type	name apply-groups apply-groups-except apply-macrodescription address-content
advpn-suggester-partner	apply-groups apply-groups-except apply-macrosuggester partner	Configure ADVPN Suggester Partner
alg-object	apply-groups apply-groups-except apply-macrotraceoptions alg-manager alg-support-lib dns ftp h323 mgcp msrpc sunrpc rsh rtsp sccp sip sql talk tftp pptp ike-esp-nat twamp
anti-spam-feature	apply-groups apply-groups-except apply-macrosbl	Anti-spam feature
anti-spam-traceoptions	apply-groups apply-groups-except apply-macroflag	Trace options for anti-spam feature
anti-virus-feature	apply-groups apply-groups-except apply-macromime-whitelist url-whitelist type profile traceoptions sophos-engine	Anti-virus feature
anti-virus-notification-options	apply-groups apply-groups-except apply-macrovirus-detection fallback-block fallback-non-block	Anti-virus notification options
anti-virus-pattern-update	apply-groups apply-groups-except apply-macroemail-notify url proxy-profile routing-instance interval start-time no-autoupdate	Anti-virus pattern update
anti-virus-traceoptions	apply-groups apply-groups-except apply-macroflag	Trace options for anti-virus feature
anti-virus-trickling	timeout	Anti-virus trickling
apbr_rule_type	name apply-groups apply-groups-except apply-macrodisable-midstream-routing match then
appfw_rule_type	name apply-groups apply-groups-except apply-macromatch then
application_services_type	apply-groups apply-groups-except apply-macrogtp-profile sctp-profile idp packet-capture idp-policy ssl-proxy web-proxy uac-policy utm-policy icap-redirect application-firewall application-traffic-control wx-redirection security-intelligence-policy advanced-anti-malware-policy security-intelligence	Application Services
apply-advanced	apply-groups apply-groups-except apply-macro	Apply advanced configuration logic
apply-macro-type	name data	Macro data for commit-script expansion
appqoe-node	apply-groups apply-groups-except apply-macroip-address	Set node info
appqoe-probe-params	apply-groups apply-groups-except apply-macrodata-fill data-size per-packet-loss-timeout probe-interval probe-count burst-size sla-export-interval dscp-code-points forwarding-class loss-priority	Active probe parameters
appqoe-probe-path	apply-groups apply-groups-except apply-macrolocal remote	Set probe path details
appqoe_sla_metric_profile	apply-groups apply-groups-except apply-macrodelay-round-trip jitter jitter-type packet-loss match	Metric Name
authentication-source-type	name apply-groups apply-groups-except apply-macroauthentication-source-option	Configure user-identification authentication-source
av-fallback-settings	apply-groups apply-groups-except apply-macrodefault content-size engine-not-ready timeout out-of-resources too-many-requests decompress-err	Anti-virus fallback settings
aws-object	apply-groups apply-groups-except apply-macrocloudwatch
block-allocation-object	apply-groups apply-groups-except apply-macroblock-size maximum-blocks-per-host active-block-timeout interim-logging-interval last-block-recycle-timeout log	Port block allocation
by-protocol-object-limit-tcp-type	apply-groups apply-groups-except apply-macromaximum-sessions packet-rate session-rate whitelist syn-cookie	Configure the limit-session for tcp protocol
by-protocol-object-limit-type	apply-groups apply-groups-except apply-macromaximum-sessions packet-rate session-rate whitelist	Configure the limit-session for each protocol
by-protocol-object-type	apply-groups apply-groups-except apply-macrotcp udp icmp	Configure limit-session on the basis of protocol
category-list-type	name apply-groups apply-groups-except apply-macrovalue	Configure category-list object
certificate-object	name apply-groups apply-groups-except apply-macrocertificate
chain-member-type	name apply-groups apply-groups-except apply-macroattack-type	Chain member
clients-object	name apply-groups apply-groups-except apply-macroremote-protected-resources remote-exceptions ipsec-vpn user user-groups
command-list-type	name apply-groups apply-groups-except apply-macrovalue	Configure command-list object
content-filtering-feature	apply-groups apply-groups-except apply-macroprofile	Content-filtering feature
content-filtering-traceoptions	apply-groups apply-groups-except apply-macroflag	Trace options for content-filtering feature
context_application_services_type	apply-groups apply-groups-except apply-macrosecurity-metadata-streaming-policy
count_type	apply-groups apply-groups-except apply-macro
custom-attack-group-type	name apply-groups apply-groups-except apply-macroattack-group-description group-members	Define custom attack group
custom-attack-type	name apply-groups apply-groups-except apply-macroattack-description recommended-action severity time-binding detection-filter attack-type	Define custom attack
custom-category-type	name apply-groups apply-groups-except apply-macroaction custom-message	Custom category type
custom-message-type	name apply-groups apply-groups-except apply-macrotype contents	Configure custom-message object
default-anti-spam-feature	apply-groups apply-groups-except apply-macrotype address-whitelist address-blacklist traceoptions sbl	Anti-spam feature
default-anti-virus-feature	apply-groups apply-groups-except apply-macromime-whitelist url-whitelist type forwarding-mode scan-options trickling notification-options fallback-options traceoptions avira-engine sophos-engine	Anti-virus feature
default-content-filtering-feature	apply-groups apply-groups-except apply-macrotype traceoptions permit-command block-command block-extension block-mime block-content-type notification-options	Content-filtering feature
default-juniper-enhanced-type	apply-groups apply-groups-except apply-macrocache server reputation query-type base-filter category site-reputation-action default custom-message fallback-settings timeout no-safe-search	Juniper Enhanced
default-juniper-local-type	apply-groups apply-groups-except apply-macrodefault category custom-message no-safe-search fallback-settings timeout	Juniper local
default-sbl-type	apply-groups apply-groups-except apply-macrosbl-default-server-choice spam-action custom-tag-string	SBL type
default-sophos-scan-options	apply-groups apply-groups-except apply-macrouri-check-choice content-size-limit timeout	Anti-virus scan options
default-webfilter-feature	apply-groups apply-groups-except apply-macrourl-whitelist url-blacklist http-reassemble http-persist type traceoptions websense-redirect juniper-local juniper-enhanced	Web-filtering feature settings
default-websense-type	apply-groups apply-groups-except apply-macroserver category custom-message no-safe-search fallback-settings timeout sockets account	Websense redirect
destination_nat_enable_type	apply-groups apply-groups-except apply-macrodestination_nat	Enable Destination NAT
dest-nat-rule-object	name apply-groups apply-groups-except apply-macrodescription dest-nat-rule-match then
deterministic-object	apply-groups apply-groups-except apply-macroblock-size det-nat-configuration-log-interval host include-boundary-addresses	Deterministic nat allocation
dns-name-type	name apply-groups apply-groups-except apply-macroipv4-only ipv6-only	DNS address name
dynamic-attack-group-type	name apply-groups apply-groups-except apply-macroattack-group-description filters	Define dynamic attack group
e2e-action-profile	name apply-groups apply-groups-except apply-macropreserve-trace-order record-pic-history event module
e2e-event	name apply-groups apply-groups-except apply-macrotrace count packet-summary packet-dump
e2e-module	name apply-groups apply-groups-except apply-macroflag
end-to-end-debug-filter	name apply-groups apply-groups-except apply-macroaction-profile protocol source-prefix destination-prefix source-port destination-port interface	End to end debug packer filter settings
extension-list-type	name apply-groups apply-groups-except apply-macrovalue	Configure extension-list object
firewall_authentication_type	apply-groups apply-groups-except apply-macroauth-type push-to-identity-management
flow-filter-type	name apply-groups apply-groups-except apply-macroprotocol source-prefix destination-prefix conn-tag logical-system source-port destination-port interface	Flow filter settings
flow-traceoptions-object	apply-groups apply-groups-except apply-macrono-remote-trace file flag rate-limit packet-filter trace-level root-override	Trace options for flow services
gtp-object	apply-groups apply-groups-except apply-macroprofile traceoptions handover-default ip-group ie-set message-ie-profile-v1 grouped-ie-profile message-ie-profile-v2 message-list rate-limit apn-control apn-control-group
gvpn-ike-policy	name apply-groups apply-groups-except apply-macromode description proposals pre-shared-key
gvpn-member	apply-groups apply-groups-except apply-macroike ipsec
gvpn-member-ike	apply-groups apply-groups-except apply-macrotraceoptions proposal policy gateway
gvpn-member-ike-proposal	name apply-groups apply-groups-except apply-macrodescription authentication-method dh-group authentication-algorithm encryption-algorithm lifetime-seconds
gvpn-member-ipsec-vpn	apply-groups apply-groups-except apply-macrovpn
gvpn-server	apply-groups apply-groups-except apply-macrotraceoptions ike ipsec group
gvpn-server-cluster	apply-groups apply-groups-except apply-macroserver-role ike-gateway retransmission-period	Server-Cluster for group VPN
gvpn-server-group-ipsecsa	name apply-groups apply-groups-except apply-macroproposal match-policy	Configure a Group VPN group SA
gvpn-server-group-ipsecsa-match	name apply-groups apply-groups-except apply-macrosource destination source-port destination-port protocol	Configure a Group VPN group SA policy
gvpn-server-group-template	name apply-groups apply-groups-except apply-macrodescription group-id member-threshold server-cluster ike-gateway activation-time-delay anti-replay-time-window server-member-communication ipsec-sa	Configure a Group VPN group
gvpn-server-ike	apply-groups apply-groups-except apply-macroproposal policy gateway
gvpn-server-ike-gateway	name apply-groups apply-groups-except apply-macro	Configure a set of IKE gateways
gvpn-server-ike-gateway-sc	name apply-groups apply-groups-except apply-macro	Configure a set of IKE gateways
gvpn-server-ike-proposal	name apply-groups apply-groups-except apply-macrodescription authentication-method authentication-algorithm dh-group encryption-algorithm
gvpn-server-ipsec-proposal	name apply-groups apply-groups-except apply-macrodescription authentication-algorithm encryption-algorithm lifetime-seconds
gvpn-server-ipsec-vpn	apply-groups apply-groups-except apply-macroproposal
gvpn-server-member-communication	apply-groups apply-groups-except apply-macrocommunication-type lifetime-seconds retransmission-period number-of-retransmission heartbeat encryption-algorithm sig-hash-algorithm certificate	Group VPN Server to Member communication
gvpn-server-traceoptions	apply-groups apply-groups-except apply-macrono-remote-trace file level flag gateway-filter	Group VPN server tracing options
host-inbound-protocols-object-type	name apply-groups apply-groups-except apply-macroexcept	Protocol type of incoming traffic to accept
host-object	apply-groups apply-groups-except apply-macroipaddr port routing-instance log-tag
httpd_dvpn_traceoptions_type	apply-groups apply-groups-except apply-macrono-remote-trace file level flag	Trace options for dynamic-vpn process
idpd-traceoptions-type	apply-groups apply-groups-except apply-macrono-remote-trace file flag level	Trace options for idpd
idp-policy-type	name rulebase-ips rulebase-exempt
ids-option-type	name apply-groups apply-groups-except apply-macrodescription alarm-without-drop match-direction aggregation icmp ip tcp udp limit-session	Configure screen object
ids-wlist-type	name apply-groups apply-groups-except apply-macroaddress
ie-filter-object	name apply-groups apply-groups-except apply-macroinstance
ike-policy	name apply-groups apply-groups-except apply-macromode reauth-frequency description proposals certificate proposal-set pre-shared-key
ike-proposal	name apply-groups apply-groups-except apply-macrodescription authentication-method dh-group authentication-algorithm encryption-algorithm lifetime-seconds
interface_host_inbound_traffic_t	apply-groups apply-groups-except apply-macrosystem-services protocols
interface-system-services-object-type	name apply-groups apply-groups-except apply-macroexcept	Type of incoming system-service traffic to accept
ipsec_gvpn_addr_object	apply-groups apply-groups-except apply-macroaddress
ipsec_gvpn_exclude_rule_object	apply-groups apply-groups-except apply-macrorule
ipsec_gvpn_fail_open_rule_object	apply-groups apply-groups-except apply-macrorule
ipsec-gvpn-member-template	name apply-groups apply-groups-except apply-macroike-gateway group-vpn-external-interface group heartbeat-threshold recovery-probe df-bit fail-open exclude	Configure a Group VPN
ipsec_gvpn_rule_address_object	name apply-groups apply-groups-except apply-macrosource-address destination-address application
ipsec-internal-sa	apply-groups apply-groups-except apply-macromanual
ipsec-policy	name apply-groups apply-groups-except apply-macrodescription perfect-forward-secrecy proposals proposal-set
ipsec-proposal	name apply-groups apply-groups-except apply-macrodescription protocol authentication-algorithm encryption-algorithm lifetime-seconds lifetime-kilobytes
ipsec-sa	name apply-groups apply-groups-except apply-macrodescription mode sa_choice
ipsec-template-monitor	apply-groups apply-groups-except apply-macrooptimized source-interface destination-ip verify-path	Configure VPN monitoring
ipsec-template-proxy-id	apply-groups apply-groups-except apply-macrolocal remote service	Proxy identity settings
ipsec-traceoptions	apply-groups apply-groups-except apply-macroflag	Data-plane IPSec tracing options
ipsec-vpn-monitor	apply-groups apply-groups-except apply-macrointerval threshold	Configure VPN monitoring
ipsec-vpn-template	name apply-groups apply-groups-except apply-macroha-link-encryption bind-interface df-bit multi-sa copy-outer-dscp vpn-monitor negotiation traffic-selector establish-tunnels udp-encapsulate	Configure an IPSec VPN
jsf_application_traffic_control_rule_set_type	apply-groups apply-groups-except apply-macrorule-set	Define service application traffic rule-set reference
jsf_service_rule_set_type	apply-groups apply-groups-except apply-macrorule-set	Define service rule set reference
juniper-enhanced-category-type	name apply-groups apply-groups-except apply-macroaction custom-message	Juniper enhanced category type
juniper-enhanced-server	apply-groups apply-groups-except apply-macrohost port proxy-profile routing-instance source-address	Server handling categorization requests
juniper-enhanced-site-reputation-setting	apply-groups apply-groups-except apply-macrovery-safe moderately-safe fairly-safe suspicious harmful	Juniper enhanced site reputation settings
juniper-enhanced-type	apply-groups apply-groups-except apply-macroprofile	Juniper Enhanced
juniper-local-type	apply-groups apply-groups-except apply-macroprofile	Juniper local
logical-system-type	name apply-groups apply-groups-except apply-macromax-sessions	Logical system name
log-object	apply-groups apply-groups-except apply-macroexclude limit cache disable utc-timestamp mode event-rate format escape time-format rate-cap max-database-record report source transport facility-override local-log-tag local-category root-streaming stream file apply traceoptions profile	Configure security log
log_type	apply-groups apply-groups-except apply-macrosession-init session-close session-update sfw profile
macro-data-type	name value
macsec-trace-options	apply-groups apply-groups-except apply-macrofile flag	Trace options for MACSec Protocol
map-e-domain	name apply-groups apply-groups-except apply-macroconfidentiality br-address end-user-prefix rule role version	Configure a MAP-E domain
map-e-rule	name apply-groups apply-groups-except apply-macrorule-type ipv4-prefix ipv6-prefix ea-bits-length psid-offset psid-len mtu-v6 v4-reassembly v6-reassembly disable-auto-route	Configure a MAP-E rule
match_source_end_user_profile_value	apply-groups apply-groups-except apply-macrosource-end-user-profile-name
message-object	apply-groups apply-groups-except apply-macrov0 v1 v2
mime-list-type	name apply-groups apply-groups-except apply-macrovalue	Configure mime-list object
mirror-filter-type	name apply-groups apply-groups-except apply-macroprotocol source-prefix destination-prefix source-port destination-port interface-in interface-out output	Secuirty mirror filter settings
mka-trace-options	apply-groups apply-groups-except apply-macrofile flag	Trace options for MKA protocol
named-address-book-type	name apply-groups apply-groups-except apply-macrodescription address address-set attach	Configure global address book
nat-object	apply-groups apply-groups-except apply-macrosource destination static proxy-arp proxy-ndp natv6v4 allow-overlapping-pools traceoptions ipv6-multicast-interfaces port-forwarding	Configure Network Address Translation
nat-rule-session-count-alarm-object	apply-groups apply-groups-except apply-macroraise-threshold clear-threshold
persistent-nat-object	apply-groups apply-groups-except apply-macropermit address-mapping inactivity-timeout max-session-number
pf_mapping	name apply-groups apply-groups-except apply-macrodestined-port
policy-object-type	apply-groups apply-groups-except apply-macrotraceoptions policy global policy-set default-policy policy-rematch policy-stats pre-id-default-policy unified-policy dns-cache stateful-firewall-rule stateful-firewall-rule-set
policy_type	name apply-groups apply-groups-except apply-macrodescription match then scheduler-name report-skip
port-range	name maximum-port	Port ranges
profile-setting	name apply-groups apply-groups-except apply-macroanti-virus content-filtering web-filtering anti-spam traffic-options	UTM policy settings
proto-object	name apply-groups apply-groups-except apply-macrotunable-name
ragw-traceoptions	apply-groups apply-groups-except apply-macrono-remote-trace file level flag
range-address-type	name apply-groups apply-groups-except apply-macroto	Range address
rate-limit-object	apply-groups apply-groups-except apply-macroalarm-threshold drop-threshold message
remote-access-client-config	name apply-groups apply-groups-except apply-macroconnection-mode biometric-authentication windows-logon no-dead-peer-detection dead-peer-detection no-tcp-encap no-eap-tls certificate
remote-access-profile-config	name apply-groups apply-groups-except apply-macrodescription ipsec-vpn access-profile client-config
remote-access-traceoptions	apply-groups apply-groups-except apply-macrono-remote-trace file level flag
sbl-type	apply-groups apply-groups-except apply-macroprofile	SBL type
sctp-object	apply-groups apply-groups-except apply-macroprofile multichunk-inspection nullpdu log traceoptions
secure-wire-type	name apply-groups apply-groups-except apply-macrointerface	Secure-wire cross connection
security-association-manual	apply-groups apply-groups-except apply-macrodirection
security-authentication-key-chains	apply-groups apply-groups-except apply-macrokey-chain
security-group	security
security-group-vpn	apply-groups apply-groups-except apply-macromember server
security-ike	apply-groups apply-groups-except apply-macrotraceoptions respond-bad-spi proposal policy gateway
security_intelligence_feeds	apply-groups apply-groups-except apply-macroadd-source-ip-to-feed add-destination-ip-to-feed add-source-identity-to-feed add-destination-identity-to-feed	Specify the feed post action
security-ipsec-policies	apply-groups apply-groups-except apply-macrofrom-zone
security-ipsec-policy	from-zone-name to-zone apply-groups apply-groups-except apply-macroipsec-group-vpn
security-ipsec-vpn	apply-groups apply-groups-except apply-macrointernal traceoptions vpn-monitor-options proposal policy vpn security-association
security-macsec	apply-groups apply-groups-except apply-macrotraceoptions connectivity-association interfaces cluster-control-port cluster-data-port
security-pki	apply-groups apply-groups-except apply-macroca-profile trusted-ca-group trap auto-re-enrollment traceoptions
security-traceoptions	apply-groups apply-groups-except apply-macrono-remote-trace file rate-limit filter flag	Trace options for key management process
security-zone-type	name apply-groups apply-groups-except apply-macrodescription tcp-rst address-book screen host-inbound-traffic interfaces application-tracking source-identity-log advance-policy-based-routing-profile enable-reverse-reroute unidirectional-session-refreshing advanced-connection-tracking	Security zone
server	apply-groups apply-groups-except apply-macrohost port routing-instance source-address	Server settings
session_timeout_type	apply-groups apply-groups-except apply-macrotcp udp ospf icmp icmp6 others
sla_application_services_type	apply-groups apply-groups-except apply-macroadvance-policy-based-routing-profile	Application Services
sla_policy_type	name apply-groups apply-groups-except apply-macrodescription match then scheduler-name
softwire-option-type	name apply-groups apply-groups-except apply-macrosoftwire-concentrator softwire-type ipv4-prefix v6rd-prefix mtu-v4 mtu-v6 auto-update-mtu copy-dscp flow-limit session-limit-per-prefix	Configure softwire object
softwires-object	apply-groups apply-groups-except apply-macrosoftwire-name softwire-types map-e traceoptions rule-set	Configure softwire feature
sophos-scan-options	apply-groups apply-groups-except apply-macrouri-check-choice content-size-limit timeout	Anti-virus scan options
source-nat-pool-utilization-alarm-object	apply-groups apply-groups-except apply-macroraise-threshold clear-threshold
src-nat-rule-object	name apply-groups apply-groups-except apply-macrodescription src-nat-rule-match then
ssg-destination-nat-object	apply-groups apply-groups-except apply-macropool port-forwarding rule-set
ssg-interface-object	name apply-groups apply-groups-except apply-macroaddress
ssg-proxy-arp-object	apply-groups apply-groups-except apply-macrointerface
ssg-proxy-ndp-interface-object	name apply-groups apply-groups-except apply-macroaddress
ssg-proxy-ndp-object	apply-groups apply-groups-except apply-macrointerface
ssg-source-nat-object	apply-groups apply-groups-except apply-macropersistent-nat pool address-persistent session-persistence-scan session-drop-hold-down pool-utilization-alarm port-randomization port-round-robin port-scaling-enlargement pool-distribution pool-default-port-range pool-default-twin-port-range interface rule-set
ssg-static-nat-object	apply-groups apply-groups-except apply-macrorule-set
static-nat-rule-mapped-port-object	apply-groups apply-groups-except apply-macrolow to
static-nat-rule-object	name apply-groups apply-groups-except apply-macrodescription static-nat-rule-match then
surf-control-integrated-category-type	name apply-groups apply-groups-except apply-macroaction	Surf control integrated category type
surf-control-integrated-type	apply-groups apply-groups-except apply-macrocache server profile	Surf control integrated
sw-rule-set-object	name apply-groups apply-groups-except apply-macrorule match-direction
tenant-system-type	name apply-groups apply-groups-except apply-macromax-sessions	Tenant name
time-format-object	apply-groups apply-groups-except apply-macroyear millisecond
tunable-object	name apply-groups apply-groups-except apply-macrotunable-value
tunnel-inspection-profile-type	name apply-groups apply-groups-except apply-macroinspection-type	Configure tunnel-inspection profile
tunnel-inspection-vni-type	name apply-groups apply-groups-except apply-macrovni-type	VNI config
tunnel_type	apply-groups apply-groups-except apply-macroipsec-vpn-choice pair-policy	Tunnel packets
url-list-type	name apply-groups apply-groups-except apply-macrovalue	Configure url-list object
usf-range-address-type	name apply-groups apply-groups-except apply-macroto	Range address
utm-apppxy-traceoptions	apply-groups apply-groups-except apply-macroflag	Traceoptions for utm application proxy process
utm-ipc-traceoptions	apply-groups apply-groups-except apply-macroflag	Traceoptions for utm IPC
utm-traceoptions	apply-groups apply-groups-except apply-macroflag	Trace options for utm process
vendor-object	name apply-groups apply-groups-except apply-macroproduct-name
vni-list-type	name
vni-range-type	name apply-groups apply-groups-except apply-macroto
vrf-group-type	name apply-groups apply-groups-except apply-macrovrf	Configure vrf group object
vxlan-tunnel-type	name apply-groups apply-groups-except apply-macropolicy-set vni	Configure vxlan tunnel
webfilter-feature	apply-groups apply-groups-except apply-macrosurf-control-integrated websense-redirect juniper-local juniper-enhanced	Web-filtering feature settings
web-filtering-fallback-setting	apply-groups apply-groups-except apply-macrodefault server-connectivity timeout too-many-requests	Web-filtering fallback settings
web-filtering-traceoptions	apply-groups apply-groups-except apply-macroflag	Trace options for web-filtering feature
websense-type	apply-groups apply-groups-except apply-macroprofile	Websense redirect
wildcard-address-type	name apply-groups apply-groups-except apply-macro	Wildcard address and mask
zone_host_inbound_traffic_t	apply-groups apply-groups-except apply-macrosystem-services protocols
zone-interface-list-type	name apply-groups apply-groups-except apply-macrohost-inbound-traffic	Logical interfaces in this zone
zone-system-services-object-type	name apply-groups apply-groups-except apply-macroexcept	Type of incoming system-service traffic to accept

access-profile-template

name apply-groups apply-groups-except apply-macroconfig-payload-password

Configure an access profile

address-book-type

apply-groups apply-groups-except apply-macroaddress address-set

Configure security address book for the zone

address_set_type

name apply-groups apply-groups-except apply-macrodescription address address-set

address_type

name apply-groups apply-groups-except apply-macrodescription address-content

advpn-suggester-partner

apply-groups apply-groups-except apply-macrosuggester partner

Configure ADVPN Suggester Partner

alg-object

apply-groups apply-groups-except apply-macrotraceoptions alg-manager alg-support-lib dns ftp h323 mgcp msrpc sunrpc rsh rtsp sccp sip sql talk tftp pptp ike-esp-nat twamp

anti-spam-feature

apply-groups apply-groups-except apply-macrosbl

Anti-spam feature

anti-spam-traceoptions

apply-groups apply-groups-except apply-macroflag

Trace options for anti-spam feature

anti-virus-feature

apply-groups apply-groups-except apply-macromime-whitelist url-whitelist type profile traceoptions sophos-engine

Anti-virus feature

anti-virus-notification-options

apply-groups apply-groups-except apply-macrovirus-detection fallback-block fallback-non-block

Anti-virus notification options

anti-virus-pattern-update

apply-groups apply-groups-except apply-macroemail-notify url proxy-profile routing-instance interval start-time no-autoupdate

Anti-virus pattern update

anti-virus-traceoptions

apply-groups apply-groups-except apply-macroflag

Trace options for anti-virus feature

anti-virus-trickling

timeout

Anti-virus trickling

apbr_rule_type

name apply-groups apply-groups-except apply-macrodisable-midstream-routing match then

appfw_rule_type

name apply-groups apply-groups-except apply-macromatch then

application_services_type

apply-groups apply-groups-except apply-macrogtp-profile sctp-profile idp packet-capture idp-policy ssl-proxy web-proxy uac-policy utm-policy icap-redirect application-firewall application-traffic-control wx-redirection security-intelligence-policy advanced-anti-malware-policy security-intelligence

Application Services

apply-advanced

apply-groups apply-groups-except apply-macro

Apply advanced configuration logic

apply-macro-type

name data

Macro data for commit-script expansion

appqoe-node

apply-groups apply-groups-except apply-macroip-address

Set node info

appqoe-probe-params

apply-groups apply-groups-except apply-macrodata-fill data-size per-packet-loss-timeout probe-interval probe-count burst-size sla-export-interval dscp-code-points forwarding-class loss-priority

Active probe parameters

appqoe-probe-path

apply-groups apply-groups-except apply-macrolocal remote

Set probe path details

appqoe_sla_metric_profile

apply-groups apply-groups-except apply-macrodelay-round-trip jitter jitter-type packet-loss match

Metric Name

authentication-source-type

name apply-groups apply-groups-except apply-macroauthentication-source-option

Configure user-identification authentication-source

av-fallback-settings

apply-groups apply-groups-except apply-macrodefault content-size engine-not-ready timeout out-of-resources too-many-requests decompress-err

Anti-virus fallback settings

aws-object

apply-groups apply-groups-except apply-macrocloudwatch

block-allocation-object

apply-groups apply-groups-except apply-macroblock-size maximum-blocks-per-host active-block-timeout interim-logging-interval last-block-recycle-timeout log

Port block allocation

by-protocol-object-limit-tcp-type

apply-groups apply-groups-except apply-macromaximum-sessions packet-rate session-rate whitelist syn-cookie

Configure the limit-session for tcp protocol

by-protocol-object-limit-type

apply-groups apply-groups-except apply-macromaximum-sessions packet-rate session-rate whitelist

Configure the limit-session for each protocol

by-protocol-object-type

apply-groups apply-groups-except apply-macrotcp udp icmp

Configure limit-session on the basis of protocol

category-list-type

name apply-groups apply-groups-except apply-macrovalue

Configure category-list object

certificate-object

name apply-groups apply-groups-except apply-macrocertificate

chain-member-type

name apply-groups apply-groups-except apply-macroattack-type

Chain member

clients-object

name apply-groups apply-groups-except apply-macroremote-protected-resources remote-exceptions ipsec-vpn user user-groups

command-list-type

name apply-groups apply-groups-except apply-macrovalue

Configure command-list object

content-filtering-feature

apply-groups apply-groups-except apply-macroprofile

Content-filtering feature

content-filtering-traceoptions

apply-groups apply-groups-except apply-macroflag

Trace options for content-filtering feature

context_application_services_type

apply-groups apply-groups-except apply-macrosecurity-metadata-streaming-policy

count_type

apply-groups apply-groups-except apply-macro

custom-attack-group-type

name apply-groups apply-groups-except apply-macroattack-group-description group-members

Define custom attack group

custom-attack-type

name apply-groups apply-groups-except apply-macroattack-description recommended-action severity time-binding detection-filter attack-type

Define custom attack

custom-category-type

name apply-groups apply-groups-except apply-macroaction custom-message

Custom category type

custom-message-type

name apply-groups apply-groups-except apply-macrotype contents

Configure custom-message object

default-anti-spam-feature

apply-groups apply-groups-except apply-macrotype address-whitelist address-blacklist traceoptions sbl

Anti-spam feature

default-anti-virus-feature

apply-groups apply-groups-except apply-macromime-whitelist url-whitelist type forwarding-mode scan-options trickling notification-options fallback-options traceoptions avira-engine sophos-engine

Anti-virus feature

default-content-filtering-feature

apply-groups apply-groups-except apply-macrotype traceoptions permit-command block-command block-extension block-mime block-content-type notification-options

Content-filtering feature

default-juniper-enhanced-type

apply-groups apply-groups-except apply-macrocache server reputation query-type base-filter category site-reputation-action default custom-message fallback-settings timeout no-safe-search

Juniper Enhanced

default-juniper-local-type

apply-groups apply-groups-except apply-macrodefault category custom-message no-safe-search fallback-settings timeout

Juniper local

default-sbl-type

apply-groups apply-groups-except apply-macrosbl-default-server-choice spam-action custom-tag-string

SBL type

default-sophos-scan-options

apply-groups apply-groups-except apply-macrouri-check-choice content-size-limit timeout

Anti-virus scan options

default-webfilter-feature

apply-groups apply-groups-except apply-macrourl-whitelist url-blacklist http-reassemble http-persist type traceoptions websense-redirect juniper-local juniper-enhanced

Web-filtering feature settings

default-websense-type

apply-groups apply-groups-except apply-macroserver category custom-message no-safe-search fallback-settings timeout sockets account

Websense redirect

destination_nat_enable_type

apply-groups apply-groups-except apply-macrodestination_nat

Enable Destination NAT

dest-nat-rule-object

name apply-groups apply-groups-except apply-macrodescription dest-nat-rule-match then

deterministic-object

apply-groups apply-groups-except apply-macroblock-size det-nat-configuration-log-interval host include-boundary-addresses

Deterministic nat allocation

dns-name-type

name apply-groups apply-groups-except apply-macroipv4-only ipv6-only

DNS address name

dynamic-attack-group-type

name apply-groups apply-groups-except apply-macroattack-group-description filters

Define dynamic attack group

e2e-action-profile

name apply-groups apply-groups-except apply-macropreserve-trace-order record-pic-history event module

e2e-event

name apply-groups apply-groups-except apply-macrotrace count packet-summary packet-dump

e2e-module

name apply-groups apply-groups-except apply-macroflag

end-to-end-debug-filter

name apply-groups apply-groups-except apply-macroaction-profile protocol source-prefix destination-prefix source-port destination-port interface

End to end debug packer filter settings

extension-list-type

name apply-groups apply-groups-except apply-macrovalue

Configure extension-list object

firewall_authentication_type

apply-groups apply-groups-except apply-macroauth-type push-to-identity-management

flow-filter-type

name apply-groups apply-groups-except apply-macroprotocol source-prefix destination-prefix conn-tag logical-system source-port destination-port interface

Flow filter settings

flow-traceoptions-object

apply-groups apply-groups-except apply-macrono-remote-trace file flag rate-limit packet-filter trace-level root-override

Trace options for flow services

gtp-object

apply-groups apply-groups-except apply-macroprofile traceoptions handover-default ip-group ie-set message-ie-profile-v1 grouped-ie-profile message-ie-profile-v2 message-list rate-limit apn-control apn-control-group

gvpn-ike-policy

name apply-groups apply-groups-except apply-macromode description proposals pre-shared-key

gvpn-member

apply-groups apply-groups-except apply-macroike ipsec

gvpn-member-ike

apply-groups apply-groups-except apply-macrotraceoptions proposal policy gateway

gvpn-member-ike-proposal

name apply-groups apply-groups-except apply-macrodescription authentication-method dh-group authentication-algorithm encryption-algorithm lifetime-seconds

gvpn-member-ipsec-vpn

apply-groups apply-groups-except apply-macrovpn

gvpn-server

apply-groups apply-groups-except apply-macrotraceoptions ike ipsec group

gvpn-server-cluster

apply-groups apply-groups-except apply-macroserver-role ike-gateway retransmission-period

Server-Cluster for group VPN

gvpn-server-group-ipsecsa

name apply-groups apply-groups-except apply-macroproposal match-policy

Configure a Group VPN group SA

gvpn-server-group-ipsecsa-match

name apply-groups apply-groups-except apply-macrosource destination source-port destination-port protocol

Configure a Group VPN group SA policy

gvpn-server-group-template

name apply-groups apply-groups-except apply-macrodescription group-id member-threshold server-cluster ike-gateway activation-time-delay anti-replay-time-window server-member-communication ipsec-sa

Configure a Group VPN group

gvpn-server-ike

apply-groups apply-groups-except apply-macroproposal policy gateway

gvpn-server-ike-gateway

name apply-groups apply-groups-except apply-macro

Configure a set of IKE gateways

gvpn-server-ike-gateway-sc

name apply-groups apply-groups-except apply-macro

Configure a set of IKE gateways

gvpn-server-ike-proposal

name apply-groups apply-groups-except apply-macrodescription authentication-method authentication-algorithm dh-group encryption-algorithm

gvpn-server-ipsec-proposal

name apply-groups apply-groups-except apply-macrodescription authentication-algorithm encryption-algorithm lifetime-seconds

gvpn-server-ipsec-vpn

apply-groups apply-groups-except apply-macroproposal

gvpn-server-member-communication

apply-groups apply-groups-except apply-macrocommunication-type lifetime-seconds retransmission-period number-of-retransmission heartbeat encryption-algorithm sig-hash-algorithm certificate

Group VPN Server to Member communication

gvpn-server-traceoptions

apply-groups apply-groups-except apply-macrono-remote-trace file level flag gateway-filter

Group VPN server tracing options

host-inbound-protocols-object-type

name apply-groups apply-groups-except apply-macroexcept

Protocol type of incoming traffic to accept

host-object

apply-groups apply-groups-except apply-macroipaddr port routing-instance log-tag

httpd_dvpn_traceoptions_type

apply-groups apply-groups-except apply-macrono-remote-trace file level flag

Trace options for dynamic-vpn process

idpd-traceoptions-type

apply-groups apply-groups-except apply-macrono-remote-trace file flag level

Trace options for idpd

idp-policy-type

name rulebase-ips rulebase-exempt

ids-option-type

name apply-groups apply-groups-except apply-macrodescription alarm-without-drop match-direction aggregation icmp ip tcp udp limit-session

Configure screen object

ids-wlist-type

name apply-groups apply-groups-except apply-macroaddress

ie-filter-object

name apply-groups apply-groups-except apply-macroinstance

ike-policy

name apply-groups apply-groups-except apply-macromode reauth-frequency description proposals certificate proposal-set pre-shared-key

ike-proposal

name apply-groups apply-groups-except apply-macrodescription authentication-method dh-group authentication-algorithm encryption-algorithm lifetime-seconds

interface_host_inbound_traffic_t

apply-groups apply-groups-except apply-macrosystem-services protocols

interface-system-services-object-type

name apply-groups apply-groups-except apply-macroexcept

Type of incoming system-service traffic to accept

ipsec_gvpn_addr_object

apply-groups apply-groups-except apply-macroaddress

ipsec_gvpn_exclude_rule_object

apply-groups apply-groups-except apply-macrorule

ipsec_gvpn_fail_open_rule_object

apply-groups apply-groups-except apply-macrorule

ipsec-gvpn-member-template

name apply-groups apply-groups-except apply-macroike-gateway group-vpn-external-interface group heartbeat-threshold recovery-probe df-bit fail-open exclude

Configure a Group VPN

ipsec_gvpn_rule_address_object

name apply-groups apply-groups-except apply-macrosource-address destination-address application

ipsec-internal-sa

apply-groups apply-groups-except apply-macromanual

ipsec-policy

name apply-groups apply-groups-except apply-macrodescription perfect-forward-secrecy proposals proposal-set

ipsec-proposal

name apply-groups apply-groups-except apply-macrodescription protocol authentication-algorithm encryption-algorithm lifetime-seconds lifetime-kilobytes

ipsec-sa

name apply-groups apply-groups-except apply-macrodescription mode sa_choice

ipsec-template-monitor

apply-groups apply-groups-except apply-macrooptimized source-interface destination-ip verify-path

Configure VPN monitoring

ipsec-template-proxy-id

apply-groups apply-groups-except apply-macrolocal remote service

Proxy identity settings

ipsec-traceoptions

apply-groups apply-groups-except apply-macroflag

Data-plane IPSec tracing options

ipsec-vpn-monitor

apply-groups apply-groups-except apply-macrointerval threshold

Configure VPN monitoring

ipsec-vpn-template

name apply-groups apply-groups-except apply-macroha-link-encryption bind-interface df-bit multi-sa copy-outer-dscp vpn-monitor negotiation traffic-selector establish-tunnels udp-encapsulate

Configure an IPSec VPN

jsf_application_traffic_control_rule_set_type

apply-groups apply-groups-except apply-macrorule-set

Define service application traffic rule-set reference

jsf_service_rule_set_type

apply-groups apply-groups-except apply-macrorule-set

Define service rule set reference

juniper-enhanced-category-type

name apply-groups apply-groups-except apply-macroaction custom-message

Juniper enhanced category type

juniper-enhanced-server

apply-groups apply-groups-except apply-macrohost port proxy-profile routing-instance source-address

Server handling categorization requests

juniper-enhanced-site-reputation-setting

apply-groups apply-groups-except apply-macrovery-safe moderately-safe fairly-safe suspicious harmful

Juniper enhanced site reputation settings

juniper-enhanced-type

apply-groups apply-groups-except apply-macroprofile

Juniper Enhanced

juniper-local-type

apply-groups apply-groups-except apply-macroprofile

Juniper local

logical-system-type

name apply-groups apply-groups-except apply-macromax-sessions

Logical system name

log-object

apply-groups apply-groups-except apply-macroexclude limit cache disable utc-timestamp mode event-rate format escape time-format rate-cap max-database-record report source transport facility-override local-log-tag local-category root-streaming stream file apply traceoptions profile

Configure security log

log_type

apply-groups apply-groups-except apply-macrosession-init session-close session-update sfw profile

macro-data-type

name value

macsec-trace-options

apply-groups apply-groups-except apply-macrofile flag

Trace options for MACSec Protocol

map-e-domain

name apply-groups apply-groups-except apply-macroconfidentiality br-address end-user-prefix rule role version

Configure a MAP-E domain

map-e-rule

name apply-groups apply-groups-except apply-macrorule-type ipv4-prefix ipv6-prefix ea-bits-length psid-offset psid-len mtu-v6 v4-reassembly v6-reassembly disable-auto-route

Configure a MAP-E rule

match_source_end_user_profile_value

apply-groups apply-groups-except apply-macrosource-end-user-profile-name

message-object

apply-groups apply-groups-except apply-macrov0 v1 v2

mime-list-type

name apply-groups apply-groups-except apply-macrovalue

Configure mime-list object

mirror-filter-type

name apply-groups apply-groups-except apply-macroprotocol source-prefix destination-prefix source-port destination-port interface-in interface-out output

Secuirty mirror filter settings

mka-trace-options

apply-groups apply-groups-except apply-macrofile flag

Trace options for MKA protocol

named-address-book-type

name apply-groups apply-groups-except apply-macrodescription address address-set attach

Configure global address book

nat-object

apply-groups apply-groups-except apply-macrosource destination static proxy-arp proxy-ndp natv6v4 allow-overlapping-pools traceoptions ipv6-multicast-interfaces port-forwarding

Configure Network Address Translation

nat-rule-session-count-alarm-object

apply-groups apply-groups-except apply-macroraise-threshold clear-threshold

persistent-nat-object

apply-groups apply-groups-except apply-macropermit address-mapping inactivity-timeout max-session-number

pf_mapping

name apply-groups apply-groups-except apply-macrodestined-port

policy-object-type

apply-groups apply-groups-except apply-macrotraceoptions policy global policy-set default-policy policy-rematch policy-stats pre-id-default-policy unified-policy dns-cache stateful-firewall-rule stateful-firewall-rule-set

policy_type

name apply-groups apply-groups-except apply-macrodescription match then scheduler-name report-skip

port-range

name maximum-port

Port ranges

profile-setting

name apply-groups apply-groups-except apply-macroanti-virus content-filtering web-filtering anti-spam traffic-options

UTM policy settings

proto-object

name apply-groups apply-groups-except apply-macrotunable-name

ragw-traceoptions

apply-groups apply-groups-except apply-macrono-remote-trace file level flag

range-address-type

name apply-groups apply-groups-except apply-macroto

Range address

rate-limit-object

apply-groups apply-groups-except apply-macroalarm-threshold drop-threshold message

remote-access-client-config

name apply-groups apply-groups-except apply-macroconnection-mode biometric-authentication windows-logon no-dead-peer-detection dead-peer-detection no-tcp-encap no-eap-tls certificate

remote-access-profile-config

name apply-groups apply-groups-except apply-macrodescription ipsec-vpn access-profile client-config

remote-access-traceoptions

apply-groups apply-groups-except apply-macrono-remote-trace file level flag

sbl-type

apply-groups apply-groups-except apply-macroprofile

SBL type

sctp-object

apply-groups apply-groups-except apply-macroprofile multichunk-inspection nullpdu log traceoptions

secure-wire-type

name apply-groups apply-groups-except apply-macrointerface

Secure-wire cross connection

security-association-manual

apply-groups apply-groups-except apply-macrodirection

security-authentication-key-chains

apply-groups apply-groups-except apply-macrokey-chain

security-group

security

security-group-vpn

apply-groups apply-groups-except apply-macromember server

security-ike

apply-groups apply-groups-except apply-macrotraceoptions respond-bad-spi proposal policy gateway

security_intelligence_feeds

apply-groups apply-groups-except apply-macroadd-source-ip-to-feed add-destination-ip-to-feed add-source-identity-to-feed add-destination-identity-to-feed

Specify the feed post action

security-ipsec-policies

apply-groups apply-groups-except apply-macrofrom-zone

security-ipsec-policy

from-zone-name to-zone apply-groups apply-groups-except apply-macroipsec-group-vpn

security-ipsec-vpn

apply-groups apply-groups-except apply-macrointernal traceoptions vpn-monitor-options proposal policy vpn security-association

security-macsec

apply-groups apply-groups-except apply-macrotraceoptions connectivity-association interfaces cluster-control-port cluster-data-port

security-pki

apply-groups apply-groups-except apply-macroca-profile trusted-ca-group trap auto-re-enrollment traceoptions

security-traceoptions

apply-groups apply-groups-except apply-macrono-remote-trace file rate-limit filter flag

Trace options for key management process

security-zone-type

name apply-groups apply-groups-except apply-macrodescription tcp-rst address-book screen host-inbound-traffic interfaces application-tracking source-identity-log advance-policy-based-routing-profile enable-reverse-reroute unidirectional-session-refreshing advanced-connection-tracking

Security zone

server

apply-groups apply-groups-except apply-macrohost port routing-instance source-address

Server settings

session_timeout_type

apply-groups apply-groups-except apply-macrotcp udp ospf icmp icmp6 others

sla_application_services_type

apply-groups apply-groups-except apply-macroadvance-policy-based-routing-profile

Application Services

sla_policy_type

name apply-groups apply-groups-except apply-macrodescription match then scheduler-name

softwire-option-type

name apply-groups apply-groups-except apply-macrosoftwire-concentrator softwire-type ipv4-prefix v6rd-prefix mtu-v4 mtu-v6 auto-update-mtu copy-dscp flow-limit session-limit-per-prefix

Configure softwire object

softwires-object

apply-groups apply-groups-except apply-macrosoftwire-name softwire-types map-e traceoptions rule-set

Configure softwire feature

sophos-scan-options

apply-groups apply-groups-except apply-macrouri-check-choice content-size-limit timeout

Anti-virus scan options

source-nat-pool-utilization-alarm-object

apply-groups apply-groups-except apply-macroraise-threshold clear-threshold

src-nat-rule-object

name apply-groups apply-groups-except apply-macrodescription src-nat-rule-match then

ssg-destination-nat-object

apply-groups apply-groups-except apply-macropool port-forwarding rule-set

ssg-interface-object

name apply-groups apply-groups-except apply-macroaddress

ssg-proxy-arp-object

apply-groups apply-groups-except apply-macrointerface

ssg-proxy-ndp-interface-object

name apply-groups apply-groups-except apply-macroaddress

ssg-proxy-ndp-object

apply-groups apply-groups-except apply-macrointerface

ssg-source-nat-object

apply-groups apply-groups-except apply-macropersistent-nat pool address-persistent session-persistence-scan session-drop-hold-down pool-utilization-alarm port-randomization port-round-robin port-scaling-enlargement pool-distribution pool-default-port-range pool-default-twin-port-range interface rule-set

ssg-static-nat-object

apply-groups apply-groups-except apply-macrorule-set

static-nat-rule-mapped-port-object

apply-groups apply-groups-except apply-macrolow to

static-nat-rule-object

name apply-groups apply-groups-except apply-macrodescription static-nat-rule-match then

surf-control-integrated-category-type

name apply-groups apply-groups-except apply-macroaction

Surf control integrated category type

surf-control-integrated-type

apply-groups apply-groups-except apply-macrocache server profile

Surf control integrated

sw-rule-set-object

name apply-groups apply-groups-except apply-macrorule match-direction

tenant-system-type

name apply-groups apply-groups-except apply-macromax-sessions

Tenant name

time-format-object

apply-groups apply-groups-except apply-macroyear millisecond

tunable-object

name apply-groups apply-groups-except apply-macrotunable-value

tunnel-inspection-profile-type

name apply-groups apply-groups-except apply-macroinspection-type

Configure tunnel-inspection profile

tunnel-inspection-vni-type

name apply-groups apply-groups-except apply-macrovni-type

VNI config

tunnel_type

apply-groups apply-groups-except apply-macroipsec-vpn-choice pair-policy

Tunnel packets

url-list-type

name apply-groups apply-groups-except apply-macrovalue

Configure url-list object

usf-range-address-type

name apply-groups apply-groups-except apply-macroto

Range address

utm-apppxy-traceoptions

apply-groups apply-groups-except apply-macroflag

Traceoptions for utm application proxy process

utm-ipc-traceoptions

apply-groups apply-groups-except apply-macroflag

Traceoptions for utm IPC

utm-traceoptions

apply-groups apply-groups-except apply-macroflag

Trace options for utm process

vendor-object

name apply-groups apply-groups-except apply-macroproduct-name

vni-list-type

name

vni-range-type

name apply-groups apply-groups-except apply-macroto

vrf-group-type

name apply-groups apply-groups-except apply-macrovrf

Configure vrf group object

vxlan-tunnel-type

name apply-groups apply-groups-except apply-macropolicy-set vni

Configure vxlan tunnel

webfilter-feature

apply-groups apply-groups-except apply-macrosurf-control-integrated websense-redirect juniper-local juniper-enhanced

Web-filtering feature settings

web-filtering-fallback-setting

apply-groups apply-groups-except apply-macrodefault server-connectivity timeout too-many-requests

Web-filtering fallback settings

web-filtering-traceoptions

apply-groups apply-groups-except apply-macroflag

Trace options for web-filtering feature

websense-type

apply-groups apply-groups-except apply-macroprofile

Websense redirect

wildcard-address-type

name apply-groups apply-groups-except apply-macro

Wildcard address and mask

zone_host_inbound_traffic_t

apply-groups apply-groups-except apply-macrosystem-services protocols

zone-interface-list-type

name apply-groups apply-groups-except apply-macrohost-inbound-traffic

Logical interfaces in this zone

zone-system-services-object-type

name apply-groups apply-groups-except apply-macroexcept

Type of incoming system-service traffic to accept

junos-es-conf-security