List of System Properties

This site will be decommissioned on December 31st 2024. Please visit techdocs.broadcom.com for the latest content.

As an Operator, you can add or modify the values of the system properties.

The following tables describe some of the system properties. As an Operator, you can set the values for these properties.

Alert Emails
Alerts
Edges
Monitoring
Notifications
Password Reset and Lockout
Self-service Password Reset
Two-factor Authentication
VNF Configuration
VPN

Table 1. Alert Emails
System Property	Description
vco.alert.mail.to	When an alert is triggered, a notification is sent immediately to the list of Email addresses provided in the Value field of this system property. You can enter multiple Email IDs separated by commas. If the property does not contain any value, then the notification is not sent. The notification is meant to alert VMware support / operations personnel of impending issues before notifying the customer.
vco.alert.mail.cc	When alert emails are sent to any customer, a copy is sent to the Email addresses provided in the Value field of this system property. You can enter multiple Email IDs separated by commas.
mail.*	There are multiple system properties available to control the Alert Emails. You can define the Email parameters like SMTP properties, username, password, and so on.

Table 2. Alerts
System Property	Description
vco.alert.enable	Globally enables or disables the generation of alerts for both Operators and Enterprise customers.
vco.enterprise.alert.enable	Globally enables or disables the generation of alerts for Enterprise customers.
vco.operator.alert.enable	Globally enables or disables the generation of alerts for Operators.

Table 3. Edges
System Property	Description
edge.offline.limit.sec	If the Orchestrator does not detect a heartbeat from an Edge for the specified duration, then the state of the Edge is moved to OFFLINE mode.
edge.link.unstable.limit.sec	When the Orchestrator does not receive link statistics for a link for the specified duration, the link is moved to UNSTABLE mode.
edge.link.disconnected.limit.sec	When the Orchestrator does not receive link statistics for a link for the specified duration, the link is disconnected.
edge.deadbeat.limit.days	If an Edge is not active for the specified number of days, then the Edge is not considered for generating Alerts.
vco.operator.alert.edgeLinkEvent.enable	Globally enables or disables Operator Alerts for Edge Link events.
vco.operator.alert.edgeLiveness.enable	Globally enables or disables Operator Alerts for Edge Liveness events.

Table 4. Monitoring
System Property	Description
vco.monitor.enable	Globally enables or disables monitoring of Enterprise and Operator entity states. Setting the Value to False prevents SD-WAN Orchestrator from changing entity states and triggering alerts.
vco.enterprise.monitor.enable	Globally enables or disables monitoring of Enterprise entity states.
vco.operator.monitor.enable	Globally enables or disables monitoring of Operator entity states.

Table 5. Notifications
System Property	Description
vco.notification.enable	Globally enables or disables the delivery of Alert notifications to both Operator and Enterprises.
vco.enterprise.notification.enable	Globally enables or disables the delivery of Alert notifications to the Enterprises.
vco.operator.notification.enable	Globally enables or disables the delivery of Alert notifications to the Operator.

Table 6. Password Reset and Lockout
System Property	Description
vco.enterprise.resetPassword.token.expirySeconds	Duration of time, after which the password reset link for an enterprise user expires.
vco.enterprise.authentication.passwordPolicy	Defines the password expiration and password history policy for enterprise users. Edit the JSON template in the Value field to define the following: expiry: enable: Set this to true to enable automatic expiry of enterprise user passwords. days: Enter the number of days that an enterprise password may be used before forced expiry. history: enable: Set this to true to enable recording of enterprise users' previous Passwords. count: Enter the number of previous Passwords to be saved in the history. When an enterprise user tries to change the password, the system does not allow the user to enter a password that is already saved in the history.
enterprise.user.lockout.defaultAttempts	Number of times the enterprise user can attempt to login. If the login fails for the specified number of times, the account is locked.
enterprise.user.lockout.defaultDurationSeconds	Duration of time, for which the enterprise user account is locked.
enterprise.user.lockout.enabled	Enables or disables the lockout option for the enterprise login failures.
vco.operator.resetPassword.token.expirySeconds	Duration of time, after which the password reset link for an Operator user expires.
vco.operator.authentication.passwordPolicy	Defines the password expiration and password history policy for Operator users. Edit the JSON template in the Value field to define the following: expiry: enable: Set this to true to enable automatic expiry of Operator user passwords. days: Enter the number of days that an Operator password may be used before forced expiry. history: enable: Set this to true to enable recording of Operator users' previous Passwords. count: Enter the number of previous Passwords to be saved in the history. When an Operator user tries to change the password, the system does not allow the user to enter a password that is already saved in the history.
operator.user.lockout.defaultAttempts	Number of times the Operator user can attempt to login. If the login fails for the specified number of times, the account is locked.
operator.user.lockout.defaultDurationSeconds	Duration of time, for which the Operator user account is locked.
operator.user.lockout.enabled	Enables or disables the lockout option for the Operator login failures.

Table 7. Self-service Password Reset
System Property	Description
vco.enterprise.resetPassword.twoFactor.mode	Defines the mode for the second level for password reset authentication, for all the Enterprise users. Currently, only the SMS mode is supported.
vco.enterprise.resetPassword.twoFactor.required	Enables or disables the two-factor authentication for password reset of Enterprise users.
vco.enterprise.selfResetPassword.enabled	Enables or disables self-service password reset for Enterprise users.
vco.enterprise.selfResetPassword.token.expirySeconds	Duration of time, after which the self-service password reset link for an Enterprise user expires.
vco.operator.resetPassword.twoFactor.required	Enables or disables the two-factor authentication for password reset of Operator users.
vco.operator.selfResetPassword.enabled	Enables or disables self-service password reset for Operator users.
vco.operator.selfResetPassword.token.expirySeconds	Duration of time, after which the self-service password reset link for an Operator user expires.

Table 8. Two-factor Authentication
System Property	Description
vco.enterprise.authentication.twoFactor.enable	Enables or disables the two-factor authentication for Enterprise users.
vco.enterprise.authentication.twoFactor.mode	Defines the mode for the second level authentication for Enterprise users. Currently, only SMS is supported as the second level authentication mode.
vco.enterprise.authentication.twoFactor.require	Defines the two-factor authentication as mandatory for Enterprise users.
vco.operator.authentication.twoFactor.enable	Enables or disables the two-factor authentication for Operator users.
vco.operator.authentication.twoFactor.mode	Defines the mode for the second level authentication for Operator users. Currently, only SMS is supported as the second level authentication mode.
vco.operator.authentication.twoFactor.require	Defines the two-factor authentication as mandatory for Operator users.

Table 9. VNF Configuration
System Property	Description
edge.vnf.extraImageInfos	Defines the properties of a VNF Image. You can enter the following information for a VNF Image, in JSON format in the Value field: [ { "vendor": "`Vendor Name`", "version": "`VNF Image Version`", "checksum": "`VNF Checksum Value`", "checksumType": "`VNF Checksum Type`" } ] Example of JSON file for Check Point Firewall Image: [ { "vendor": "checkPoint", "version": "r80.40_no_workaround_46", "checksum": "bc9b06376cdbf210cad8202d728f1602b79cfd7d", "checksumType": "sha-1" } ] Example os JSON file for Fortinet Firewall Image: [ { "vendor": "fortinet", "version": "624", "checksum": "6d9e2939b8a4a02de499528c745d76bf75f9821f", "checksumType": "sha-1" } ]
edge.vnf.metric.record.limit	Defines the number of records to be stored in the database
enterprise.capability.edgeVnfs.enable	Enables VNF deployment on supported Edge models.
enterprise.capability.edgeVnfs.securityVnf.checkPoint	Enables Check Point Networks Firewall VNF
enterprise.capability.edgeVnfs.securityVnf.fortinet	Enables Fortinet Networks Firewall VNF
enterprise.capability.edgeVnfs.securityVnf.paloAlto	Enable Palo Alto Networks Firewall VNF
session.options.enableVnf	Enables VNF feature
vco.operator.alert.edgeVnfEvent.enable	Enables or disables Operator alerts for Edge VNF events globally.
vco.operator.alert.edgeVnfInsertionEvent.enable	Enables or disables Operator alerts for Edge VNF Insertion events globally.

Table 10. VPN
System Property	Description
vpn.disconnect.wait.sec	The time interval for the system to wait before disconnecting a VPN tunnel.
vpn.reconnect.wait.sec	The time interval for the system to wait before reconnecting a VPN tunnel.