3.1.1 Abstract Data Model
This section describes a conceptual model of possible data organization that an implementation maintains to participate in this protocol. The described organization is provided to explain how the protocol behaves. This document does not mandate that implementations adhere to this model as long as their external behavior is consistent with that specified in this document.
The Firewall and Advanced Security Group Policy administrative plug-in relies on a collection of settings specified in section 2.2 and stored as a Unicode configuration file ([MS-GPREG] section 2.2) in a GPO using the Group Policy: Core Protocol specified in [MS-GPOL]. The administrative plug-in parses and encodes these settings as specified in section 2.2 to perform its functions.
The Firewall and Advanced Security Group Policy administrative plug-in reads in these settings from the remote storage location GPO and displays them to an administrator through a UI.
An administrator can then use the UI to make further configuration changes, and the Firewall and Advanced Security Group Policy administrative plug-in will make corresponding changes to the name-value pairs stored in the aforementioned Unicode configuration file following the conventions of the grammars rules, registry values, and keys specified in section 2.2.
This conceptual data can be implemented using a variety of techniques. An implementation can implement such data using any method.<8>
This protocol also includes one ADM element, Administered GPO (Public), which is directly accessed from Group Policy: Core Protocol, as specified in [MS-GPOL] section 3.3.1.3.