mibs/MIBS/trellix/TRELLIX-SENSOR-CONF-MIB

10574 lines
316 KiB
Plaintext
Raw Permalink Normal View History

2023-12-05 12:25:34 +01:00
-- *****************************************************************
-- MUSARUBRA CONFIDENTIAL
-- TRELLIX-SENSOR-CONF-MIB:
-- Trellix (Sensor Configuration MIB)
--
-- Copyright (c) 2022 MUSARUBRA US, LLC
-- All rights reserved.
--
-- *****************************************************************
TRELLIX-SENSOR-CONF-MIB DEFINITIONS ::= BEGIN
IMPORTS
OBJECT-TYPE, MODULE-IDENTITY, Integer32,
IpAddress, TimeTicks, Unsigned32
FROM SNMPv2-SMI
TimeInterval, TruthValue, RowStatus,
MacAddress, DateAndTime, DisplayString
FROM SNMPv2-TC
Ipv6Address
FROM IPV6-TC
ivSensorConfiguration, respPortIndex, intfPortIndex, slotIndex, intfPhysicalPortIndex, ntpServerIndex, sslProbeIpv4Index, sslProbeIpv6Index, processorNumIndex, intfVirtualPortIndex, intfVirtualSlotIndex
FROM TRELLIX-SENSOR-SMI
TrellixFEType, TrellixIDSOperatingMode, TrellixIDSPortType,
TrellixIDSResponseMode, TrellixIDSActionResult, TrellixIDSActionStatus,
TrellixIDSAction, TrellixIDSCardType, TrellixTFTPFileType,
TrellixTFTPFailedResult, TrellixTFTPInProgressResult, TrellixTFTPStatus,
TrellixTFTPAction, TrellixGEType,TrellixCUGEType, TrellixPortSpeed, TrellixPluggableModuleType,
TrellixPortLinearIndex
FROM TRELLIX-INTRUVERT-TC;
ivSensorConfigurationMIB MODULE-IDENTITY
LAST-UPDATED "200707090000Z"
ORGANIZATION
"MUSARUBRA US LLC"
CONTACT-INFO
"Trellix Customer Service Department
Postal: 6220 American Center Drive
San Jose CA 95002-2563
Tel: +1 800 338 8754
E-mail: support@mcafee.com"
DESCRIPTION
"The Configuration MIB for the Trellix IntruShield product.
They are furthur broken down into the following groups:
systemGrp - configuration of the IntruShield node identification.
emsGrp - configuration of possible EMSs identification
chassisGrp - configuration of the chassis slots
managementCardGrp - configuration of the management card(s)
tftpGrp - configuration of TFTP based services
sensorCardGp - configuration of the sensor anlysis card(s)
interfacePortGrp - configuration of interface port(s)
responsePortGrp - configuration of response port(s)
pktLogGrp - configuration of the Packet Logging Application
sslGrp - SSL configuration
"
REVISION "200706140000Z"
DESCRIPTION
"Initial version of this MIB module."
::= { ivSensorConfiguration 1 }
--This group contains objects that identify the IntruShield network element.
systemGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 1 }
ivSysName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"An administratively assigned name for this IntruShied node.
By convention, this is the node's fully-qualified domain name."
::= { systemGrp 1 }
ivSysLocation OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The physical location of this node (e.g., `Building 6, IS room 443, 3rd floor')."
::= { systemGrp 2 }
ivSysContact OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The textual identification of the contact person for this IntruShield node,
together with information on how to contact this person."
::= { systemGrp 3 }
ivSysModel OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is where the manufacturer specifies the model identification
(number or type) of the network element."
::= { systemGrp 4 }
-- Support for ivSysSerialNumber is deprecated in V-series sensors(VmIPS).
ivSysSerialNumber OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Manufacturer-provided serial number."
::= { systemGrp 5 }
ivSysDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual description of the entity. This value should include the full name and version
identification of the system's hardware type, software operating system, and networking
software. It is current that this only contains printable ASCII characters."
::= { systemGrp 6 }
ivSysObjectID OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The vendor's authoritative identification of the
network management subsystem contained in the
entity. This value is allocated within the SMI
enterprises subtree (1.3.6.1.4.1) and provides an
easy and unambiguous means for determining `what
kind of box' is being managed. For example, if
vendor `Flintstones, Inc.' was assigned the
subtree 1.3.6.1.4.1.4242, it could assign the
identifier 1.3.6.1.4.1.4242.1.1 to its `Fred
Router'."
::= { systemGrp 7 }
ivSysUpTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time (in hundredths of a second) since the network management portion of the system
was last re-initialized."
::= { systemGrp 8 }
ivSysLastCfgTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates time when configuration was changed last."
::= { systemGrp 9 }
-- Support for ivSysDiskSpaceLeft is deprecated in V-series sensors(VmIPS).
ivSysDiskSpaceLeft OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the numbers of kbytes left on the disk."
::= { systemGrp 10 }
ivSysAlertChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
down (0),
up (1),
errorInGetTimeFromManager (2),
errorGeneratingCertificates (3),
errorPersistingCertificates (4),
errorConnectingToManager (5),
errorInUntrustedConnectionSetup (6),
errorInInstall (7),
errorPersistingManagerPublicCertificate (8),
errorInMutualTrustMatch (9),
errorInSnmpKeyExchange (10),
errorInInitialProtocolMessageExchange (11),
sensorInstallInProgress (12),
openingAlertChannelInProgress (13),
errorInLinkHenceReopening (14),
errorInChannelReopening (15),
closingChannelInProgress (16),
errorClosingChannel (17),
sendAlertWarning (18),
keepAliveWarning (19),
errorDeletingCerts (20),
errorCreatingSnmpUser (21),
errorChangingSnmpUserKeys (22)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the status of the alert channel connection with
EMS."
::= { systemGrp 11 }
ivSysPacketLogChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
down (0),
up (1),
errorInGetTimeFromManager (2),
errorGeneratingCertificates (3),
errorPersistingCertificates (4),
errorConnectingToManager (5),
errorInUntrustedConnectionSetup (6),
errorInInstall (7),
errorPersistingManagerPublicCertificate (8),
errorInMutualTrustMatch (9),
errorInSnmpKeyExchange (10),
errorInInitialProtocolMessageExchange (11),
packetLogInstallInProgress (12),
openingPacketLogInProgress (13),
errorInLinkHenceReopening (14),
errorInChannelReopening (15),
closingChannelInProgress (16),
errorClosingChannel (17),
sendLogWarning (18),
keepAliveWarning (19)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the status of the packet log channel connection with
EMS."
::= { systemGrp 12 }
ivSysHealth OBJECT-TYPE
SYNTAX INTEGER {
bad (0),
good (1),
uninitialized (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the health of the sensor. uninitialized means
that the sensor does not have signatures hence does not
detect attacks"
::= { systemGrp 13 }
ivSysResetPassword OBJECT-TYPE
SYNTAX INTEGER {
not-applicable (0),
resetPassword (1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to reset the password back to default
value. Returns not-applicable(0) upon read."
::= { systemGrp 14 }
ivSysDeleteSignatures OBJECT-TYPE
SYNTAX INTEGER {
not-applicable (0),
deleteSignatures (1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to delete the signatures on the sensor if present.
This also reboots the sensor after deleting the signatures. Does nothing
if signatures are not present. Returns not-applicable(0) upon read."
::= { systemGrp 15 }
-- Support for ivSysSlaveSerialNumber is deprecated in V-series sensors(VmIPS).
ivSysSlaveSerialNumber OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Manufacturer-provided slave serial number. This is the serial number
for a cluster-slave in a palomar cluster"
::= { systemGrp 16 }
ivSysUIDSeed OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object contains the portion of the seed value to be used for generating
UIDs' for alerts and logs. In case there is a mismatch, the ISM would set the
right value, which would used by the sensor for new alerts and logs."
::= { systemGrp 17 }
ivSysFipsMode OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This Object holds the status of the fips mode.If the sensor is operating in FIPS
mode then this Object will have enable value or else disable value."
::= { systemGrp 18 }
ivSysNumLbPorts OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is set by the NSM to inform the sensors connected to the Load Balancer(LB)
of the number of ports on the LB switch."
::= { systemGrp 19 }
ivSysUpTimeNew OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time (in hundredths of a second) since the network management portion of the system
was last re-initialized."
::= { systemGrp 20 }
ivSysCapacityMode OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"To push new license from NSM"
::= { systemGrp 21 }
ivSysCurrentCapacityMode OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"To get current license mode of sensor"
::= { systemGrp 22 }
ivSysDeviceMode OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"To get current device mode"
::= { systemGrp 23 }
ivSysConfDeviceMode OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"To get configured device mode"
::= { systemGrp 24 }
ivSysRebootStatus OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If a system reboot is required and Why
REBOOT_DEFAULT_STATUS (0) // No Reboot Required
REBOOT_UPGRADE_DOWNLOAD (1)
REBOOT_SETUP_CHANGE (2)
REBOOT_IPV6_CONFIG_CHANGE (3)
REBOOT_SSL_MODE_CHANGE (4)
REBOOT_JUMBOFRAMEPARSING_CONFIG_CHANGE (5)
REBOOT_PREV_256BYTES_LOGGING_CONFIG_CHANGE (6)
NMS_USERS_WRITE_ACCESS_CONFIG_CHANGE (7)
REBOOT_LAYER7_DCAP_NUM_FLOWS_CHANGE (8)
REBOOT_LAYER7_DCAP_BUFF_SIZE_CHANGE (9)
REBOOT_LAYER7_DCAP_STATUS_CHANGE (10)
REBOOT_SBC_CORE_INCREMENT_CONFIG_CHANGE (11)
REBOOT_REQUIRED_MAX_SNMPD_RESTART_EXCEEDED (12)
REBOOT_REQUIRED_SBC_TLV_ERROR (13)
REBOOT_SNORT_CONFIG_CHANGE (15)
REBOOT_CAPACITY_MODE_CHANGE (16)
REBOOT_SSL_FLOWALLOC_CHANGE (17)
"
::= { systemGrp 25 }
ivSysRebootReason OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains reason for the sensor reboot.
NULL is stored in the object if reboot is not required"
::= { systemGrp 26 }
--This group contains objects that identify the IP configuration information for the
--IntruShield network element.
--
systemIPCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 2 }
ivSysIPAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the IP Address of the management card on the IntruShield node,
that interfaces with the EMS."
::= { systemIPCfgGrp 1 }
ivSysMACAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the MAC address of the management card on the IntruShield node."
::= { systemIPCfgGrp 2 }
ivSysSubnetMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the Subnet mask of the management card on the IntruShield node."
::= { systemIPCfgGrp 3 }
ivSysGateway OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the gateway address of the management card on the IntruShield node."
::= { systemIPCfgGrp 4 }
ivSysIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the IPv6 Address of the management card on the IntruShield node,
that interfaces with the EMS."
::= { systemIPCfgGrp 5 }
ivSysIpv6SubnetMask OBJECT-TYPE
SYNTAX INTEGER (0..128)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the number of bits that need to set to '1' from left to right,
int the Ipv6 address Subnet mask of the management card on the IntruShield node."
::= { systemIPCfgGrp 6 }
ivSysIpv6Gateway OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the gateway Ipv6 address of the management card on the IntruShield node."
::= { systemIPCfgGrp 7 }
ivSysVmHostIPAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the IP Address of the Vm Host on which VIPS will be running.
This mib object will be available only on V-series sensors."
::= { systemIPCfgGrp 8 }
ivSysVmHostIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the IP Address of the Vm Host on which VIPS will be running.
This mib object will be available only on v-series sensors."
::= { systemIPCfgGrp 9 }
ivSysVmHostName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the Vm Host name on which VIPS will be running.
This mib object will be available only on V-series sensors."
::= { systemIPCfgGrp 10 }
ivSysVmMgmtAdditionalInfo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing additional information about the management interface.
This mib object will be available only on v-series sensors."
::= { systemIPCfgGrp 11 }
--
-- System Failover Group
--
--This group contains objects that identify the failover configuration information for the
--IntruShield network element.
systemFailoverGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 3 }
ivSysFailoverStatus OBJECT-TYPE
SYNTAX INTEGER {
peer-up (1),
peer-down (2),
peer-incompatible (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates if IDS peer is in peer-down or peer-up mode. Default: peer-down (2)."
::= { systemFailoverGrp 1 }
ivSysFailoverAction OBJECT-TYPE
SYNTAX INTEGER {
on (1),
off (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to indicate if the sensor is in failover
configuration or not. If the sensors are in failover
configuration, then both sensors have to be set to on(1).
Default: off(2)"
::= { systemFailoverGrp 2 }
ivSysFailoverMode OBJECT-TYPE
SYNTAX INTEGER {
standalone (0),
primary (1),
secondary (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Added for the I-3000/I-4010 sensors.
This object is used to specify to the sensor if it is primary
or secondary when failover is enabled.
This value ( 1 or 2) must be set on the sensor prior to
enabling failover.
When failover is disabled, the sensor will automatically
update this object to standalone (0).
The manager can opt to explicitly set this after disabling
failover on the sensor, however it is not necessary.
Default: standalone(0), since failover is disabled"
::= { systemFailoverGrp 3 }
ivSysFailopenAction OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to indicate if the sensor should fail-open when
in failover mode.
Default: disable(2)"
::= { systemFailoverGrp 4 }
ivSysSTPForwardConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to indicate if the sensor should forward the STP traffic
through peer in failover mode.
Default: disable(2)"
::= { systemFailoverGrp 5 }
--
-- EmsGrp
--
-- This group contians the <emsTable> that identifies two EMSs for this sensor
-- They are indexed by <emsIndex> and identified by their <emsIPAddress>.
-- The only field that is writable for each EMS is the emsPriority. All
-- the other fields are updated by the sensor itself.
--
-- An EMS can look at this emsTable to find out the status of sensors
-- connection to EMSs. Any changes at the EMS can be communicated to the sensor
-- using the emsChangeAction mib object.
-- Under error scenarios like sensor getting out of sync with the EMS because it was
-- offline when the change at EMS took place can also be corrected using the same
-- emsChangeAction mib object.
--
--
emsGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 4 }
emsTable OBJECT-TYPE
SYNTAX SEQUENCE OF EmsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table comprises of exactly two possible EMS entries each defined by <emsEntry>.
"
::= { emsGrp 1 }
emsEntry OBJECT-TYPE
SYNTAX EmsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <emsIndex>.
Additonaly it contains the <emsIPAddress> and <emsPriority>
"
INDEX { emsIndex }
::= { emsTable 1 }
EmsEntry ::= SEQUENCE {
emsIndex
Integer32,
emsPriority
INTEGER,
emsIPAddress
IpAddress,
emsHAMode
INTEGER,
emsHAStatus
INTEGER,
emsAlertChannelStatus
INTEGER,
emsPacketLogChannelStatus
INTEGER,
emsIPv6Address
Ipv6Address,
emsIPAddressType
INTEGER,
emsAuthChannelStatus
INTEGER
}
emsIndex OBJECT-TYPE
SYNTAX Integer32 (1..2)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Fixed index for the two EMS entries. Valid values are [1,2] only."
::= { emsEntry 1 }
emsPriority OBJECT-TYPE
SYNTAX INTEGER {
primary (1),
secondary (2),
standalone (3),
unknown (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies whether the EMS identifed by the IPAddress is the Primary or Secondary. This value
is only informational from sensor point of view and is set by the EMS when we have established
connection to it. Note that transition at EMS from Primary to Secondary or vice versa will have
no effect on the sensor. The only thing sensor needs to worry about while in MDR mode is the
active/standby status.
"
::= { emsEntry 2 }
emsIPAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IP Address of a EMS (in this entry)."
::= { emsEntry 3 }
emsHAMode OBJECT-TYPE
SYNTAX INTEGER {
failover (1),
standalone (2),
unknown (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the MDR mode of the EMS. Initially when the system comes up this would be set to
unknown till we contact the EMS and get its MDR status. This field also gets updated when a
MDR-to-Standalone or Standalone-to-MDR action is triggered.
"
::= { emsEntry 4 }
emsHAStatus OBJECT-TYPE
SYNTAX INTEGER {
unknown(1),
active (2),
standby (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies if the EMS is an active or a standby when operating in failover mode"
::= { emsEntry 5 }
emsAlertChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
down (0),
up (1),
errorInGetTimeFromManager (2),
errorGeneratingCertificates (3),
errorPersistingCertificates (4),
errorConnectingToManager (5),
errorInUntrustedConnectionSetup (6),
errorInInstall (7),
errorPersistingManagerPublicCertificate (8),
errorInMutualTrustMatch (9),
errorInSnmpKeyExchange (10),
errorInInitialProtocolMessageExchange (11),
sensorInstallInProgress (12),
openingAlertChannelInProgress (13),
errorInLinkHenceReopening (14),
errorInChannelReopening (15),
closingChannelInProgress (16),
errorClosingChannel (17),
sendAlertWarning (18),
keepAliveWarning (19),
errorDeletingCerts (20),
errorCreatingSnmpUser (21),
errorChangingSnmpUserKeys (22)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the status of the alert channel connection with
EMS identifed by the emsIPAddress of this entry."
::= { emsEntry 6 }
emsPacketLogChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
down (0),
up (1),
errorInGetTimeFromManager (2),
errorGeneratingCertificates (3),
errorPersistingCertificates (4),
errorConnectingToManager (5),
errorInUntrustedConnectionSetup (6),
errorInInstall (7),
errorPersistingManagerPublicCertificate (8),
errorInMutualTrustMatch (9),
errorInSnmpKeyExchange (10),
errorInInitialProtocolMessageExchange (11),
packetLogInstallInProgress (12),
openingPacketLogInProgress (13),
errorInLinkHenceReopening (14),
errorInChannelReopening (15),
closingChannelInProgress (16),
errorClosingChannel (17),
sendLogWarning (18),
keepAliveWarning (19)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the status of the packet log channel connection with
EMS identified by the emsIPAddress of this entry."
::= { emsEntry 7 }
emsIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IPv6 Address of a EMS (in this entry)."
::= { emsEntry 8 }
emsIPAddressType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the type of EMS IPAddress. If set to ip-v4, then the emsIPAddress object
would be set else if this object is set to ip-v6, then the empIPv6Address object
would be set.
"
::= { emsEntry 9 }
emsAuthChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
down (0),
up (1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the status of the authentication channel connection with
EMS identified by the emsIPAddress of this entry."
::= { emsEntry 10 }
emsChangeAction OBJECT-TYPE
SYNTAX INTEGER {
other (0),
standalone-to-ha (1),
ha-to-standalone (2),
switchover (3),
add-ism-sec-ip (4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to indicate to the sensor, changes in the EMS MDR operation mode."
::= { emsGrp 2 }
emsParamIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is one of the parameters that need to be set before emsChangeAction is triggered.
If the action is Switchover this specifies the IP address of the Manager that the sensor should switch to.
If the action is Standalone-to-MDR this specifies the Peer EMS IP address and this will result in using
a free entry in the emsTable.
If the action is MDR-to-Standalone this specifies the future Standalone EMS IP address which should be
one of the two EMSs specified in the emsTable.
The acutal swithover or change in MDR opearation mode will be done when indicated by the Manager through the
emsChangeAction object.
Setting this object would reset the emsParamIpv6Address and emsParamAddIpv6Address objects.
"
::= { emsGrp 3 }
emsParamPriority OBJECT-TYPE
SYNTAX INTEGER {
other (0),
primary (1),
secondary (2),
standalone (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object specifies the priority of the EMS setting the standalone-to-MDR change action."
::= { emsGrp 4 }
emsParamAddIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object specifies the secondary IP address of the EMS while in MDR mode. If the emsChangeAction
is standalone-to-MDR, this specifies the secondary IP address of the new peer Manager. If the
emsChangeAction is secondary NIC address, this specifies the secondary IP address of the EMS
identified by emsParamIpAddress.
Setting this object would reset the emsParamIpv6Address and emsParamAddIpv6Address objects."
::= { emsGrp 5 }
emsParamIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is one of the parameters that need to be set before emsChangeAction is triggered.
If the action is Switchover this specifies the IPv6 address of the Manager that the sensor should switch to.
If the action is Standalone-to-MDR this specifies the Peer EMS IPv6 address and this will result in using
a free entry in the emsTable.
If the action is MDR-to-Standalone this specifies the future Standalone EMS IPv6 address which should be
one of the two EMSs specified in the emsTable.
The acutal swithover or change in MDR opearation mode will be done when indicated by the Manager through the
emsChangeAction object.
Setting this object would reset the emsParamIpAddress and emsParamAddIpAddress objects.
"
::= { emsGrp 6 }
emsParamAddIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object specifies the secondary IPv6 address of the EMS while in MDR mode. If the emsChangeAction
is standalone-to-MDR, this specifies the secondary IPV6 address of the new peer Manager. If the
emsChangeAction is secondary NIC address, this specifies the secondary IPv6 address of the EMS
identified by emsParamIpAddress.
Setting this object would reset the emsParamIpAddress and emsParamAddIpAddress objects."
::= { emsGrp 7 }
emsTenantId OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(36))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object specifies the TenantId. which identifies unique customer in Trellix eco system"
::= { emsGrp 8 }
emsPrimaryNSMGUID OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(36))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object specifies the Primary NSM Server GUID. which identifies unique NSM in Trellix eco system"
::= { emsGrp 9 }
emsSecondaryNSMGUID OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(36))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object specifies the Secondary NSM Server GUID. which identifies unique NSM in Trellix eco system"
::= { emsGrp 10 }
--This group contains MIB objects for the configuration of the TFTP service.
tftpGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 5 }
tftpKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This specifies the tftp shared secret key between the IntruShield Sensor and EMS.
Default: All 128 octets filled with '0'."
::= { tftpGrp 1 }
tftpFileSize OBJECT-TYPE
SYNTAX Integer32 (0..134217727)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The size of the file in bytes. Default: 0 "
::= { tftpGrp 2 }
tftpFileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This specifies the name of the file to TFTP (with the source path)"
::= { tftpGrp 3 }
tftpServerAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TFTP server IP address.
Is the EMS address when downloading from EMS to management card.
Setting this object would reset the tftpServerIpv6Address objects."
::= { tftpGrp 4 }
tftpAction OBJECT-TYPE
SYNTAX TrellixTFTPAction
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Invokes TFTP service using other (required) parameters defined in <tftpGrp>.
Valid values are : (0)-other, (1)-downloadimage, (2)-downloadsigfile, (3)-uploaddos,
(4)-uploadtrace, (5)-downloaddos, (6)-aborttransfer, (7)-downloadcertfile,
(8)-downloadimageandsigfile, (9)-downloadmperootcertfile,
(10)-download_sgap_ssl_cert, (11)-upload_sgap_ssl_csr,
(12)-upload_ibac_ad_file, (13)-download_ibac_ad_file,
(14)-upload_swh_learned_file,
(15)-downloadPacketCaptureFilterFile ,(16)-uploadPacketCaptureFilterFile,
(17)-downloadGeoLocationDatabase, (18)-uploadPacketCapturePCAPFile,
(19)-download_usrid_acl_file,
(20)-download-bot-dat-file,
(21)-download-ntba-ssl-cert-file,(22)-upload-dev-prof-file,
(25)-download_matd_ssl_cert, (28)-download-ffp-bulk-file,
(33)-download_zcenter_ssl_cert, (34)-download-gti-private-cloud-cert-file,
(35)-upload_suricata_failed_rules, (36)-upload_ca_sensor_csr,
(37)-download_ca_sensor_cert, (38)-download_syslog_ssl_cert,
(39)-download_ca_cert_store"
::= { tftpGrp 5 }
tftpActionStatus OBJECT-TYPE
SYNTAX TrellixTFTPStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the current TFTP action"
::= { tftpGrp 6 }
tftpActionInProgressResult OBJECT-TYPE
SYNTAX TrellixTFTPInProgressResult
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies TFTP service completion percentage.
"
::= { tftpGrp 7 }
tftpActionFailedResult OBJECT-TYPE
SYNTAX TrellixTFTPFailedResult
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"See TrellixTFTPFailedResult"
::= { tftpGrp 8 }
tftpActionTransactionId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Used to ensure single file transfer at a time. Default: 0."
::= { tftpGrp 9 }
tftpServerIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TFTP server IPv6 address.
Is the EMS IPv6 address when downloading from EMS to management card.
Either one of the Ipv4 or Ipv6 address should be set by the ISM.
Setting this object would reset the tftpServerIpAddress objects."
::= { tftpGrp 10 }
tftpIVKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This specifies the tftp Initialization Vector that is used for AES Decryption between the IntruShield Sensor and EMS.
Default: All 128 octets filled with '0'."
::= { tftpGrp 11 }
--Trellix IntruShield chassis.
--The chassis may be a slim line enclosure with no explicit slot concept or a larger enclosure
--with multiple slots.
--
--This MIB does not differentiate between the two and models all it's cards
--as entities that can be associated with a containing slot.
-- Support for chassisGrp is deprecated in V-series sensors(VmIPS).
chassisGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 7 }
temperatureStatus OBJECT-TYPE
SYNTAX INTEGER {
normal (0),
abnormal (1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
""
::= { chassisGrp 1 }
fanStatus OBJECT-TYPE
SYNTAX INTEGER {
normal (0),
abnormal (1),
removed (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
""
::= { chassisGrp 2 }
primaryPowerSupplyStatus OBJECT-TYPE
SYNTAX INTEGER {
not-present (0),
present-operational (1),
present-nonoperational (2),
error (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This powerSupply MIB object gives the primary powerSupply status.
(0) - Primary PowerSupply Module is not present.
(1) - Primary PowerSupply Module is present and operational.
(2) - Primary PowerSupply Module is present and its not operational.
(3) - Error while retrieving the powerSupply status, please re-try after some time."
::= { chassisGrp 3 }
secondaryPowerSupplyStatus OBJECT-TYPE
SYNTAX INTEGER {
not-present (0),
present-operational (1),
present-nonoperational (2),
error (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This powerSupply MIB object gives the secondary powerSupply status.
(0) - Secondary PowerSupply Module is not present.
(1) - Secondary PowerSupply Module is present and operational.
(2) - Secondary PowerSupply Module is present and its not operational.
(3) - Error while retrieving the powerSupply status, please re-try after some time."
::= { chassisGrp 4 }
pciLegacyErrorStatus OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"BMC PCI Legacy Error (parity error (PERR) and system error (SERR))"
::= { chassisGrp 5 }
pciFatalError1Status OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"BMC PCI Fatal Error1 Status"
::= { chassisGrp 6 }
pciFatalError2Status OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"BMC PCI Fatal Error2 Status (Continuation of Fatat Error 1)"
::= { chassisGrp 7 }
systemEventLogStatus OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"BMC System Event Log (SEL buffer) Status"
::= { chassisGrp 8 }
bmcWatchdogStatus OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"BMC Watchdog Status"
::= { chassisGrp 9 }
processorStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF ProcessorStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contain list of processors"
::= { chassisGrp 10 }
processorStatusEntry OBJECT-TYPE
SYNTAX ProcessorStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table entries denotes various processor details for each index (processor) "
INDEX { processorNumIndex }
::= { processorStatusTable 1 }
ProcessorStatusEntry ::= SEQUENCE{
processorStatus
DisplayString,
}
processorStatus OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Processor Presence Status"
::= { processorStatusEntry 1 }
memoryECCStatus OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Memory ECC Status"
::= { chassisGrp 11 }
postSysEventStatus OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"POST Sys Event Status"
::= { chassisGrp 12 }
postErrorStatus OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..512))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"POST Error Status"
::= { chassisGrp 13 }
--Trellix Sensor Slave chassis.
slave-ChassisGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 9 }
slaveTemperatureStatus OBJECT-TYPE
SYNTAX INTEGER {
normal (0),
abnormal (1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
""
::= { slave-ChassisGrp 1 }
slaveFanStatus OBJECT-TYPE
SYNTAX INTEGER {
normal (0),
abnormal (1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
""
::= { slave-ChassisGrp 2 }
slavePrimaryPowerSupplyStatus OBJECT-TYPE
SYNTAX INTEGER {
not-present (0),
present-operational (1),
present-nonoperational (2),
error (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This powerSupply MIB object gives the primary powerSupply status.
(0) - Slave Primary PowerSupply Module is not present.
(1) - Slave Primary PowerSupply Module is present and operational.
(2) - Slave Primary PowerSupply Module is present and its not operational.
(3) - Error while retrieving the powerSupply status, please re-try after some time."
::= { slave-ChassisGrp 3 }
slaveSecondaryPowerSupplyStatus OBJECT-TYPE
SYNTAX INTEGER {
not-present (0),
present-operational (1),
present-nonoperational (2),
error (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This powerSupply MIB object gives the secondary powerSupply status.
(0) - Slave Secondary PowerSupply Module is not present.
(1) - Slave Secondary PowerSupply Module is present and operational.
(2) - Slave Secondary PowerSupply Module is present and its not operational.
(3) - Error while retrieving the powerSupply status, please re-try after some time."
::= { slave-ChassisGrp 4 }
--This group conatins all MIB objects that specify the configuration of the
--Trellix IntrusShield management card.
--
--The object mgmtCardTable within this group suggest that each IntruShield chassis
--can contain more than one management card, only for standby purposes.
managementCardGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 8 }
mgmtCardTable OBJECT-TYPE
SYNTAX SEQUENCE OF MgmtCardEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains entries, one per management card, indexed by the appropriate slotIndex."
::= { managementCardGrp 1 }
mgmtCardEntry OBJECT-TYPE
SYNTAX MgmtCardEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each management card within the IntruShield node.
This entry is indexed by a fixed value slotIndex of 1 (one) for all models."
INDEX { slotIndex }
::= { mgmtCardTable 1 }
MgmtCardEntry ::= SEQUENCE {
mcAction
TrellixIDSAction,
mcActionStatus
TrellixIDSActionStatus,
mcActionResult
TrellixIDSActionResult,
mcHwVersion
DisplayString,
mcCurrentSwVersion
DisplayString,
mcFutureSwFileName
DisplayString,
mcDateAndTime
DateAndTime
}
mcAction OBJECT-TYPE
SYNTAX TrellixIDSAction
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Actions applicable on this card, uses TC TrellixIDSAction.
Default: other
Only 'reset' and 'swupdate' action are supported."
::= { mgmtCardEntry 1 }
mcActionStatus OBJECT-TYPE
SYNTAX TrellixIDSActionStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Outcome of a SNMP set on the mcAction object. Uses TC TrellixIDSActionStatus
Default: other"
::= { mgmtCardEntry 2 }
mcActionResult OBJECT-TYPE
SYNTAX TrellixIDSActionResult
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detail information when <mcAction> is set to 'reset', based on <mcActionStatus>
Default: 0, details not defined."
::= { mgmtCardEntry 3 }
-- Support for mcHwVersion is deprecated in V-series sensors(VmIPS).
mcHwVersion OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The manufacturer specified hardware version information.
Typically indicated major, minor, patch information for version."
::= { mgmtCardEntry 4 }
mcCurrentSwVersion OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The manufacturer specified software version information that is currently running.
Typically indicated major, minor, patch information for version."
::= { mgmtCardEntry 5 }
mcFutureSwFileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The new software (image) file residing on flash."
::= { mgmtCardEntry 6 }
mcDateAndTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"System date and time set by EMS."
::= { mgmtCardEntry 7 }
--This group conatins all MIB objects that specify the configuration of the
--Trellix IDS sensor (analysis) card.
--
--The object sensorCardTable within this group suggests that each Trellix IDS chassis
--may contain more than one sensor card.
--
--Support for each logical function is defined in its own table.
--Each table in this group contains entries, one per sensor card, indexed by <slotIndex>
sensorCardGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 10 }
sensorCardTable OBJECT-TYPE
SYNTAX SEQUENCE OF SensorCardEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains entries, one per sensor card and indexed by the slotIndex.
"
::= { sensorCardGrp 1 }
sensorCardEntry OBJECT-TYPE
SYNTAX SensorCardEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each sensor card within the Trellix IDS.
This entry is indexed by a fixed value chassis slotIndex of 2 (two) for all models."
INDEX { slotIndex }
::= { sensorCardTable 1 }
SensorCardEntry ::= SEQUENCE {
scAction
TrellixIDSAction,
scSigUpdateResult
TrellixIDSActionResult,
scHwVersion
DisplayString,
scCurrentSwVersion
DisplayString,
scFutureSwFileName
DisplayString,
scCurrentSigVersion
DisplayString,
scFutureSigFileName
DisplayString,
scMACAddress
MacAddress,
scCurrentBotDATVersion
DisplayString
}
scAction OBJECT-TYPE
SYNTAX TrellixIDSAction
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Actions on this card. See TrellixIDSAction
Default: other
Only reset and sigupdate are supported."
::= { sensorCardEntry 1 }
scSigUpdateResult OBJECT-TYPE
SYNTAX TrellixIDSActionResult
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates detail results of scAction object.
Default: 0
"
::= { sensorCardEntry 2 }
-- Support for scHwVersion is deprecated in V-series sensors(VmIPS).
scHwVersion OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The manufacturer specified hardware version information.
Typically indicated major, minor, patch information for version."
::= { sensorCardEntry 3 }
scCurrentSwVersion OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The manufacturer specified software version information that is currently running.
Typically indicated major, minor, patch information for version."
::= { sensorCardEntry 4 }
scFutureSwFileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The new software (image) file residing on flash."
::= { sensorCardEntry 5 }
scCurrentSigVersion OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The manufacturer specified signature file version information that is currently running.
Typically indicated major, minor, patch information for version."
::= { sensorCardEntry 6 }
scFutureSigFileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The new signature file residing on flash."
::= { sensorCardEntry 7 }
scMACAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ReadOnly parameter, to allow SNMP manager to view the MAC address of this card."
::= { sensorCardEntry 8 }
scCurrentBotDATVersion OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The manufacturer specified BotDAT file version information that is currently running."
::= { sensorCardEntry 9 }
--
-- IP table
--
ipTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains entries that define the IP
configuration objects per sensor card."
::= { sensorCardGrp 6 }
ipEntry OBJECT-TYPE
SYNTAX IpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table entry contains the sensor card specific ( <slotIndex> based)
IP configuration objects.
This entry is indexed by a fixed value chassis slotIndex of 2 (two) for all models."
INDEX { slotIndex }
::= { ipTable 1 }
IpEntry ::= SEQUENCE {
ipFragmentTimer
INTEGER,
ipOverlapOption
INTEGER,
ipTTLConfigMode
INTEGER,
ipTTLThreshold
INTEGER,
ipTTLResetValue
INTEGER,
ipSmallestFragmentSize
INTEGER,
ipSmallFragmentThreshold
INTEGER,
ipFragmentReassemblyOption
INTEGER,
ipv6OverlapOption
INTEGER,
ipv6SmallestFragmentSize
INTEGER,
ipv6SmallFragmentThreshold
INTEGER
}
ipFragmentTimer OBJECT-TYPE
SYNTAX INTEGER (3..180)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP fragment reassembly timer
Default: 30 seconds
"
::= { ipEntry 1 }
ipOverlapOption OBJECT-TYPE
SYNTAX INTEGER {
oldData (1),
newData (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to oldData(1), ip reassembly module takes old data.
Otherwise it takes new data.
Default: oldData (1)"
::= { ipEntry 2 }
ipTTLConfigMode OBJECT-TYPE
SYNTAX INTEGER {
noTTLChecking (1),
checkThreshold (2),
resetTTL (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to noTTLChecking(1), the TTL in the packet is not
checked. If set to checkThreshold(2), then TTL is checked
against the value in ipTTLThreshold object. If set to
resetTTL(3), the TTL value is reset to the value set by
ipTTLResetValue object.
Default: noTTLChecking (1)"
::= { ipEntry 3 }
ipTTLThreshold OBJECT-TYPE
SYNTAX INTEGER (1..255)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the minimum threshold for the TTL value. The TTL
in the packet is checked against the value configured here.
If TTL is less than the value configured here, an alert is
raised.
Default: 32"
::= { ipEntry 4 }
ipTTLResetValue OBJECT-TYPE
SYNTAX INTEGER (1..255)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the value that TTL should be reset to.
Default: 32"
::= { ipEntry 5 }
ipSmallestFragmentSize OBJECT-TYPE
SYNTAX INTEGER (8..1480)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the smallest fragment size that is acceptable.
Any fragments smaller than the size specified here (other
than the last one) will be counted and an alert raised if
exceeds the threshold configured. The size should be multiple
of 8.
Default: 256"
::= { ipEntry 6 }
ipSmallFragmentThreshold OBJECT-TYPE
SYNTAX INTEGER (100..100000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Count of acceptable small fragments as specified by
ipSmallestFragmentSize in 1 minute.
Default: 10000"
::= { ipEntry 7 }
ipFragmentReassemblyOption OBJECT-TYPE
SYNTAX INTEGER{
enable (0),
disable (1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Flag to indicate if sensor should reassemble IP Framgments. Default: enable"
::= { ipEntry 8 }
ipv6OverlapOption OBJECT-TYPE
SYNTAX INTEGER {
oldData (1),
newData (2),
drop (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to oldData(1), ipv6 reassembly module takes old data.
Otherwise it takes new data.
Default: oldData (1)"
::= { ipEntry 9 }
ipv6SmallestFragmentSize OBJECT-TYPE
SYNTAX INTEGER (40..1280)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the smallest ipv6 fragment size that is acceptable.
Any fragments smaller than the size specified here (other
than the last one) will be counted and an alert raised if
exceeds the threshold configured. The size should be multiple
of 8.
Default: 48"
::= { ipEntry 10 }
ipv6SmallFragmentThreshold OBJECT-TYPE
SYNTAX INTEGER (100..100000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Count of acceptable small fragments as specified by
ipSmallestFragmentSize in 1 minute.
Default: 10000"
::= { ipEntry 11 }
--
-- TCP Table
--
tcpTable OBJECT-TYPE
SYNTAX SEQUENCE OF TcpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains entries that define the TCP configuration objects per sensor card."
::= { sensorCardGrp 7 }
tcpEntry OBJECT-TYPE
SYNTAX TcpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table entry contains the sensor card specific ( <slotIndex> based)
TCP configuration objects.
This entry is indexed by a fixed value chassis slotIndex of 2 (two) for all models."
INDEX { slotIndex }
::= { tcpTable 1 }
TcpEntry ::= SEQUENCE {
supportedUDPFlows
Integer32,
tcbInactivityTimer
INTEGER,
tcpSegmentTimer
INTEGER,
tcp2MSLTimer
INTEGER,
inactiveFlowsRSTEnabled
TruthValue,
dropReTxTCPEnabled
TruthValue,
coldStartTime
INTEGER,
coldStartDropAction
INTEGER,
normalizationOnOffOption
INTEGER,
tcpOverlapOption
INTEGER,
sAckPermittedOption
INTEGER,
tTCPOptionThreshold
INTEGER,
dropOnPAWSFail
INTEGER,
timestampEchoMatchFail
INTEGER,
dropMD5Option
INTEGER,
unsolicitedUDPPacketsTimeout
INTEGER,
synProxyEnable
INTEGER,
ackScanDiscardTime
INTEGER,
halfOpenConnectionResetEnable
INTEGER,
outOfContextTcpPktEnable
INTEGER,
synCookieConfig
INTEGER,
synCookieInboundThreshold
INTEGER,
synCookieOutboundThreshold
INTEGER,
synCookieMss
INTEGER,
sinkHoleTimeToLive
INTEGER,
sinkHoleIpAddress
IpAddress
}
supportedUDPFlows OBJECT-TYPE
SYNTAX Integer32 (8..1000000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Number of UDP flows supported.
Deafult: 1 million, UDP and TCP combined.
Default: 100000 for I4000, 25000 for I2600, 5000 for I1200, 10000 for I1400"
::= { tcpEntry 1 }
tcbInactivityTimer OBJECT-TYPE
SYNTAX INTEGER (3..1200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TCB inactivity timeout
Default: 10 minutes"
::= { tcpEntry 2 }
tcpSegmentTimer OBJECT-TYPE
SYNTAX INTEGER (10..120)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TCP segment reassembly timer.
Default: 60 seconds
"
::= { tcpEntry 3 }
tcp2MSLTimer OBJECT-TYPE
SYNTAX INTEGER (3..120)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TCP 2MSL timer
Default: 10 seconds"
::= { tcpEntry 4 }
inactiveFlowsRSTEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to RST incative flows enabled (TRUE) or not (FALSE).
Default: FALSE"
::= { tcpEntry 5 }
dropReTxTCPEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IntruShield may get TCP segments which have already been processed by it apriori
(due to the segments being dropped in between it and the destination).
By default, forward it without any processing, but provide the user with an option
to drop such selectively retransmitted segments.
This object enables the dropping of retransmitted TCP packets.
Default: FALSE"
::= { tcpEntry 6 }
coldStartTime OBJECT-TYPE
SYNTAX INTEGER (0..10080)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When sensor powers up, it will treat the packets for flows
that did not exist without valid TCB as valid packets. After
the time configured with this object, packets without valid
flows are considered invalid packets.
Default: 60min"
::= { tcpEntry 7 }
coldStartDropAction OBJECT-TYPE
SYNTAX INTEGER {
dropFlows (1),
forwardFlows (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When this object is set to dropFlows(1), in inline mode
sensor will drop the packets without valid TCB.
When this object is set to forwardFlows(2), in inline mode
sensor will forward the packets until coldStartTime. After
that it will drop the packets without valid TCB.
Default: forwardFlows(2)"
::= { tcpEntry 8 }
normalizationOnOffOption OBJECT-TYPE
SYNTAX INTEGER {
on (1),
off (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable or Disable normalization
Default: off(2)"
::= { tcpEntry 9 }
tcpOverlapOption OBJECT-TYPE
SYNTAX INTEGER {
oldData (1),
newData (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If this object is set to oldData(1), tcp reassembly module
will use the old data. Otherwise it will use the newer data.
Default: newData(2)"
::= { tcpEntry 10 }
sAckPermittedOption OBJECT-TYPE
SYNTAX INTEGER {
on (1),
off (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to on, removes in SYN and clears in further packets.
This applies only in inline mode."
::= { tcpEntry 11 }
tTCPOptionThreshold OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Generate alert if too many. TBD"
::= { tcpEntry 12 }
dropOnPAWSFail OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to enable, drop if fails PAWS test. If set to disable
always forward the packet."
::= { tcpEntry 13 }
timestampEchoMatchFail OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to enable, drop if TS-echo was one not sent earlier.
If set to disable always forward the packet."
::= { tcpEntry 14 }
dropMD5Option OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to enable, drop packet if SYN=0 and it contains
no MD5 but MD5 was used at setup. If set to disable always
forward the packet."
::= { tcpEntry 15 }
unsolicitedUDPPacketsTimeout OBJECT-TYPE
SYNTAX INTEGER (10..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If a UDP response packet is received without a request
packet, the packet will be dropped. This object configures
the acceptable request to response time.
Default: 60"
::= { tcpEntry 16 }
synProxyEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to enable, sensor will do SYN proxy for every SYN
request. SYN proxy is done only when TCP SYN flood is
detected."
::= { tcpEntry 17 }
ackScanDiscardTime OBJECT-TYPE
SYNTAX INTEGER (0..1440)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time in which ACK scan messages should be discarded.
Default 15 minutes"
::= { tcpEntry 18 }
halfOpenConnectionResetEnable OBJECT-TYPE
SYNTAX INTEGER {
resetDisable (1),
resetAllUnfinished3WHConns (2),
resetDosUnfinished3WHConns (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Resets either all or only DOS packets whose 3 Way Handshake has not finished. Default: Disable(1). "
::= { tcpEntry 19 }
outOfContextTcpPktEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2),
permit-out-of-order (3),
deny-no-tcb (4),
stateless-inspection (5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Used to en/dis able processing of out of context TCP packets. Enable aka PERMIT, Disable aka DENY, PERMIT_OUT_OF_ORDER(3), DENY-NO-TCB (4) aka PERMIT-ACL-MODE, STATELESS_INSPECTION (5). Default: PERMIT(1)"
::= { tcpEntry 20 }
synCookieConfig OBJECT-TYPE
SYNTAX INTEGER {
disable (0),
enable-inbound (1),
enable-outbound (2),
enable-in-out (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object specifies the directions in which to enable syn cookie when there is a
SYN flood. This option is valid only for monitoring ports operating in inline mode.
Default: 0"
::= { tcpEntry 21 }
synCookieInboundThreshold OBJECT-TYPE
SYNTAX INTEGER (0..420000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the threshold value for the number of incomplete SYNs from outside
network beyond which SYN cookie mechanism has to be enabled.
Default: 4096"
::= { tcpEntry 22 }
synCookieOutboundThreshold OBJECT-TYPE
SYNTAX INTEGER (0..420000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the threshold value for the number of incomplete SYNs from inside
network beyond which SYN cookie mechanism has to be enabled.
Default: 4096"
::= { tcpEntry 23 }
synCookieMss OBJECT-TYPE
SYNTAX INTEGER (536..1460)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the maximum segment size to be sent in SYN Ack, with SYN cookie mechanism enabled.
Default: 536"
::= { tcpEntry 24 }
sinkHoleTimeToLive OBJECT-TYPE
SYNTAX INTEGER (6..18)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the TTL duration for sinkhole. TTL duration can range from 6 hours to 18 hours,
Default: 12 hours"
::= { tcpEntry 25 }
sinkHoleIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure IPv4 address of sinkhole. It can be any valid ip address apart from
broadcast and multicast address.
Default: 127.0.0.1"
::= { tcpEntry 26 }
--
-- TCP/UDP session reset and log table
--
sessionTable OBJECT-TYPE
SYNTAX SEQUENCE OF SessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Session table is used by user to configure TCP and UDP flows
in the sensor."
::= { sensorCardGrp 8 }
sessionEntry OBJECT-TYPE
SYNTAX SessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed with 5-tuple flow parameters and VIDS identifier.
This table is used only to send sets to the sensor. Doing
GET on this table will not return any information."
INDEX {sessionSrcIpAddress, sessionDestIpAddress,
sessionSrcPortNo, sessionDestPortNo, sessionProtocol,
sessionVIDSIdentifier }
::= { sessionTable 1 }
SessionEntry ::= SEQUENCE {
sessionSrcIpAddress
IpAddress,
sessionDestIpAddress
IpAddress,
sessionSrcPortNo
INTEGER,
sessionDestPortNo
INTEGER,
sessionProtocol
INTEGER,
sessionVIDSIdentifier
INTEGER,
sessionConfigAction
INTEGER,
sessionLogTime
INTEGER,
sessionIntfPortNo
TrellixPortLinearIndex
}
sessionSrcIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Source ip address."
::= { sessionEntry 1 }
sessionDestIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Destination ip address."
::= { sessionEntry 2 }
sessionSrcPortNo OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Source port number."
::= { sessionEntry 3 }
sessionDestPortNo OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Destination port number."
::= { sessionEntry 4 }
sessionProtocol OBJECT-TYPE
SYNTAX INTEGER {
tcp (1),
udp (2)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Protocol type."
::= { sessionEntry 5 }
sessionVIDSIdentifier OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"VIDS identifier that owns this flow. If VIDS is not
enabled, this oject will be ignored."
::= { sessionEntry 6 }
sessionConfigAction OBJECT-TYPE
SYNTAX INTEGER {
resetSession (1),
logSession (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to resetSession(1) causes the flow
to be reset.
Setting this object to logSession(2) causes the flow to be
logged for the time specified with sessionLogTime object."
::= { sessionEntry 7 }
sessionLogTime OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time for which the packet needs to be logged."
::= { sessionEntry 8 }
sessionIntfPortNo OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The sensor linear interface port index on which the attack has been detected.
This is mandatory when the sessionConfigAction is resetSession. "
::= { sessionEntry 9 }
--
-- IPV6 TCP/UDP session reset and log table
--
sessionV6Table OBJECT-TYPE
SYNTAX SEQUENCE OF SessionV6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Session table v6 is used by user to configure TCP and UDP flows
over Ipv6 in the sensor."
::= { sensorCardGrp 9 }
sessionV6Entry OBJECT-TYPE
SYNTAX SessionV6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed with 5-tuple flow parameters and VIDS identifier.
This table is used only to send sets to the sensor. Doing
GET on this table will not return any information."
INDEX {sessionSrcIpv6Address, sessionDestIpv6Address,
sessionv6SrcPortNo, sessionv6DestPortNo, sessionv6Protocol,
sessionv6VIDSIdentifier }
::= { sessionV6Table 1 }
SessionV6Entry ::= SEQUENCE {
sessionSrcIpv6Address
Ipv6Address,
sessionDestIpv6Address
Ipv6Address,
sessionv6SrcPortNo
INTEGER,
sessionv6DestPortNo
INTEGER,
sessionv6Protocol
INTEGER,
sessionv6VIDSIdentifier
INTEGER,
sessionv6ConfigAction
INTEGER,
sessionv6LogTime
INTEGER,
sessionv6IntfPortNo
TrellixPortLinearIndex
}
sessionSrcIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Source ipv6 address."
::= { sessionV6Entry 1 }
sessionDestIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Destination ipv6 address."
::= { sessionV6Entry 2 }
sessionv6SrcPortNo OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Source port number."
::= { sessionV6Entry 3 }
sessionv6DestPortNo OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Destination port number."
::= { sessionV6Entry 4 }
sessionv6Protocol OBJECT-TYPE
SYNTAX INTEGER {
tcp (1),
udp (2)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Protocol type."
::= { sessionV6Entry 5 }
sessionv6VIDSIdentifier OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"VIDS identifier that owns this flow. If VIDS is not
enabled, this oject will be ignored."
::= { sessionV6Entry 6 }
sessionv6ConfigAction OBJECT-TYPE
SYNTAX INTEGER {
resetSession (1),
logSession (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to resetSession(1) causes the flow
to be reset.
Setting this object to logSession(2) causes the flow to be
logged for the time specified with sessionLogTime object."
::= { sessionV6Entry 7 }
sessionv6LogTime OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time for which the packet needs to be logged."
::= { sessionV6Entry 8 }
sessionv6IntfPortNo OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The sensor linear interface port index on which the attack has been detected.
This is mandatory when the sessionConfigAction is resetSession "
::= { sessionV6Entry 9 }
pluggableModuleState OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the state of the pluggable modules in the system. Applicable
for Rubicon models only. 32 bit starting from LSB, 4 bits for each
slot starting from 2, will contain the moduleSysType enum
=> 0000 0000 0000 0000 0000 <slot4> <slot3> 0000."
::= { sensorCardGrp 10 }
-- This group conatins all MIB objects that specify the configuration of
-- the IntruShield interface port.
--
-- The object intfPortTable within this group suggests that the MIB is
-- designed to support sensor cards that can contain more than one interface
-- port.
--
interfacePortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 11 }
intfPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF IntfPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each interface port (indexed via intfPortIndex)
on each sensor card (indexed via appropriate slotIndex).
This table contains Trellix specific configuration objects.
Tables that contain MIB objects borrowed from MIB-II are in the
TRELLIX-SENSOR-PERF-MIB."
::= { interfacePortGrp 1 }
intfPortEntry OBJECT-TYPE
SYNTAX IntfPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each interface port on each IntruShield sensor card.
Indexed by slotIndex/intfPortIndex"
INDEX { slotIndex,
intfPortIndex }
::= { intfPortTable 1 }
IntfPortEntry ::= SEQUENCE {
intfPortIfDescr
DisplayString,
intfPortIfType
TrellixIDSPortType,
intfPortIfAdminStatus
INTEGER,
intfPortIfOperStatus
INTEGER,
intfPortOperatingMode
TrellixIDSOperatingMode,
intfPortEnableFullDuplex
TruthValue,
intfPortFullDuplexPeer
Integer32,
intfPortSpeed
INTEGER,
intfPortSpeedConfig
TrellixPortSpeed, -- was TrellixFEType, now deprecated
intfPortEnableInternalTap
TruthValue,
intfPortInOutType
INTEGER,
intfGEPortSpeedConfig
INTEGER,
intfFailOpenSwitchStatus
INTEGER,
intfFailOpenPortStatus
INTEGER,
intfPortEnableAntiSpoofing
INTEGER,
intfPortHostQRActionStatus
INTEGER,
intfPortMpeQRActionStatus
INTEGER,
intfPortAllowlistACLLookupStatus
INTEGER,
intfPortPeerDeviceAdvtStatus
INTEGER,
intfPortIsMcafeeConnector
TruthValue,
intfPortAllowAnyConnector
TruthValue,
intfPortCageType
INTEGER,
intfPortGetMediaType
INTEGER,
intfPortSetMediaType
INTEGER,
intfPortAdditionalInfo
DisplayString,
intfPortMonPortIpAddress
IpAddress,
intfPortMonPortNetMask
IpAddress,
intfPortGatewayIpAddress
IpAddress,
intfPortNbadConfigStatus
TruthValue,
intfPortVlanId
Integer32,
intfPortAppIdStatsConfigStatus
TruthValue,
intfPortConnectorType
INTEGER,
intfPortLinearIndex
TrellixPortLinearIndex,
intfPortFecConfig
INTEGER,
intfPortTranceiverSerialNumber
DisplayString
}
intfPortIfDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing information about the interface.
Returns the string that is printed on the box."
::= { intfPortEntry 1 }
intfPortIfType OBJECT-TYPE
SYNTAX TrellixIDSPortType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of interface, distinguished according to the
physical/link protocol(s) immediately 'below' the network
layer in the protocol stack.
For brevity, Trellix options are as specified by the TC,
TrellixIDSPortType.
However, the SNMP MIB-II - Interfaces MIB specifies many more
valid options. See comments section for details.
"
::= { intfPortEntry 2 }
intfPortIfAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired state of the interface.
The testing(3) state indicates that no operational packets
can be passed.
Default: down"
::= { intfPortEntry 3 }
intfPortIfOperStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current operational state of the interface.
The testing(3) state indicates that no operational packets
can be passed.
Default: down"
::= { intfPortEntry 4 }
intfPortOperatingMode OBJECT-TYPE
SYNTAX TrellixIDSOperatingMode
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"ReadWrite parameter specifies the operating mode for the
Trellix IDS sensor to be used. Different modes supported are
inline-fo-passive(1), non-inline or tap(2), span(3) and
inlne-fc(4), inline-fo-active kit(5 - available on M-series only).
Default: non-inline"
::= { intfPortEntry 5 }
-- Support for intfPortEnableFullDuplex is deprecated in V-series sensors(VmIPS).
intfPortEnableFullDuplex OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Sets interface port to work as a full-duplex one.
Otherwise as half-duplex.
Default: True"
::= { intfPortEntry 6 }
-- Support for intfPortFullDuplexPeer is deprecated in V-series sensors(VmIPS).
intfPortFullDuplexPeer OBJECT-TYPE
SYNTAX Integer32 (1..32)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object returns the intfPortIndex value of the
interface port that is a peer. Used only when operating mode
is inline(1) or monitor-dual-intf(2)."
::= { intfPortEntry 7 }
-- Support for intfPortSpeed is deprecated in V-series sensors(VmIPS).
intfPortSpeed OBJECT-TYPE
SYNTAX INTEGER {
other (0),
ten-Mbps (1),
hundred-Mbps (2),
one-Gbps(3), -- renamed from gig-Mbps
ten-Gbps(4), -- support in M-series and R-series only
forty-Gbps(5) -- support in R-series only
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Get current speed/negotiation on the interface."
::= { intfPortEntry 8 }
-- Support for intfPortSpeedConfig is deprecated in V-series sensors(VmIPS).
intfPortSpeedConfig OBJECT-TYPE
SYNTAX TrellixPortSpeed -- was TrellixFEType, now deprecated
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Set desired speed/negotiation on the interface.
Default values are as follows:
I-Series -
fixed-hundred-Mbps (infinity/hichborn/2x00(1a-3b)
auto-gig-Mbps on 3000/4010/4000/2x00(4a,4b)
M-Series -
auto-ten-gig-Mbps on palomar/pyramid(1a-4b),auto-gig-Mbps(5a-8b)
Default: see above"
::= { intfPortEntry 9 }
intfPortEnableInternalTap OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Set to TRUE to enable feature. Applies to Fast Ethernet (FE)
ports only (see TrellixIDSPortType).
For non FE ports, set to 'FALSE' .
Setting this to 'TRUE' requires that
<intfPortCurrentOperatingMode> is already set to
'monitor-dual-intf'
Default: True"
::= { intfPortEntry 10 }
intfPortInOutType OBJECT-TYPE
SYNTAX INTEGER {
inside (1),
outside (2),
not-specified (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object reflects the Input or Output labeling
of this interface port. Used only when operating mode
is inline(1) or monitor-dual-intf(2).
Default: not-specified(3)"
::= { intfPortEntry 11 }
-- Definition of intfGEPortSpeedConfig OID stays in the MIB
-- Support for intfGEPortSpeedConfig is deprecated in sensors using new MIB.
-- Support for intfGEPortSpeedConfig is deprecated in M-series sensors and V-series sensors(VmIPS).
intfGEPortSpeedConfig OBJECT-TYPE
SYNTAX TrellixGEType
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Only applicable to gigabit-ethernet ports, to specify
whether auto or 1 Gbps
See TrellixGEType
Default: 'auto-negotiate'"
::= { intfPortEntry 12 }
-- Support for intfFailOpenSwitchStatus is availble in V-series sensors(VmIPS)
-- only when port operting mode is inline-fo-active
intfFailOpenSwitchStatus OBJECT-TYPE
SYNTAX INTEGER {
not-applicable(1),
present(2),
not-present(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the status of the external optical bypass switch
status. For FE ports, this object will return
not-applicable(1). For GE ports, if external optical bypass
switch is connected to sensor ports, this will return
present(2). Otherwise, it will return not-present(3)."
::= { intfPortEntry 13 }
-- Support for intfFailOpenPortStatus is availble in V-series sensors(VmIPS)
-- only when port operting mode is inline-fo-active
intfFailOpenPortStatus OBJECT-TYPE
SYNTAX INTEGER {
not-applicable(1),
inline-fail-open(2),
bypass(3),
tap (4),
absent (5),
unknown (6),
layer2-bypass (7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Returns the packet forwarding status of the sensor ports connected to the optical bypass switch.
If status is inline-fail-open(2), sensor is doing the
forwarding. If status is bypass(3), the bypass switch is
doing the forwarding and sensor will not process any
traffic in this mode. Tap(4), absent(5) , unknown (6) and layer2-bypass(7)
are available only in M-series for non RJ45(captive) ports
when connected to active FO kit and sensor operating mode
is inline-fail-open-active-kit.
tap - operational status(up), kit(present), heart-beat(tap)
absent - operational status(up), kit(absent), hear-beat(none)
unknown - operational status(down), kit(absent), heart-beat(not available)."
::= { intfPortEntry 14 }
intfPortEnableAntiSpoofing OBJECT-TYPE
SYNTAX INTEGER {
disable-bothsides-spoof-detect (1),
enable-inside-spoof-detect (2),
enable-outside-spoof-detect (3),
enable-bothsides-spoof-detect (4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"spoofed packet detect rcvd on the both sides .
Default: 'disable-bothsides-spoof-detect' (0) "
::= { intfPortEntry 15 }
-- unallocated ::= { intfPortEntry 16 }
-- unallocated ::= { intfPortEntry 17 }
intfPortHostQRActionStatus OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
quarantine(1),
remediate(2)
}
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"This object depicts the sensor level host quarantine and remediation action status
for the specific interface port. The value 'quarantine' indicates just quarantine the host and
the value 'remediate' indicates both quarantining and remediating the host.
Default: disabled"
::= { intfPortEntry 18 }
intfPortMpeQRActionStatus OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
mpeNotify(1),
mpeQuarantine(2),
mpeRemediate(3)
}
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"This object depicts the MPE respone based host quarantine and remediation action status for the
specific interface port. The value 'mpeNotify' indicates just informing the MPE server
about the problem host; the value 'mpeQuarantine' indicates first informing the MPE server
about the problem host and then quarantine the host based on the response from the MPE-server
and the MPE based Quarantine and Remediation scope mib object value; and the value 'mpeRemediate'
indicates first informing the MPE server about the problem host and then remediating the host
based on the response from the MPE-server and the MPE based Quarantine and Remediation scope
mib object value.
Default: disabled"
::= { intfPortEntry 19 }
intfPortAllowlistACLLookupStatus OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
enabled(1)
}
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"This object indicates the status of allowlist ACL lookup for this interface port.
Default: disabled"
::= { intfPortEntry 20 }
-- intfPortPeerDeviceAdvtStatus support in M-series sensor only
intfPortPeerDeviceAdvtStatus OBJECT-TYPE
SYNTAX INTEGER {
other (0) -- need to provide enum list
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Applicable if sensor port is set to auto-negotiate, else other(0). Specifies the advertised speed-duplex of the peer appliance port connected to this sensor port."
::= { intfPortEntry 21 }
-- intfPortIsMcafeeConnector support in M-series sensor only
intfPortIsMcafeeConnector OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True: connector is not inserted.
True: connector is inserted in port and McAfee certified.
False: connector is inserted and not McAfee certified. "
::= { intfPortEntry 22 }
-- intfPortAllowAnyConnector support in M-series sensor only
intfPortAllowAnyConnector OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Permit usage of any connector for port.
False: Restrict usage to McAfee certified connector only.
Default: False"
::= { intfPortEntry 23 }
-- intfPortCageType support in M-series and R-series sensor only
intfPortCageType OBJECT-TYPE
SYNTAX INTEGER {
other (0),
rJ-45 (1),
rJ-11 (2),
gBIC (3),
sFP (4),
xFP (5),
sFP-plus (6), -- support in R-series only
qSFP (7), -- support in R-series only
rJ-45-plus (8), -- support in R-series only
sFP-plus-BPFO (9) -- support in R-series only
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Physical connector cage type on sensor chassis panel."
::= { intfPortEntry 24 }
-- intfPortGetMediaType support in M-series sensor only
intfPortGetMediaType OBJECT-TYPE
SYNTAX INTEGER {
none (0),
optical (1),
electrical (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Gets the media of the connector present in the port cage. None (0) if cage is empty."
::= { intfPortEntry 25 }
-- intfPortSetMediaType support in M-series sensor only
intfPortSetMediaType OBJECT-TYPE
SYNTAX INTEGER {
optical(1),
electrical (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Sets the media of the connector the user desired for the port.
Default: optical"
::= { intfPortEntry 26 }
intfPortAdditionalInfo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing information about the interface.
Typically returns connector specific information.
For V-series sensors(vmips) this object will return monitoring ports label."
::= { intfPortEntry 27 }
intfPortMonPortIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve the IPv4 address of the monitoring port.
Default: 0.0.0.0"
::= { intfPortEntry 28 }
intfPortMonPortNetMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve netmask for the IPv4 address of the monitoring port.
Default: 0.0.0.0"
::= { intfPortEntry 29 }
intfPortGatewayIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve the IPv4 address of the gateway.
Default: 0.0.0.0"
::= { intfPortEntry 30 }
intfPortNbadConfigStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that flow record generation
to be sent to the NBAD server, is enabled over this monitoring port.
Default: False"
::= { intfPortEntry 31 }
intfPortVlanId OBJECT-TYPE
SYNTAX Integer32 (0..2164326399)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object indicates the Vlan ID of the VLAN to which the monitoring
port is connected."
::= { intfPortEntry 32 }
intfPortAppIdStatsConfigStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that the appId stats collection is enabled
over this monitoring port.
Default: True"
::= { intfPortEntry 33 }
-- intfPortConnectorType support in R-series sensor only
intfPortConnectorType OBJECT-TYPE
SYNTAX INTEGER {
other (0),
qSFP (1),
sFP-plus (2),
sFP-fiber (3),
sFP-copper (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Physical connector type plugged into the port cage."
::= { intfPortEntry 34 }
intfPortLinearIndex OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object indicates the Linear Index of the monitoring port. This index is
generated by the sensor appliance using the pair of slot index and the port index values.
The other MIB tables would directly use this linear index, whereever applicable."
::= { intfPortEntry 35 }
intfPortFecConfig OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure FEC"
::= { intfPortEntry 36 }
intfPortTranceiverSerialNumber OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing information about the interface.
Typically returns transceiver's serial number."
::= { intfPortEntry 37 }
-- Support for intfPortGBICHotSwapTime is deprecated in V-series sensors(VmIPS).
intfPortGBICHotSwapTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates time when the front end GBIC for any port was hot swapped last."
::= { interfacePortGrp 2 }
--This group contains all MIB objects that specify the configuration of the IntruShield
--response port.
--
--The object respPortTable within this group suggests that the MIB is designed to support
--response cards that can contain more than one response port.
responsePortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 12 }
respPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF RespPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each response port (indexed via respPortIndex)
on each sensor card (indexed via valid slotIndex).
This table contains Trellix specific MIB objects.
"
::= { responsePortGrp 1 }
respPortEntry OBJECT-TYPE
SYNTAX RespPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each response port within the Trellix IDS sensor card.
Indexed by slotIndex/respPortIndex"
INDEX { slotIndex,
respPortIndex }
::= { respPortTable 1 }
RespPortEntry ::= SEQUENCE {
respPortDescr
DisplayString,
respPortType
TrellixIDSPortType,
respPortAdminStatus
INTEGER,
respPortOperStatus
INTEGER,
respPortEnableFullDuplex
TruthValue,
respPortSpeed
TrellixPortSpeed, -- was TrellixFEType,
respPortPktDestination
INTEGER,
respPortMacAddress
MacAddress,
respCUGEPortSpeed
TrellixCUGEType,
respAdditionalInfo
DisplayString
}
respPortDescr OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing information about the interface.
Returns the string that is printed on the box."
::= { respPortEntry 1 }
respPortType OBJECT-TYPE
SYNTAX TrellixIDSPortType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of interface, distinguished according to the
physical/link protocol(s) immediately 'below' the network
layer in the protocol stack.
See TrellixIDSPortType.
"
::= { respPortEntry 2 }
respPortAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired state of the interface.
Default: Up"
::= { respPortEntry 3 }
respPortOperStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current operational state of the interface.
The testing(3) state indicates that no operational packets
can be passed."
::= { respPortEntry 4 }
-- Support for respPortEnableFullDuplex is deprecated in V-series sensors(VmIPS).
respPortEnableFullDuplex OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Sets response port to work as a full-duplex one.
otherwise as half-duplex.
If True, respPortFullDuplexPeer must be specified.
Default: False
"
::= { respPortEntry 5 }
-- Support for respPortSpeed is deprecated in V-series sensors(VmIPS).
respPortSpeed OBJECT-TYPE
SYNTAX TrellixPortSpeed
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"See TrellixPortSpeed
Default: fixed-hundred-Mbps (2)"
::= { respPortEntry 6 }
respPortPktDestination OBJECT-TYPE
SYNTAX INTEGER {
switch (1),
router (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used when response ports are chosen for
sending response packets. When router mode is chosen,
packets will be sent to router with destination MAC as
defined in intfRespMacAddress.
Default value is switch (1)."
::= { respPortEntry 7 }
respPortMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the macaddress of the router to which the response
packets have to be sent to."
::= { respPortEntry 8 }
-- Support for respCUGEPortSpeed is deprecated in V-series sensors(VmIPS).
respCUGEPortSpeed OBJECT-TYPE
SYNTAX TrellixCUGEType
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Only applicable to copper-gigabit-ethernet ports, to specify whether
10mbps or 100mbps or 1-gbps or auto-neg. See TrellixCUGEType
Default: auto-negotiate"
::= { respPortEntry 9 }
respAdditionalInfo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing additional information about the response interface.
This mib object will be available only on V-series sensors."
::= { respPortEntry 11 }
-- respPortPktDestination OBJECT-TYPE
--
-- Interface Response Table
--
intfRespTable OBJECT-TYPE
SYNTAX SEQUENCE OF IntfRespEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each interface port. The
table describes how responses have to be sent in monitoring
mode."
::= { responsePortGrp 2 }
intfRespEntry OBJECT-TYPE
SYNTAX IntfRespEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by slotIndex/intfPortIndex"
INDEX { slotIndex, intfPortIndex }
::= { intfRespTable 1 }
IntfRespEntry ::= SEQUENCE {
intfRespType
INTEGER,
intfRespPortNo
INTEGER
}
intfRespType OBJECT-TYPE
SYNTAX INTEGER {
responsePort (1),
inline (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to responsePort (2) causes responses
to be sent via the response port. The response port no that
needs to be used is specified with intfRespPortNo object.
Setting this object to inline (3) causes responses to be
sent inline. Note that in monitoring mode, responses can
only be sent inline when the monitoring port is in
half-duplex mode.
Default action will be responsePort (1)."
::= { intfRespEntry 1 }
intfRespPortNo OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the response port number that needs to be used
for this monitoring port. The response ports are configured
by respPortTable."
::= { intfRespEntry 2 }
--
-- DOS Configuration Group
--
dosConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 14 }
dosLearningModeAction OBJECT-TYPE
SYNTAX INTEGER {
forceDetection (1),
learning (2),
reloadProfile (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to switch the mode to DOS learning or
force detection mode .
The saved profile can be reloaded by setting the object to
reloadProfile(3).
When set to forceDetection (1), user must be warned as follows,
Warning: You are about to force the sensor into Detection Mode
before the required 48-hour learning period.
The traffic profile learned by the sensor may not be
adequate for DOS attack detection and prevention.
It is desirable to place the sensor in learning mode
while receiving normal traffic for at least 48 hours.
"
::= {dosConfigGrp 1 }
--
-- DOS Profile Table
--
-- This table will only support GET requests
--
dosProfileTable OBJECT-TYPE
SYNTAX SEQUENCE OF DosProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table defines profile data for each DOS VPT entry."
::= { dosConfigGrp 2 }
dosProfileEntry OBJECT-TYPE
SYNTAX DosProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by VIDS ID and Profile ID."
INDEX { dosProfileVidsId, dosProfileId }
::= { dosProfileTable 1 }
DosProfileEntry ::= SEQUENCE {
dosProfileVidsId
Unsigned32,
dosProfileId
Unsigned32,
dosProfileStatus
INTEGER,
dosProfileLearningTime
Unsigned32
}
dosProfileVidsId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The virtual admin domain identifier."
::= { dosProfileEntry 1 }
dosProfileId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The identifier of the profile."
::= { dosProfileEntry 2 }
dosProfileStatus OBJECT-TYPE
SYNTAX INTEGER {
learning(1),
detection(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the profile entry."
::= { dosProfileEntry 3 }
dosProfileLearningTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time (in hundredths of a second) since learning was started for the profile."
::= { dosProfileEntry 4 }
--
-- DOS Profile Bulk Table
--
dosProfileBulkTable OBJECT-TYPE
SYNTAX SEQUENCE OF DosProfileBulkEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table defines profile data for each DOS VPT entry. This table
is primarily used to get the GETNEXT and GETBULK."
::= { dosConfigGrp 3 }
dosProfileBulkEntry OBJECT-TYPE
SYNTAX DosProfileBulkEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by profile index."
INDEX { dosProfileBulkIndex }
::= { dosProfileBulkTable 1 }
DosProfileBulkEntry ::= SEQUENCE {
dosProfileBulkIndex
INTEGER,
dosProfileBulkVidsId
Unsigned32,
dosProfileBulkId
Unsigned32,
dosProfileBulkStatus
INTEGER,
dosProfileBulkLearningTime
Unsigned32
}
dosProfileBulkIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of the profile table."
::= { dosProfileBulkEntry 1 }
dosProfileBulkVidsId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The virtual admin domain identifier."
::= { dosProfileBulkEntry 2 }
dosProfileBulkId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The identifier of the profile."
::= { dosProfileBulkEntry 3 }
dosProfileBulkStatus OBJECT-TYPE
SYNTAX INTEGER {
learning(1),
detection(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the profile entry."
::= { dosProfileBulkEntry 4 }
dosProfileBulkLearningTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time (in hundredths of a second) since learning was started for the profile."
::= { dosProfileBulkEntry 5 }
--
-- DOS ShortTerm LongTerm Profile Table
-- This table will onl support GET requests
--
dosProfileShortAndLongTermTable OBJECT-TYPE
SYNTAX SEQUENCE OF DosProfileShortAndLongTermEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table defines short term and long term profile data per DOS measure per VPT. Each VPT is indexed by the global VIDSID, global NIId."
::= { dosConfigGrp 4 }
dosProfileShortAndLongTermEntry OBJECT-TYPE
SYNTAX DosProfileShortAndLongTermEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by global VIDSIndex, global NIIndex & measureId."
INDEX { dosProfileShortAndLongTermVIDSIndex, dosProfileShortAndLongTermNIIndex, dosProfileShortAndLongTermMeasureIndex }
::= { dosProfileShortAndLongTermTable 1 }
DosProfileShortAndLongTermEntry ::= SEQUENCE {
dosProfileShortAndLongTermVIDSIndex
Unsigned32,
dosProfileShortAndLongTermNIIndex
Unsigned32,
dosProfileShortAndLongTermMeasureIndex
INTEGER,
dosProfileShortAndLongTermBinCount
INTEGER,
dosProfileShortTermContent
OCTET STRING,
dosProfileLongTermContent
OCTET STRING
}
dosProfileShortAndLongTermVIDSIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The VIDS id index."
::= { dosProfileShortAndLongTermEntry 1 }
dosProfileShortAndLongTermNIIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The NI id index."
::= { dosProfileShortAndLongTermEntry 2 }
dosProfileShortAndLongTermMeasureIndex OBJECT-TYPE
SYNTAX INTEGER (1..10)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The measure id index."
::= { dosProfileShortAndLongTermEntry 3 }
dosProfileShortAndLongTermBinCount OBJECT-TYPE
SYNTAX INTEGER (1..32)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count indicates the number of short or long term values to be interpreted in their respective content objects. Max value is 32. If the value is set to 10, then only the first 80 bytes in each of the strings have valid data. Note: that 256 octet strings can accomodate a max of 32 values (3 octects each) "
::= { dosProfileShortAndLongTermEntry 4 }
dosProfileShortTermContent OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(256))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This specifies the short term profile data.
Default: All 256 octets filled with '0'."
::= { dosProfileShortAndLongTermEntry 5 }
dosProfileLongTermContent OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(256))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This specifies the long term profile data.
Default: All 256 octets filled with '0'."
::= { dosProfileShortAndLongTermEntry 6 }
enableDosPktLogging OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to turn on/off the logging od DOS packets. Default: disable (2)."
::= { dosConfigGrp 6 }
--
-- Timed Drop DOS Pkt Table
-- This table does not support GET NEXT requests
--
timedDosPktDropTable OBJECT-TYPE
SYNTAX SEQUENCE OF TimedDosPktDropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table defines action and duration to enable/disable/extend the duration for which DOS pkts are to be drpped. Also provides the absolute time remaining till when it the sensor will drop these packets. "
::= { dosConfigGrp 7 }
timedDosPktDropEntry OBJECT-TYPE
SYNTAX TimedDosPktDropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by VIDS ID NI ID and MeasureId."
INDEX { timedDosPktDropVidsIdIndex, timedDosPktDropNiIdIndex, timedDosPktDropMsrIdIndex }
::= { timedDosPktDropTable 1 }
TimedDosPktDropEntry ::= SEQUENCE {
timedDosPktDropVidsIdIndex
Unsigned32,
timedDosPktDropNiIdIndex
Unsigned32,
timedDosPktDropMsrIdIndex
INTEGER,
timedDosPktDropAction
INTEGER,
timedDosPktDropDuration
Unsigned32,
timedDosPktDropEndTime
Unsigned32
}
timedDosPktDropVidsIdIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Vids identifier."
::= { timedDosPktDropEntry 1 }
timedDosPktDropNiIdIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The NI identifier."
::= { timedDosPktDropEntry 2 }
timedDosPktDropMsrIdIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The MeasureId identifier."
::= { timedDosPktDropEntry 3 }
timedDosPktDropAction OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2),
extend(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The action tells the bulkTimedDosPktDropTable to add(enable the duration for), delete(disable), modify(extend the duration for) an entry."
::= { timedDosPktDropEntry 4 }
timedDosPktDropDuration OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The duration for which the DOS pkt drop has been enabled or extended."
::= { timedDosPktDropEntry 5 }
--
timedDosPktDropEndTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The absolute end time when the duration for intended action expires."
::= { timedDosPktDropEntry 6 }
--
-- Bulk Timed Drop DOS Pkt Table
--
bulkTimedDosPktDropTable OBJECT-TYPE
SYNTAX SEQUENCE OF BulkTimedDosPktDropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table lists entries indexed by the bulkTimedDosPktDropIndex, each returns the corresponding VidsId, NiId, MeasureId and the EndTime value."
::= { dosConfigGrp 8 }
bulkTimedDosPktDropEntry OBJECT-TYPE
SYNTAX BulkTimedDosPktDropEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by bulk index."
INDEX { bulkTimedDosPktDropIndex }
::= { bulkTimedDosPktDropTable 1 }
BulkTimedDosPktDropEntry ::= SEQUENCE {
bulkTimedDosPktDropIndex
INTEGER,
bulkTimedDosPktDropVidsId
Unsigned32,
bulkTimedDosPktDropNiId
Unsigned32,
bulkTimedDosPktDropMsrId
INTEGER,
bulkTimedDosPktDropEndTime
Unsigned32
}
bulkTimedDosPktDropIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The bulk index ."
::= { bulkTimedDosPktDropEntry 1 }
bulkTimedDosPktDropVidsId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Vids identifier."
::= { bulkTimedDosPktDropEntry 2 }
bulkTimedDosPktDropNiId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The NI identifier."
::= { bulkTimedDosPktDropEntry 3 }
bulkTimedDosPktDropMsrId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The MeasureId identifier."
::= { bulkTimedDosPktDropEntry 4 }
bulkTimedDosPktDropEndTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The absolute end time when the duration for intended action expires."
::= { bulkTimedDosPktDropEntry 5 }
internalVLANId OBJECT-TYPE
SYNTAX INTEGER (0..4095)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object identifies the VLAN ID to be used by the sensor to tag
any untagged pkts on Rx, and untag them on Tx. It must not match any
other VLAN ID assigned for the customer network. Default: 4095
"
::= { dosConfigGrp 9 }
--This group contians MIB objects for configuration of packet logging.
--The <pktLogServerIPAddress> identifies the IP address of the server
--receiving packets that the Sensor logs when detecting attacks.
--The <pktLogServerPort> identifies the TCP port on this server
--that receives the logged packets.
pktLogGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 15 }
pktLogServerIPAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP Address"
::= { pktLogGrp 1 }
pktLogServerPort OBJECT-TYPE
SYNTAX Integer32 (1..10000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TCP Port on which the pkt log server can receive packet
logs from the IntruShield IDS."
::= { pktLogGrp 2 }
pktLogMaxPacketsPerFlow OBJECT-TYPE
SYNTAX Integer32 (0..64000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Number of packets per flow which need to be logged,
0 means log entire flow.
Default: 1000"
::= { pktLogGrp 3 }
pktLogEncryptionEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable encryption of packet log channel.
RC4 will be used for encryption.
Default: enable (1)"
::= { pktLogGrp 4 }
pktLogServerIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPv6 Address of the ISM to which the logs need to be delivered.
ISM should set either the Ipv4 or the Ipv6 address."
::= { pktLogGrp 5 }
--This group contians MIB objects for configuration of alert throttling.
pktAlertThrottleGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 16 }
pktAlertThrottleGlobalThreshold OBJECT-TYPE
SYNTAX INTEGER (1..32)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Once this threshold is exceeded, sensor will only send one
summary alert for all addresses (srcip's and destip's) that
match the attackid/vidsid.
Default: 10"
::= { pktAlertThrottleGrp 1 }
pktAlertThrottleInterval OBJECT-TYPE
SYNTAX INTEGER (1..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If the number of alerts exceeds the amount configured
in pktAlertThrottleThreshold or
pktAlertThrottleGlobalThreshold in pktAlertThrottleInterval
seconds, alerts will be throttled.
Units are in seconds.
Default: 120 seconds"
::= { pktAlertThrottleGrp 2 }
pktAlertThrottleAction OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable and disable alert
throttling.
Default: enable(1)"
::= { pktAlertThrottleGrp 3 }
pktAlertThrottleThreshold OBJECT-TYPE
SYNTAX INTEGER (1..25)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the number of alerts that
need to be sent before sensor starts to throttle the alerts.
For example if this value is 10, it will send the first 10
alerts with the following key: attackid/vidsid/srcip/destip.
This parameters will use the pktAlertThrottleInterval as the
interval.
Default: 5"
::= { pktAlertThrottleGrp 4 }
pktAlertCorrelationTime OBJECT-TYPE
SYNTAX INTEGER (1..20)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the time that the sensor will
correlate multiple signatures for a single attack and only send
the signature with the lowest benign trigger probability.
Default: 5 secs"
::= { pktAlertThrottleGrp 5 }
sslConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 17 }
sslSessionCacheLifetime OBJECT-TYPE
SYNTAX INTEGER (0..4294967296)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Duration in minutes for which the SSL Session is kept alive, inspite of no
SSL data transfer between the client/server .
Default: 5"
::= { sslConfigGrp 1 }
sslSupportAction OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable support for specific ssl flow count (non 0)
and disable SSL (0) on sensor. Sensor reboot is typically required to activate
support of requested flow count.
EMS must check for max requested ssl flows based on product type:
I4000: 100K, I2600: 25K , I1200: not supported.
Default: not supported (0)"
::= { sslConfigGrp 2 }
sslSupportStatus OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object can be used to get SSL support status on sensor. It will show 0 if disabled, or a non 0 value indicating the ssl flow count currently supported. User must reboot sensor to ensure that requested flow count is actually supported by sensor.
EMS must check for max supported ssl flows based on product type:
I4000: 100K, I2600: 25K , I1200: not supported.
Default: not supported (0)"
::= { sslConfigGrp 3 }
sslSessionRemoveCerts OBJECT-TYPE
SYNTAX INTEGER {
reset (0)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Delete all ssl certs, thereby terminating decryption of related ssl traffic, but leave ssl support enabled within sensor."
::= { sslConfigGrp 4 }
sslPktLoggingEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies if sensor should log decrypted SSL packets or not.
Default: 2, disabled"
::= { sslConfigGrp 5 }
sslModesofOperation OBJECT-TYPE
SYNTAX INTEGER{
disable (0),
inbound-known-key-only(1),
outbound-proxy-only (2),
inbound-proxy-only (3),
inbound-and-outbound-proxy (4),
inbound-known-key-and-outbound-proxy (5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Determines the SSL decryption direction and method.
disable(0) - No SSL decryption performed for traffic.
inbound known key only(1) - Only Inbound SSL decryption using RSA key exchange.
outbound proxy only(2) - Only Outbound SSL using MITM proxy
inbound proxy only(3) - Only Inbound SSL using MITM Proxy
inbound and outbound proxy(4) - Inbound and Outbound proxy using MITM Proxy
inbound known key and outbound proxy(5) - Inbound using RSA key exchange and Outbound using MITM Proxy
Default: disable (0)"
::= { sslConfigGrp 6 }
sslSessionCacheLifetimeOutbound OBJECT-TYPE
SYNTAX INTEGER (0..4294967296)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Duration in minutes for which the SSL Session is kept alive, inspite of no
SSL data transfer between the client/server. This setting will be applied for
SSL traffic in Outbound direction.
This is not applicable on I-series and M-series
Default: 5"
::= { sslConfigGrp 7 }
sslPktLoggingOutboundEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies if sensor should log decrypted SSL packets or not on the Outbound direction.
This is not applicable on I-series and M-series
Default: 2, disabled"
::= { sslConfigGrp 8 }
sslProxyOutboundUnknownServerCertificate OBJECT-TYPE
SYNTAX INTEGER {
ignore (1),
block (2),
decrypt (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object will be used to configure the action that the sensor will need to
take when the sensor is unable to verify the validaity of the certificate.
This is not applicable on I-series and M-series
Default: decrypt(3)"
::= { sslConfigGrp 9 }
sslProxyOutboundUntrustedServerCertficate OBJECT-TYPE
SYNTAX INTEGER {
ignore (1),
block (2),
decrypt (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object will be used to configure the action that the sensor will need to take
when the sensor receives an untrusted certificate from the external server. This could
be either due to certificate not being trusted by any root CA, expired, revoked etc.
This is not applicable on I-series and M-series
Default: decrypt (3)"
::= { sslConfigGrp 10 }
sslProxyOutboundUnsupportedCipherSuite OBJECT-TYPE
SYNTAX INTEGER {
ignore (1),
block (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object will be used to configure the action that the sensor will need to take when an
internal client sends a list of ciphers and the sensor does not support any of the cipher suite
This is not applicable on I-series and M-series
Default: ignore (1)"
::= { sslConfigGrp 11 }
sslProxyInboundUnsupportedCipherSuite OBJECT-TYPE
SYNTAX INTEGER {
ignore (1),
block (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This is reserved for future used. This object is not currently implemented.
This object will be used to configure the action that the sensor will need to take when an
external client sends a list of ciphers and the sensor does not support any of the cipher suite
This is not applicable on I-series and M-series
Default: ignore (1)"
::= { sslConfigGrp 12 }
sslProxyOutboundUnsupportedServerCertificate OBJECT-TYPE
SYNTAX INTEGER {
ignore (1),
block (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object will be used to configure the action that the sensor will need to take
when the sensor encounters an unsupported server certificate in an outbound direction.
This is not applicable on I-series and M-series
Default: ignore (1)"
::= { sslConfigGrp 13 }
sslProxyInboundUnsupportedServerCertificate OBJECT-TYPE
SYNTAX INTEGER {
ignore (1),
block (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This is reserved for future used. This object is not currently implemented.
This object will be used to configure the action that the sensor will need to take
when the sensor encounters an unsupported server certificate in an inbound direction.
This is not applicable on I-series and M-series
Default: ignore (1)"
::= { sslConfigGrp 14 }
maxSslFlowSupportedInSslDisableMode OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the max number of SSL flows supported when SSL is disabled on the sensor."
::= { sslConfigGrp 15 }
maxFlowSupportedInSslDisableMode OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the max number of flows supported by sensor when SSL is disabled on the sensor."
::= { sslConfigGrp 16 }
maxSslFlowSupportedInSslInboundLegacyMode OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the max number of SSL flows supported when SSL is enabled in inbound legacy mode."
::= { sslConfigGrp 17 }
maxFlowSupportedInSslInboundLegacyMode OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the max number of flows supported by sensor when SSL is enabled in inbound legacy mode"
::= { sslConfigGrp 18 }
maxSslFlowSupportedInSslOutboundMode OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the max number of SSL flows supported when SSL is enabled in outbound mode."
::= { sslConfigGrp 19 }
maxFlowSupportedInSslOutboundMode OBJECT-TYPE
SYNTAX INTEGER (0..100000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the max number of flows supported by sensor when SSL is enabled in outbound mode"
::= { sslConfigGrp 20 }
sslModesofOperationStatus OBJECT-TYPE
SYNTAX INTEGER{
disable (0),
inbound-known-key-only(1),
outbound-proxy-only (2),
inbound-proxy-only (3),
inbound-and-outbound-proxy (4),
inbound-known-key-and-outbound-proxy (5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides current SSL decryption method used in Sensor for inbound traffic.
disable(0) - No SSL decryption performed for traffic.
inbound known key only(1) - Only Inbound SSL decryption using RSA key exchange.
outbound proxy only(2) - Only Outbound SSL using MITM proxy
inbound proxy only(3) - Only Inbound SSL using MITM Proxy
inbound and outbound proxy(4) - Inbound and Outbound proxy using MITM Proxy
inbound known key and outbound proxy(5) - Inbound using RSA key exchange and Outbound using MITM Proxy
Default: disable (0)"
::= { sslConfigGrp 21 }
sslProxyOutboundUnknownURLCategory OBJECT-TYPE
SYNTAX INTEGER {
ignore (1),
decrypt (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object will be used to configure the action that the sensor will need to take
when the sensor identifies an unknown url category in the ssl packet. This configuration
is only supported in case of outbound ssl.
This is not applicable on I-series and M-series
Default: ignore (1)"
::= { sslConfigGrp 22 }
sslShKeyDecryptEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies if sensor should decrypt using shared keys from SSL probes.
Default: 2, disabled"
::= { sslConfigGrp 23 }
---
---
---
l2ConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 18 }
l2ModeEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This specifies if sensor is configured to detect failure and go into L2 mode on exceeding cfg threshold within cfg duration.
Default: 2, disabled"
::= { l2ConfigGrp 1 }
l2ModeStatus OBJECT-TYPE
SYNTAX INTEGER {
layer2Mode(1),
ipsMode(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object identifies the mode the sensor is currently in."
::= { l2ConfigGrp 2 }
l2ModeCfgDuration OBJECT-TYPE
SYNTAX INTEGER (1..60)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the time duration input criteria for enabling the sensor in layer2 mode.
Default: 10 mins"
::= { l2ConfigGrp 3 }
l2ModeCfgThreshold OBJECT-TYPE
SYNTAX INTEGER (1..10)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the event frequency input criteria for enabling the sensor in layer2 mode.
Default: 1"
::= { l2ConfigGrp 4 }
l2ModeOccCount OBJECT-TYPE
SYNTAX INTEGER (0..10)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object identifies the frequency of event occurence when ensor was last enabled in layer2 mode.
"
::= { l2ConfigGrp 5 }
l2ModeReason OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..127))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains reason for sensor to enter into Layer-2 mode."
::= { l2ConfigGrp 6 }
-- acl Logging support on the Sensor
aclLogAlertGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 19 }
aclAlertLogging OBJECT-TYPE
SYNTAX INTEGER {
g-enable-dropped (1),
g-enable-allowed (2),
g-enable-all (3),
enable-per-acl (4),
disable (5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies various ways to enable ACL Alert logging or disable it altogether.
This is applicable on a sensor wide basis for all ports in inline mode.
Default: disable (5)"
::= { aclLogAlertGrp 1 }
aclAlertThrottleMaxIpPair OBJECT-TYPE
SYNTAX INTEGER (1..32)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Once this threshold is exceeded, sensor will only send one
summary acl alert for all addresses (srcip's and destip's) that
match the aclid/vidsid.
Default: 10"
::= { aclLogAlertGrp 2 }
aclAlertThrottleInterval OBJECT-TYPE
SYNTAX INTEGER (1..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If the number of acl alerts exceeds the amount configured
in aclAlertThrottleThreshold in aclAlertThrottleInterval
seconds, alerts will be throttled.
Units are in seconds.
Default: 120 seconds"
::= { aclLogAlertGrp 3 }
aclAlertThrottleAction OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable and disable acl alert
throttling.
Default: enable(1)"
::= { aclLogAlertGrp 4 }
aclAlertThrottleThreshold OBJECT-TYPE
SYNTAX INTEGER (1..25)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the number of alerts that
need to be sent before sensor starts to throttle the alerts.
For example if this value is 10, it will send the first 10
alerts with the following key: aclid/vidsid/srcip/destip.
This parameters will use the aclAlertThrottleInterval as the
interval.
Default: 5"
::= { aclLogAlertGrp 5 }
aclAlertDirectToSyslog OBJECT-TYPE
SYNTAX INTEGER {
sendViaNSM (1),
sendDirect (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable sending acl logs directly to syslog viewer instead of sending it via NSM.
Default: sendViaNSM (1)"
::= { aclLogAlertGrp 6 }
--User authentication using TACACS+
tacacsPlusAuthGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 20 }
enableTacacsPlusAuth OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable or disable user authentication & accounting using TACACS+.
Default: disable (2)"
::= { tacacsPlusAuthGrp 1}
enableTacacsPlusTrafficEncr OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable or disable encryption of TACACS+ traffic.
Default: disable (2)"
::= { tacacsPlusAuthGrp 2}
tacacsPlusEncrSecret OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the secret to be used in generating the encrypted TACACS+ traffic"
::= { tacacsPlusAuthGrp 3}
tacacsPlusServerIPTable OBJECT-TYPE
SYNTAX SEQUENCE OF TacacsPlusServerIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains entries that specifiy the IP addresses of the TACACS+ servers"
::= { tacacsPlusAuthGrp 4}
tacacsPlusServerIPEntry OBJECT-TYPE
SYNTAX TacacsPlusServerIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table entry specifies the IP address of the TACACS+ server"
INDEX { tacIndex }
::= { tacacsPlusServerIPTable 1 }
TacacsPlusServerIPEntry ::= SEQUENCE {
tacIndex
INTEGER,
tacacsPlusServerIPAddr
IpAddress
}
tacIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Fixed index for the four TACACS+ Server entries. Valid values are [1,2,3,4] only."
::= { tacacsPlusServerIPEntry 1 }
tacacsPlusServerIPAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the IP Address of the TACACS+ server"
::= { tacacsPlusServerIPEntry 2 }
enableTacacsPlusAuthorization OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"To enable TACACS Plus authorization"
::= { tacacsPlusAuthGrp 5 }
-- ipV6 support on sensor
ipV6ConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 21 }
ipV6TrafficHandling OBJECT-TYPE
SYNTAX INTEGER {
dont-parse-block-inline (1),
dont-parse-allow-inline (2),
parse-and-detect-attacks (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to specify how the IPv6 traffic is handled on all ports of a sensor.
dont-parse-block-inline - Traffic will not be subjected to IPS/IDS. On Inline ports, traffic will be blocked.
dont-parse-allow-inline - Traffic will not be subjected to IPS/IDS. On Inline ports , traffic wll be allowed to go through the sensor.
parse-and-detect-attacks - Parse and detect attacks in IPv6 traffic and pass the traffic on inline ports
Default: dont-parse-allow-inline(2)"
::= { ipV6ConfigGrp 2}
-- Host Quarantine Config Group
--
hostQGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 22 }
--
-- Host Quarantine Config Table
--
-- This group conatins all MIB objects that specify the configuration for
-- reconfiguring the hostQ.
--
hostQConfigGrp OBJECT IDENTIFIER ::= { hostQGrp 1 }
hostQFilterTimeOut OBJECT-TYPE
SYNTAX INTEGER (5..60)
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"The number of minutes for which this entry should be in
affect.
Default: 5 minutes"
::= { hostQConfigGrp 1 }
hostQDeleteAllFilters OBJECT-TYPE
SYNTAX INTEGER {
not-applicable(0),
true(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If set to not-applicable(0), applied filters are not
deleted. If set to true (1) all filters are deleted.
Default: not-applicable (0)"
::= { hostQConfigGrp 2 }
--
-- Host Quarantine Bulk IPV4 Filter table
--
-- This group defines filter entries that have been applied on the sensor in
-- Inline mode. This table only supports GET-NEXT operations. All entries are
-- read-only. The table will have a maximum of 1000 entries.
--
hostQBulkFilterV4Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostQBulkFilterV4Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for filters that are applied on the \
sensor in Inline mode. This table supports only GET-NEXT operations"
::= { hostQGrp 2 }
hostQBulkFilterV4Entry OBJECT-TYPE
SYNTAX HostQBulkFilterV4Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by sequence number."
INDEX { hostQBulkFilterIndexV4 }
::= { hostQBulkFilterV4Table 1 }
HostQBulkFilterV4Entry ::= SEQUENCE {
hostQBulkFilterIndexV4
INTEGER,
hostQBulkFilterSrcIPAddrV4
IpAddress,
hostQBulkFilterVidsIdV4
INTEGER,
hostQBulkFilterAttackIdV4
INTEGER,
hostQBulkFilterEndTimeV4
Unsigned32,
hostQBulkFilterQRStatusV4
INTEGER,
hostQBulkFilterMPEReplyMsgV4
INTEGER,
hostQBulkFilterMonPortIdV4
TrellixPortLinearIndex,
hostQBulkFilterEZIdV4
INTEGER
}
hostQBulkFilterIndexV4 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Index which uniquely identifies the V4 filter rule"
::= { hostQBulkFilterV4Entry 1 }
hostQBulkFilterSrcIPAddrV4 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Source IPV4 Address."
::= { hostQBulkFilterV4Entry 2 }
hostQBulkFilterVidsIdV4 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the vids id for which this filter
was applied."
::= { hostQBulkFilterV4Entry 3 }
hostQBulkFilterAttackIdV4 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the attack id for which this filter
was applied."
::= { hostQBulkFilterV4Entry 4 }
hostQBulkFilterEndTimeV4 OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the filter expiry time in UTC format "
::= { hostQBulkFilterV4Entry 5 }
hostQBulkFilterQRStatusV4 OBJECT-TYPE
SYNTAX INTEGER {
hostQuarantined-local(1),
hostUnderRemediation-local(2),
hostQuarantined-mpe(4),
hostQuarantined-both(5),
hostUnderRemediation-local-hostQuarantined-mpe(6),
hostUnderRemediation-mpe(8),
hostQuarantined-local-hostUnderRemediation-mpe(9),
hostUnderRemediation-both(10)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the host quarantine and remediation action status."
::= { hostQBulkFilterV4Entry 6 }
hostQBulkFilterMPEReplyMsgV4 OBJECT-TYPE
SYNTAX INTEGER
{
notApplicable(0),
managedHost(1),
unmanagedHost(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the message returned by the MPE server."
::= { hostQBulkFilterV4Entry 7 }
hostQBulkFilterMonPortIdV4 OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the monitoring linear port index on which the attack was detected for
the quarantined host."
::= { hostQBulkFilterV4Entry 8 }
hostQBulkFilterEZIdV4 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the applied NAZ Id for the quarantined host."
::= { hostQBulkFilterV4Entry 9 }
--
-- Host Quarantine Bulk IPV6 Filter table
--
-- This group defines filter entries that have been applied on the sensor in
-- Inline mode. This table only supports GET-NEXT operations. All entries are
-- read-only. The table will have a maximum of 1000 entries.
--
hostQBulkFilterV6Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostQBulkFilterV6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for IPv6 filters that are applied on the
sensor in Inline mode."
::= { hostQGrp 3 }
hostQBulkFilterV6Entry OBJECT-TYPE
SYNTAX HostQBulkFilterV6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by sequence number."
INDEX { hostQBulkFilterIndexV6 }
::= { hostQBulkFilterV6Table 1 }
HostQBulkFilterV6Entry ::= SEQUENCE {
hostQBulkFilterIndexV6
INTEGER,
hostQBulkFilterSrcIPAddrV6
Ipv6Address,
hostQBulkFilterVidsIdV6
INTEGER,
hostQBulkFilterAttackIdV6
INTEGER,
hostQBulkFilterEndTimeV6
Unsigned32,
hostQBulkFilterQRStatusV6
INTEGER,
hostQBulkFilterMPEReplyMsgV6
INTEGER,
hostQBulkFilterMonPortIdV6
TrellixPortLinearIndex
}
hostQBulkFilterIndexV6 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Index which uniquely identifies the IPv6 filter rule."
::= { hostQBulkFilterV6Entry 1 }
hostQBulkFilterSrcIPAddrV6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Source IPV6 Address."
::= { hostQBulkFilterV6Entry 2 }
hostQBulkFilterVidsIdV6 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the vids id for which this filter
was applied."
::= { hostQBulkFilterV6Entry 3 }
hostQBulkFilterAttackIdV6 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the attack id for which this filter
was applied."
::= { hostQBulkFilterV6Entry 4 }
hostQBulkFilterEndTimeV6 OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the filter expiry time in UTC format."
::= { hostQBulkFilterV6Entry 5 }
hostQBulkFilterQRStatusV6 OBJECT-TYPE
SYNTAX INTEGER {
hostQuarantined-local(1),
hostUnderRemediation-local(2),
hostQuarantined-mpe(4),
hostQuarantined-both(5),
hostUnderRemediation-local-hostQuarantined-mpe(6),
hostUnderRemediation-mpe(8),
hostQuarantined-local-hostUnderRemediation-mpe(9),
hostUnderRemediation-both(10)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the host quarantine and remediation action status."
::= { hostQBulkFilterV6Entry 6 }
hostQBulkFilterMPEReplyMsgV6 OBJECT-TYPE
SYNTAX INTEGER
{
notApplicable(0),
managedHost(1),
unmanagedHost(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the message returned by the MPE server."
::= { hostQBulkFilterV6Entry 7 }
hostQBulkFilterMonPortIdV6 OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects returns the monitoring linear port index on which the attack was detected for
the quarantined Ipv6 host."
::= { hostQBulkFilterV6Entry 8 }
--
-- Host Quarantine Never Deny V4 Table
--
hostQNeverDenyV4Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostQNeverDenyV4Entry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"Table defines ipaddresses from which traffic is never
blocked. Typically user will add all the critical network
elements like routers, servers, etc."
::= { hostQGrp 4 }
hostQNeverDenyV4Entry OBJECT-TYPE
SYNTAX HostQNeverDenyV4Entry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"Indexed by hostQNeverDenyIpAddress. Supports up to 100 entries."
INDEX {hostQNeverDenyIpAddressV4 }
::= { hostQNeverDenyV4Table 1 }
HostQNeverDenyV4Entry ::= SEQUENCE {
hostQNeverDenyIpAddressV4
IpAddress,
hostQNeverDenyActionV4
RowStatus
}
hostQNeverDenyIpAddressV4 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"The ipV4 address from which traffic will never be blocked."
::= { hostQNeverDenyV4Entry 1 }
hostQNeverDenyActionV4 OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS obsolete
DESCRIPTION
"This object is to user to add and delete rows in to the
table."
::= { hostQNeverDenyV4Entry 2 }
--
-- Host Quarantine Never Deny V6 Table
--
hostQNeverDenyV6Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostQNeverDenyV6Entry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"Table defines ipaddresses from which traffic is never
blocked. Typically user will add all the critical network
elements like routers, servers, etc."
::= { hostQGrp 5 }
hostQNeverDenyV6Entry OBJECT-TYPE
SYNTAX HostQNeverDenyV6Entry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"Indexed by hostQNeverDenyIpAddress. Supports up to 100 entries."
INDEX {hostQNeverDenyIpAddressV6 }
::= { hostQNeverDenyV6Table 1 }
HostQNeverDenyV6Entry ::= SEQUENCE {
hostQNeverDenyIpAddressV6
Ipv6Address,
hostQNeverDenyActionV6
RowStatus
}
hostQNeverDenyIpAddressV6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"The ipV6 address from which traffic will never be blocked."
::= { hostQNeverDenyV6Entry 1 }
hostQNeverDenyActionV6 OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS obsolete
DESCRIPTION
"This object is to user to add and delete rows in to the
table."
::= { hostQNeverDenyV6Entry 2 }
--
-- Host Quarantine User Define V4 Filter Table (does not support GET-NEXT operations)
--
hostQUserDefFilterV4Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostQUserDefFilterV4Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table is used to add/delete/extend IPv4 filters on the sensor"
::= { hostQGrp 6 }
hostQUserDefFilterV4Entry OBJECT-TYPE
SYNTAX HostQUserDefFilterV4Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
""
INDEX { hostQUserDefFilterSrcIpV4, hostQUserDefFilterVidsIdV4, hostQUserDefFilterAttackIdV4 }
::= { hostQUserDefFilterV4Table 1 }
HostQUserDefFilterV4Entry ::= SEQUENCE {
hostQUserDefFilterSrcIpV4
IpAddress,
hostQUserDefFilterVidsIdV4
INTEGER,
hostQUserDefFilterAttackIdV4
INTEGER,
hostQUserDefFilterDurationV4
Unsigned32,
hostQUserDefFilterActionV4
INTEGER,
hostQUserDefFilterRemediationV4
TruthValue
}
hostQUserDefFilterSrcIpV4 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Source IPV4 address."
::= { hostQUserDefFilterV4Entry 1 }
hostQUserDefFilterVidsIdV4 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Vids ID."
::= { hostQUserDefFilterV4Entry 2 }
hostQUserDefFilterAttackIdV4 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Attack ID."
::= { hostQUserDefFilterV4Entry 3 }
hostQUserDefFilterDurationV4 OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Filter duration"
::= { hostQUserDefFilterV4Entry 4 }
hostQUserDefFilterActionV4 OBJECT-TYPE
SYNTAX INTEGER {
not-applicable (0),
add (1),
delete (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to add(1) will add the entry."
::= { hostQUserDefFilterV4Entry 5 }
hostQUserDefFilterRemediationV4 OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to TRUE, will enable host rememdiation for the user defined quarantine rule.
Default : FALSE"
::= { hostQUserDefFilterV4Entry 6 }
--
-- Host Quarantine User Define V6 Filter Table
--
hostQUserDefFilterV6Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostQUserDefFilterV6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table is used to add/delete/extend IPv6 filters on the sensor"
::= { hostQGrp 7 }
hostQUserDefFilterV6Entry OBJECT-TYPE
SYNTAX HostQUserDefFilterV6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
""
INDEX {hostQUserDefFilterSrcIpV6, hostQUserDefFilterVidsIdV6, hostQUserDefFilterAttackIdV6 }
::= { hostQUserDefFilterV6Table 1 }
HostQUserDefFilterV6Entry ::= SEQUENCE {
hostQUserDefFilterSrcIpV6
Ipv6Address,
hostQUserDefFilterVidsIdV6
INTEGER,
hostQUserDefFilterAttackIdV6
INTEGER,
hostQUserDefFilterDurationV6
Unsigned32,
hostQUserDefFilterActionV6
INTEGER
}
hostQUserDefFilterSrcIpV6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Source IPV6 address."
::= { hostQUserDefFilterV6Entry 1 }
hostQUserDefFilterVidsIdV6 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Vids ID."
::= { hostQUserDefFilterV6Entry 2 }
hostQUserDefFilterAttackIdV6 OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Attack ID."
::= { hostQUserDefFilterV6Entry 3 }
hostQUserDefFilterDurationV6 OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Filter duration"
::= { hostQUserDefFilterV6Entry 4 }
hostQUserDefFilterActionV6 OBJECT-TYPE
SYNTAX INTEGER {
not-applicable (0),
add (1),
delete(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to add(1) will add the entry."
::= { hostQUserDefFilterV6Entry 5 }
--
-- nmsGrp
--
nmsGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 23 }
nmsUserGrp OBJECT IDENTIFIER ::= { nmsGrp 1 }
nmsUserTable OBJECT-TYPE
SYNTAX SEQUENCE OF NMSUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"
"
::= { nmsUserGrp 1 }
nmsUserEntry OBJECT-TYPE
SYNTAX NMSUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <nmsUserIndex>.
Additonaly it contains the
"
INDEX { nmsUserName }
::= { nmsUserTable 1 }
NMSUserEntry ::= SEQUENCE {
nmsUserName
DisplayString,
nmsAuthKey
DisplayString,
nmsEncrKey
DisplayString,
nmsUserChangeAction
RowStatus
}
nmsUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(8..31))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"UserName nms (in this entry)."
::= { nmsUserEntry 1 }
nmsAuthKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(8..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"NMS Auth Key"
::= { nmsUserEntry 2 }
nmsEncrKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(8..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"NMS Encryption Key."
::= { nmsUserEntry 3 }
nmsUserChangeAction OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object used for user to add and delete rows in to the table"
::= { nmsUserEntry 4 }
nmsDeleteAllUsers OBJECT-TYPE
SYNTAX INTEGER {
true(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This action object deletes all user entries in the nmsUserTable."
::= { nmsUserGrp 2 }
nmsCommitUserEntryChanges OBJECT-TYPE
SYNTAX INTEGER {
true(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This action object commits all the changes made to the user entries in the nmsUserTable."
::= { nmsUserGrp 3 }
nmsIpGrp OBJECT IDENTIFIER ::= { nmsGrp 2 }
nmsIpTable OBJECT-TYPE
SYNTAX SEQUENCE OF NMSIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"
"
::= { nmsIpGrp 1 }
nmsIpEntry OBJECT-TYPE
SYNTAX NMSIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <nmsIpIndex>.
Additonaly it contains the
"
INDEX { nmsIpAddress }
::= { nmsIpTable 1 }
NMSIpEntry ::= SEQUENCE {
nmsIpAddress
IpAddress,
nmsIpChangeAction
RowStatus
}
nmsIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"UserName nms (in this entry)."
::= { nmsIpEntry 1 }
nmsIpChangeAction OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object used for user to add and delete rows in to the table."
::= { nmsIpEntry 2 }
nmsIpv6Table OBJECT-TYPE
SYNTAX SEQUENCE OF NMSIpv6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"
"
::= { nmsIpGrp 2 }
nmsIpv6Entry OBJECT-TYPE
SYNTAX NMSIpv6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <nmsIpv6Index>.
"
INDEX { nmsIpv6Address }
::= { nmsIpv6Table 1 }
NMSIpv6Entry ::= SEQUENCE {
nmsIpv6Address
Ipv6Address,
nmsIpv6ChangeAction
RowStatus
}
nmsIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"IPv6 address of the system having SNMP access to the sensor"
::= { nmsIpv6Entry 1 }
nmsIpv6ChangeAction OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object used for user to add and delete rows in to the table."
::= { nmsIpv6Entry 2 }
--
-- mpeGrp
--
mpeGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 24 }
mpeConfigGrp OBJECT IDENTIFIER ::= { mpeGrp 1 }
mpeQRScope OBJECT-TYPE
SYNTAX INTEGER {
unmanaged-hosts(1),
all-hosts(2)
}
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"This object describes about the MPE Quarantine and Remediation scope.
The value 'unmanaged-hosts', indicates that the MPE interface port based
quarantine and remediation action is applicable only to the MPE server's
unmanaged host and the value 'all-hosts' indicate that the MPE interface
port based qarantine and remediation action is applicable to all the hosts,
independent of MPE server.
Default: unmanaged-hosts(1)
"
::= { mpeConfigGrp 1 }
mpeThrottleTimeout OBJECT-TYPE
SYNTAX INTEGER (5..300)
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
" This depicts the MPE throttling timeout in seconds.
Default: 120"
::= { mpeConfigGrp 2 }
mpeInstallConfigGrp OBJECT IDENTIFIER ::= { mpeConfigGrp 3 }
mpeIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The ipaddress of the MPE server"
::= { mpeInstallConfigGrp 1 }
mpeAnonymousPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The Anonymous SSL port on MPE server
Default: 8443"
::= { mpeInstallConfigGrp 2 }
mpeTrustedSSLPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The Trusted SSL port on MPE server
Default: 8444"
::= { mpeInstallConfigGrp 3 }
mpeePOCred OBJECT-TYPE
SYNTAX DisplayString (SIZE(3..100))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"ePO credentials in the form of username:password"
::= { mpeInstallConfigGrp 4 }
mpeAnonymousURI OBJECT-TYPE
SYNTAX DisplayString (SIZE(10..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"URI of the MPE server which listens on Anonymous SSL port"
::= { mpeInstallConfigGrp 5 }
mpeTrustedURI OBJECT-TYPE
SYNTAX DisplayString (SIZE(10..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"URI of the MPE server which listens on Trusted SSL port"
::= { mpeInstallConfigGrp 6 }
mpeInstallConfigAction OBJECT-TYPE
SYNTAX INTEGER {
install(1),
deinstall(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object describes about the possible MPE Install configuration actions."
::= { mpeInstallConfigGrp 7 }
mpeInstallConfigStatus OBJECT-TYPE
SYNTAX INTEGER {
installInProgress (1),
installed (2),
deinstallInProgress (3),
deinstalled (4),
certReqFailure(5),
sSLError(6),
httpRespError(7),
mpeURIError(8),
ePOCredError(9),
mpeServerError(10),
mpeTimeoutError(11)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This describes the possible MPE install configuration states.
Default : deinstalled (4)"
::= { mpeInstallConfigGrp 8 }
mpeRootCertStatus OBJECT-TYPE
SYNTAX INTEGER {
not-found(0),
found(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" This object informs whether the MPE Root Certificate file is present on the sensor."
::= { mpeConfigGrp 4 }
mpeDeleteRootCert OBJECT-TYPE
SYNTAX INTEGER {
delete(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to remove the MPE Root Certificate from the sensor. Deletion of the
MPE root certificate succeeds only when the MPE is not yet installed."
::= { mpeConfigGrp 5 }
mnacHealthLevelListenPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure/retrieve the trusted health level message listen port
on the sensor, on which MNAC communication happens asynchronously.
Default: 8445"
::= { mpeConfigGrp 6 }
mnacConnectivityFailureTimeout OBJECT-TYPE
SYNTAX INTEGER (30..120)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure/retrieve the MNAC connectivity failure in seconds.
Default: 32"
::= { mpeConfigGrp 7 }
mnacAgentGUIDPort OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure/retrieve the agent GUID request listen port on the
MNAC Agent, to which the intrushield sensor would send the agent GUID request.
Default: 8444"
::= { mpeConfigGrp 8 }
mpeExcludedMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF MPEExcludedMacEntry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"
"
::= { mpeGrp 2 }
mpeExcludedMacEntry OBJECT-TYPE
SYNTAX MPEExcludedMacEntry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"Each entry specified is indexed by MAC Adress.
"
INDEX { mpeMacAddress }
::= { mpeExcludedMacTable 1 }
MPEExcludedMacEntry ::= SEQUENCE {
mpeMacAddress
MacAddress,
mpeMacChangeAction
RowStatus
}
mpeMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"Mac address to be excluded from Mpe processing (Floater Mac)"
::= { mpeExcludedMacEntry 1 }
mpeMacChangeAction OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS obsolete
DESCRIPTION
"This object used for user to add and delete rows in to the table."
::= { mpeExcludedMacEntry 2 }
--
-- remediationGrp
--
remediationGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 25 }
remediationConfigGrp OBJECT IDENTIFIER ::= { remediationGrp 1 }
remediationTimeout OBJECT-TYPE
SYNTAX INTEGER (15..60)
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"Time in minutes for which the hosts needs to be quarantined so that it can be remediated.
Default: 30"
::= { remediationConfigGrp 2 }
-- ez (enforcement zone) Logging support on the Sensor
ezLogAlertGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 26 }
ezAlertLogging OBJECT-TYPE
SYNTAX INTEGER {
g-enable-dropped (1),
g-enable-allowed (2),
g-enable-all (3),
enable-per-acl (4),
disable (5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies various ways to enable EZ(enforcement zone) alert logging or disable it altogether.
This is applicable on a sensor wide basis for all ports in inline mode.
Default: disable (5)"
::= { ezLogAlertGrp 1 }
ezAlertThrottleMaxIpPair OBJECT-TYPE
SYNTAX INTEGER (1..32)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Once this threshold is exceeded, sensor will only send one
summary ez alert for all addresses (srcip's and destip's) that
match the aclid/vidsid.
Default: 10"
::= { ezLogAlertGrp 2 }
ezAlertThrottleInterval OBJECT-TYPE
SYNTAX INTEGER (1..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the enforcement zone alert throttle interval.
Default: 120 seconds"
::= { ezLogAlertGrp 3 }
ezAlertThrottleAction OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable and disable ez alert throttling.
Default: enable(1)"
::= { ezLogAlertGrp 4 }
ezAlertThrottleThreshold OBJECT-TYPE
SYNTAX INTEGER (1..25)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the number of alerts that
need to be sent before sensor starts to throttle the ez alerts.
For example if this value is 10, it will send the first 10
ez alerts with the following key: aclid/vidsid/srcip/destip.
This parameters will use the ezAlertThrottleInterval as the
interval.
Default: 5"
::= { ezLogAlertGrp 5 }
ezAlertDirectToSyslog OBJECT-TYPE
SYNTAX INTEGER {
sendViaNSM (1),
sendDirect (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object can be used to enable sending EZ logs directly to syslog viewer instead of sending it via NSM.
Default: sendViaNSM (1)"
::= { ezLogAlertGrp 6 }
nbadGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 27 }
nbadConfigGrp OBJECT IDENTIFIER ::= { nbadGrp 1 }
nbadSensorIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The ipaddress of the NBAD server to which all the collected flowrecords would be sent."
::= { nbadConfigGrp 1 }
nbadSensorPort OBJECT-TYPE
SYNTAX INTEGER (1024..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The port on which the NBAD server is listening for flow records."
::= { nbadConfigGrp 2 }
nbadIPSPriMonPortId OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object contains the primary IPS monitoring linear port index to be used
to send flow records to the NBAD sensor."
::= { nbadConfigGrp 3 }
nbadIPSSecMonPortId OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object contains the secondary IPS monitoring linear port index to be used
to send flow records to the NBAD sensor. This monitoring port would be used
only when the configured primary monitoring port cannot be utilised to send
the flow records to the NBAD sensor."
::= { nbadConfigGrp 4 }
nbadAppFingerPrintingEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that application finger printing is enabled.
Default: False"
::= { nbadConfigGrp 5 }
nbadOSFingerPrintingEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that OS finger printing is enabled.
Default: False"
::= { nbadConfigGrp 6 }
nbadSslFlowDataCaptureEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that ssl flow data capture is enabled.
Default: False"
::= { nbadConfigGrp 7 }
nbadFlowProtocolId OBJECT-TYPE
SYNTAX INTEGER {
netflow (1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value set indicates the protocol type of the exported flow records.
Default: netflow (1)"
::= { nbadConfigGrp 8 }
nbadFlowProtocolVersion OBJECT-TYPE
SYNTAX INTEGER {
netFlowVersion9 (1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value set indicates the protocol version of the exported flow records.
Default: netFlowVersion9 (1)"
::= { nbadConfigGrp 9 }
nbadCaptureTCP OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value set indicates whether netflow capture for TCP flows is enabled or not.
Default: enable (1)"
::= { nbadConfigGrp 10 }
nbadCaptureUDP OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value set indicates whether netflow capture for UDP flows is enabled or not.
Default: enable (1)"
::= { nbadConfigGrp 11 }
nbadCaptureICMP OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value set indicates whether netflow capture for ICMP flows is enabled or not.
Default: disable (2)"
::= { nbadConfigGrp 12 }
hostDataGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 28 }
hostDataTable OBJECT-TYPE
SYNTAX SEQUENCE OF HostDataEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each discovered host. (indexed via hostDataIndex)
This table contains Trellix specific MIB objects.
"
::= { hostDataGrp 1 }
hostDataEntry OBJECT-TYPE
SYNTAX HostDataEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each discovered host.
Indexed by hostDataIndex"
INDEX { hostDataIndex }
::= { hostDataTable 1 }
HostDataEntry ::= SEQUENCE {
hostDataIndex
INTEGER,
hostIPAddress
IpAddress,
hostMacAddress
MacAddress,
hostDetectedDHCPMonPortId
TrellixPortLinearIndex,
hostName
DisplayString,
hostUpdatedTimeStamp
INTEGER,
hostAgentGuid
DisplayString,
hostNACStatus
INTEGER,
hostState
INTEGER,
hostDeploymentMode
INTEGER,
hostHealthLevel
INTEGER,
hostEZId
INTEGER,
hostUserName
DisplayString,
hostPolicyId
INTEGER,
hostDetectedTimeStamp
INTEGER,
hostOSInfo
DisplayString,
hostMNACAgentOSInfo
DisplayString,
hostActive
TruthValue,
hostDetectedStdMonPortId
TrellixPortLinearIndex,
hostDetectionType
INTEGER,
hostUserAuthProtocol
INTEGER,
hostSwitchId
INTEGER,
hostSwitchPortId
INTEGER,
hostSwitchPortGroupId
INTEGER,
hostQuarantineVlanId
INTEGER,
hostProductionVlanId
INTEGER,
nasIpAddress
IpAddress,
nasGroupObjectId
INTEGER,
userGroupObjectId
INTEGER,
deviceProfileString
DisplayString,
hostOperationalMode
INTEGER,
hostEnforcementAction
INTEGER,
flexiblePolicyRuleId
INTEGER
}
hostDataIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of the Host Data Entry"
::= { hostDataEntry 1 }
hostIPAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The ipaddress of the detected host."
::= { hostDataEntry 2 }
hostMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The MAC address of the detected host."
::= { hostDataEntry 3 }
hostDetectedDHCPMonPortId OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The monitoring interface linear port index over which the host was detected in DHCP mode."
::= { hostDataEntry 4 }
hostName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..16))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The name of the detected host."
::= { hostDataEntry 5 }
hostUpdatedTimeStamp OBJECT-TYPE
SYNTAX INTEGER (0..4294967295)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time of the host getting updated last. This would be zero intilially
at the time of host getting detected."
::= { hostDataEntry 6 }
hostAgentGuid OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..16))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The agent GUID of the detected host."
::= { hostDataEntry 7 }
hostNACStatus OBJECT-TYPE
SYNTAX INTEGER {
managed (1),
unmanaged (2),
unmanageable (3),
unknown (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The detected host NAC status."
::= { hostDataEntry 8 }
hostState OBJECT-TYPE
SYNTAX INTEGER {
preadmit-new (1),
preadmit-sgap (2),
preadmit-user-detect (3),
preadmit-host-detect (4),
preadmit-remediate (5),
postadmit (6),
postadmit-remediate (7),
post-boot (8),
ib-host-detect (9),
ib-auth-wait (10),
ib-host-sgap (11),
ib-user-detect (12),
ib-host-remediate (13),
ib-host-admit (14),
oob-host-admit (15),
ib-host-offline (16)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The state of the detected host entry."
::= { hostDataEntry 9 }
hostDeploymentMode OBJECT-TYPE
SYNTAX INTEGER {
dhcp (1),
standard (2),
hybrid (3),
oob (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The deployment mode of the detected host."
::= { hostDataEntry 10 }
hostHealthLevel OBJECT-TYPE
SYNTAX INTEGER (1..6)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The health level of the detected host."
::= { hostDataEntry 11 }
hostEZId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The applied enforcement zone id for the detected host."
::= { hostDataEntry 12 }
hostUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IBAC username of the detected host."
::= { hostDataEntry 13 }
hostPolicyId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IBAC policy id of the detected host."
::= { hostDataEntry 14 }
hostDetectedTimeStamp OBJECT-TYPE
SYNTAX INTEGER (0..4294967295)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time of the host getting detected."
::= { hostDataEntry 15 }
hostOSInfo OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Operation system information of the detected host."
::= { hostDataEntry 16 }
hostMNACAgentOSInfo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..8))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The OS information of the detected host provided by the MNAC agent."
::= { hostDataEntry 17 }
hostActive OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether the host is Active or not. If set to true, it indicates the host is active"
::= { hostDataEntry 18 }
hostDetectedStdMonPortId OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The monitoring interface linear port index over which the host was detected in Standard mode."
::= { hostDataEntry 19 }
hostDetectionType OBJECT-TYPE
SYNTAX INTEGER {
other (0),
l2 (1),
l3 (2),
vpn (3),
snmp (4),
radiusMac (5),
radius8021x (6),
l3-snmp(7),
l3-radiusMac(8),
l3-radius8021x(9)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The detection type of the detected host. For OOB cases, this includes the discovery mechanism as well."
::= { hostDataEntry 20 }
hostUserAuthProtocol OBJECT-TYPE
SYNTAX INTEGER {
authGuest (0),
authRadius (1),
authAD (2),
authSelfReg (3),
authADSGAP (4),
auth8021xRadius (5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Authentication type of the logged in IBAC user."
::= { hostDataEntry 21 }
hostSwitchId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Switch instance ID on which host was detected in OOB mode."
::= { hostDataEntry 22 }
hostSwitchPortId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Switch port ID on which host was detected in OOB mode"
::= { hostDataEntry 23 }
hostSwitchPortGroupId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Switch port group ID on which host was detected in OOB mode"
::= { hostDataEntry 24 }
hostQuarantineVlanId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Quarantine VLAN Id corresponding to the host which was detected in OOB mode."
::= { hostDataEntry 25 }
hostProductionVlanId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Production VLAN Id corresponding to the host which was detected in OOB mode."
::= { hostDataEntry 26 }
nasIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Network Server Access Ipaddress of the switch where the host is connecting to."
::= { hostDataEntry 27 }
nasGroupObjectId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Flexible policy Network Server Access Group Object Id for the host."
::= { hostDataEntry 28 }
userGroupObjectId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Flexible policy User Group Object Id for the host."
::= { hostDataEntry 29 }
deviceProfileString OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The device profile string provided by the third party device profiling ldap server for the host."
::= { hostDataEntry 30 }
hostOperationalMode OBJECT-TYPE
SYNTAX INTEGER {
enforcement (1),
audit (2),
simulation (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the operational mode for the host."
::= { hostDataEntry 31 }
hostEnforcementAction OBJECT-TYPE
SYNTAX INTEGER {
deny (1),
allow (2),
custom-enforce (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the kind of enforcement done for the host."
::= { hostDataEntry 32 }
flexiblePolicyRuleId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This indicates the flexible policy rule for the host."
::= { hostDataEntry 33 }
hostConfigGrp OBJECT IDENTIFIER ::= { hostDataGrp 2 }
hostEntryAttribute OBJECT-TYPE
SYNTAX INTEGER {
ip (1),
mac (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Host entry attribute to be considered for config action."
::= { hostConfigGrp 1 }
hostEntryIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Host entry Ip address to be considered for config action."
::= { hostConfigGrp 2 }
hostEntryMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Host entry Mac address to be considered for config action."
::= { hostConfigGrp 3 }
hostEntryConfig OBJECT-TYPE
SYNTAX INTEGER {
delete-host (1),
modify-naz (2),
revert-naz (3),
host-oob-to-inline (4),
host-inline-to-oob (5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Host entry config action."
::= { hostConfigGrp 4 }
hostEntryEZId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"EZ-ID to be considered for modifying the NAZ of the given host entry."
::= { hostConfigGrp 5 }
hostDataAvailabilityStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the availability of the hostData through SNMP. This information
is useful immediately after the sensor reboot, as the Host Data even if
present on the sensor would be available through SNMP only after the
system health becomes GOOD, as the host data would be initialised only
during the initial sigfile processing.
True: Host Data available after the sensor initialisation or no persisted hostdata.
False: In other scenarios. "
::= { hostDataGrp 3 }
--This group contains MIB objects related to SGAP Configuration
sgapGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 29 }
sgapConfigGrp OBJECT IDENTIFIER ::= { sgapGrp 1 }
sgapAuthTimeout OBJECT-TYPE
SYNTAX INTEGER (10..600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Authentication channel timeout in seconds.
Default: 30"
::= { sgapConfigGrp 1 }
sgapCSRConfigGrp OBJECT IDENTIFIER ::= { sgapConfigGrp 2 }
sgapCSRCountryName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Country name for generating the CSR. Use the two-letter code
without punctuation for country like US or CA."
::= { sgapCSRConfigGrp 1 }
sgapCSRStateProvince OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"State or Province name for generating the CSR. Spell out the
state completely."
::= { sgapCSRConfigGrp 2 }
sgapCSRLocality OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"City or town name for generating the CSR."
::= { sgapCSRConfigGrp 3 }
sgapCSRCompany OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Company name for generating the CSR. If the company name has
symbols, spell out the symbol or omit it to enroll."
::= { sgapCSRConfigGrp 4 }
sgapCSROrganizationalUnit OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The organizational unit is the name of the department or organization unit
making the request. This is an optional field"
::= { sgapCSRConfigGrp 5 }
sgapCSRCommonName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The common name is the host plus domain name. It looks like
www.company.com or company.com."
::= { sgapCSRConfigGrp 6 }
sgapCSRGenerateAction OBJECT-TYPE
SYNTAX INTEGER {
other(0),
generateCSR(1),
generateSelfSigned(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This action is used to generate the CSR/self signed certificate.
Default : other (0)"
::= { sgapCSRConfigGrp 7 }
sgapCSRGenerateStatus OBJECT-TYPE
SYNTAX INTEGER {
other (0),
generationInProgress (1),
generationComplete (2),
generationFailed (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object describes the possible CSR generation states.
Default : other (0)"
::= { sgapCSRConfigGrp 8 }
sgapCertStatus OBJECT-TYPE
SYNTAX INTEGER {
other (0),
certAbsent (1),
defaultCert (2),
selfsignedCert (3),
casignedCert (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the sgap cert status on the sensor.
Default: 0"
::= { sgapConfigGrp 3 }
--
-- This group contains MIB objects related to threshold alarm and historical trends related configuration
--
alarmAndTrendsGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 30 }
sensorPerfAlertGrp OBJECT IDENTIFIER ::= { alarmAndTrendsGrp 1 }
sensorPerfAlertEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable/disable generation of sensor performance alerts,
for the purpose of historical trends.
Default: false(2)"
::= { sensorPerfAlertGrp 1 }
sensorPerfAlertDuration OBJECT-TYPE
SYNTAX INTEGER (1..60)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the duration of sensor performance alerts in minutes,
for the purpose of historical trends.
Default: 5"
::= { sensorPerfAlertGrp 2 }
sensorPerfAlertParameters OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the parameters of sensor performance alerts,
for the purpose of historical trends. The parameter bit positions are as given below.
msb-bit(1) : cpu-utilization,
msb-bit(2) : tcpudp-flows,
msb-bit(3) : sensor-throughput,
msb-bit(4) : mon-port-data-rate,
msb-bit(5) : reserved
msb-bit(6) : reserved
msb-bit(7) : system-memory,
msb-bit(8) : packet-buffers,
msb-bit(9) : decrypted-ssl-flows"
::= { sensorPerfAlertGrp 3 }
alarmConfigGrp OBJECT IDENTIFIER ::= { alarmAndTrendsGrp 2 }
alarmStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable/disable generation of threshold based alarms.
Default: false(2)"
::= { alarmConfigGrp 1 }
alarmDeleteAllEntries OBJECT-TYPE
SYNTAX INTEGER {
true(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to delete all alarm entries in a single operation."
::= { alarmConfigGrp 2 }
alarmDuration OBJECT-TYPE
SYNTAX INTEGER (1..60)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the duration in minutes, at which the sensor needs to perform
threshold checks and if required generate the specific alarm.
Default : 1"
::= { alarmConfigGrp 3 }
alarmTable OBJECT-TYPE
SYNTAX SEQUENCE OF AlarmEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for configured threshold based alarms. (indexed via alarmIndex)
This table contains Trellix specific MIB objects.
"
::= { alarmConfigGrp 4 }
alarmEntry OBJECT-TYPE
SYNTAX AlarmEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each threshold based alarm.
Indexed by alarmIndex"
INDEX { alarmIndex }
::= { alarmTable 1 }
AlarmEntry ::= SEQUENCE {
alarmIndex
INTEGER,
alarmSampleType
INTEGER,
alarmSampleTypeIndexBitmap
OCTET STRING,
alarmSampleTypeDesc
DisplayString,
alarmRaisingThreshold
Unsigned32,
alarmFallingThreshold
Unsigned32,
alarmStartupType
INTEGER,
alarmEntryStatus
RowStatus
}
alarmIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of the threshold based alarm entry"
::= { alarmEntry 1 }
alarmSampleType OBJECT-TYPE
SYNTAX INTEGER
{
cpu-utilization-abs (0),
tcpudp-flows (1),
sensor-throughput-delta (2),
mon-port-throughput-delta (3),
sensor-l2-error-drop-delta (4),
sensor-l3-l4-error-drop-delta (5),
system-memory (6),
packet-buffers (7),
decrypted-ssl-flows (8)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the alarm sample type for which the sensor needs to generate alarms
based on alarm threshold settings. The threshold value range vary based on the sample types :
cpu-utilization-abs : 0 - 100,
tcpudp-flows : 0 - 100,
sensor-throughput-delta : 0 - 100,
mon-port-throughput-delta : 0 - 100,
l2-error-drop-delta : 0 - 4294967295,
l3-l4-error-drop-delta : 0 - 4294967295,
system-memory : 0 - 100,
packet-buffers : 0 - 100,
decrypted-ssl-flows : 0 - 100
"
::= { alarmEntry 2 }
alarmSampleTypeIndexBitmap OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object provides the index bit map for the alarm sample type id. The bit
setting would be similar to the BITS type and in network order. The bitmap would be as
given below :
cpu-utilization-abs - 0,
sensor-throughput-delta - 0,
mon-port-throughput-delta - Bit position indicates the <linear portIndex>
sensor-l2-error-drop-delta - 0,
sensor-l3-l4-error-drop-delta - 0
"
::= { alarmEntry 3 }
alarmSampleTypeDesc OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object provides the alarm sample type description such as 'lower-band', 'higher-band', etc."
::= { alarmEntry 4 }
alarmRaisingThreshold OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the raising threshold value. The sensor would generate raising
threshold alarm when the sample type counter exceeds this value."
::= { alarmEntry 5 }
alarmFallingThreshold OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the falling threshold value. The sensor would generate falling
threshold alarm when the sample type counter reduces below this value."
::= { alarmEntry 6 }
alarmStartupType OBJECT-TYPE
SYNTAX INTEGER {
raising (1),
falling (2),
both (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the first alarm type that the sensor must generate before
generating the other threshold based alarm. For eg; if the value is set to 'raising (1)',
then the sensor has to first raise an alarm based on raising threshold value and only
then based on falling threshold value.
Default : raising (1)"
::= { alarmEntry 7 }
alarmEntryStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to create a new threshold based alarm."
::= { alarmEntry 8 }
bwSavingStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable/disable bandwidth saving.
Default: false(2)"
::= { alarmConfigGrp 5 }
--
-- This group contains MIB objects applicable to NAC-only Appliances.
--
oobnacGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 31 }
-- Support for oobnacGrp is deprecated in V-series sensors(VmIPS).
-- This group consists of scalars for pre-discovery phase and swInstanceTable(based on switch ID).
oobnacSwDiscoveryGrp OBJECT IDENTIFIER ::= { oobnacGrp 1 }
-- This table creates an entry for the switch (indexed based on switch id ).
swInstanceTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwInstanceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each switch instance(indexed via switch id)."
::= { oobnacSwDiscoveryGrp 1 }
swInstanceEntry OBJECT-TYPE
SYNTAX SwInstanceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the attributes that are specific to the switch instance. Indexed by swIdIndex"
INDEX { swIdIndex }
::= { swInstanceTable 1 }
SwInstanceEntry ::= SEQUENCE {
swIdIndex
INTEGER,
swDetDesc
DisplayString,
swProfileId
INTEGER,
swIPAddress
IpAddress,
swIPV6Address
Ipv6Address,
swName
DisplayString,
swDesc
DisplayString,
swEnable
TruthValue,
swSNMPsupport
TruthValue,
swSnmpVerSupport
INTEGER,
swREADCommunityStr
DisplayString,
swWRITECommunityStr
DisplayString,
swTRAPCommunityStr
DisplayString,
swSNMPPort
INTEGER,
swV3UserName
DisplayString,
swV3SecurityLevel
INTEGER,
swV3AuthProtocol
INTEGER,
swV3AuthKey
DisplayString,
swV3EncrProtocol
INTEGER,
swV3EncrKey
DisplayString,
swCLIsupport
TruthValue,
swCLINwProtocol
INTEGER,
swCLIUserName
DisplayString,
swCLIPwd
DisplayString,
swCLIEnablePwd
DisplayString,
swCLIAutoSaveConfig
TruthValue,
swRadiusSupport
TruthValue,
swRadiusSharedSecret
DisplayString,
swPlaceHolderVlan
DisplayString,
swUseDefaultQVlanPool
TruthValue,
swQVlanPoolRange
DisplayString,
swDiscoverAction
RowStatus,
swCLILoginType
INTEGER,
swAuthMacAddRadSrvOption
TruthValue,
swActionStatus
INTEGER,
swPortDefaultVlan
INTEGER,
swActionStatusTime
INTEGER
}
swIdIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index"
::= { swInstanceEntry 1 }
swDetDesc OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..256))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Description returned by the switch. "
::= { swInstanceEntry 2 }
swProfileId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"switch profile id returned by the switch."
::= { swInstanceEntry 3 }
swIPAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP address of the switch instance sent down from ISM when a new switch is being added."
::= { swInstanceEntry 4 }
swIPV6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPV6 address of the switch instance sent down from ISM when a new switch is being added."
::= { swInstanceEntry 5 }
swName OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..256))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Switch name returned by the switch."
::= { swInstanceEntry 6 }
swDesc OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..256))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Switch name returned by the switch. This can be modified by ISM."
::= { swInstanceEntry 7 }
swEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to enable/disable the specific switch upon discovery. The default value is enable(1)."
::= { swInstanceEntry 8 }
swSNMPsupport OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Support for snmp communication between sensor and the switch.Currently the value always remains true."
::= { swInstanceEntry 9 }
swSnmpVerSupport OBJECT-TYPE
SYNTAX INTEGER {
snmpv1(1),
snmpv2(2),
snmpv3(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"snmp version supported by the switch. The default will be version 2."
::= { swInstanceEntry 10 }
swREADCommunityStr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"String used for all read-only snmp data communication between sensor and the switch. The default string is public."
::= { swInstanceEntry 11 }
swWRITECommunityStr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"String used for all read-write snmp data communication between sensor and the switch."
::= { swInstanceEntry 12 }
swTRAPCommunityStr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"community string used for the all the traps received from the switch."
::= { swInstanceEntry 13 }
swSNMPPort OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"snmp port for snmp communication with the switch(161)."
::= { swInstanceEntry 14 }
swV3UserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..31))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"User name for snmp v3 communication."
::= { swInstanceEntry 15 }
swV3SecurityLevel OBJECT-TYPE
SYNTAX INTEGER {
noAuthNoPriv(1),
authNoPriv(2),
authPriv(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Level of security supported by the switch. The default value is authPriv(3)."
::= { swInstanceEntry 16 }
swV3AuthProtocol OBJECT-TYPE
SYNTAX INTEGER {
mD5(1),
sHA(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"protocol for authentication of the user. The default value is Md5(1)."
::= { swInstanceEntry 17 }
swV3AuthKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Key for authentication of the user."
::= { swInstanceEntry 18 }
swV3EncrProtocol OBJECT-TYPE
SYNTAX INTEGER {
dES(1),
aES(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"protocol for encryption of snmp communication messages. The default value is DES(1)."
::= { swInstanceEntry 19 }
swV3EncrKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"key for encryting messages."
::= { swInstanceEntry 20 }
swCLIsupport OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Support for CLI communication between sensor and the switch."
::= { swInstanceEntry 21 }
swCLINwProtocol OBJECT-TYPE
SYNTAX INTEGER {
telnet(1),
ssh(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"support for a command line interfaces network protocol such as TELNET or ssh. Default value is telnet(1)."
::= { swInstanceEntry 22 }
swCLIUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"user name for CLI communication."
::= { swInstanceEntry 23 }
swCLIPwd OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"password to authenticate CLI user."
::= { swInstanceEntry 24 }
swCLIEnablePwd OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable password to authenticate CLI user."
::= { swInstanceEntry 25 }
swCLIAutoSaveConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If this option is enabled then auto save CLI configuration changes to flash."
::= { swInstanceEntry 26 }
swRadiusSupport OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Support for radius communication between sensor and the switch. The default value is enable(1)."
::= { swInstanceEntry 27 }
swRadiusSharedSecret OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"A case-sensitive text string used to validate communications between two radius devices."
::= { swInstanceEntry 28 }
swPlaceHolderVlan OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"special vlan value used for assigning qvlan value to an empty port."
::= { swInstanceEntry 29 }
swUseDefaultQVlanPool OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to use globally set qvlan pool range."
::= { swInstanceEntry 30 }
swQVlanPoolRange OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..30))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Qvlan pool range assigned for the switch instance."
::= { swInstanceEntry 31 }
swDiscoverAction OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This action data will add a switch entry in the table. Default action is createAndGo(4)."
::= { swInstanceEntry 32 }
swCLILoginType OBJECT-TYPE
SYNTAX INTEGER {
userPwd(1),
pwdEnable(2),
userPwdEnable(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Different login types supported for CLI. "
::= { swInstanceEntry 33 }
swAuthMacAddRadSrvOption OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Support for option to authenticate MAC addresses against radius server.Default option is to disabled(0)."
::= { swInstanceEntry 34 }
swActionStatus OBJECT-TYPE
SYNTAX INTEGER {
active(1),
inactive(2),
in-deletion-mode(3),
in-addition-mode(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Variable to poll the status of the switch(in case sw goes down). "
::= { swInstanceEntry 35 }
swPortDefaultVlan OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Variable used for updating port default vlan for universal control point (UCP)switches. For non-ucp switches the value will default to zero."
::= { swInstanceEntry 36 }
swActionStatusTime OBJECT-TYPE
SYNTAX INTEGER (0..4294967295)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time when swActionStatus variable was updated."
::= { swInstanceEntry 37 }
--Scalar for the pre-discovery phase. No entry is created for the switch during this time.
-- Also scalars for switch snmp/cli test.
swIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP address of the switch instance sent down from ISM when a new switch is being added."
::= { oobnacSwDiscoveryGrp 2 }
swIpV6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPV6 address of the switch instance sent down from ISM when a new switch is being added."
::= { oobnacSwDiscoveryGrp 3 }
readCommunityString OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This string is used for all read-only snmp data communication between sensor and the switch. The default string is public."
::= { oobnacSwDiscoveryGrp 4 }
snmpPort OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The default port on which snmp runs(161)."
::= { oobnacSwDiscoveryGrp 5 }
snmpVerSupport OBJECT-TYPE
SYNTAX INTEGER {
snmpv1(1),
snmpv2(2),
snmpv3(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"snmp version supported by the switch. The default will be version 2."
::= { oobnacSwDiscoveryGrp 6 }
writeCommunityStr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"String used for all read-write snmp data communication between sensor and the switch."
::= { oobnacSwDiscoveryGrp 7 }
trapCommunityStr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"community string used for the all the traps received from the switch."
::= { oobnacSwDiscoveryGrp 8}
v3UserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..31))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"User name for snmp v3 communication."
::= { oobnacSwDiscoveryGrp 9 }
v3SecurityLevel OBJECT-TYPE
SYNTAX INTEGER {
noAuthNoPriv(1),
authNoPriv(2),
authPriv(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Level of security supported by the switch. The default value is authPriv(3)."
::= { oobnacSwDiscoveryGrp 10 }
v3AuthProtocol OBJECT-TYPE
SYNTAX INTEGER {
mD5(1),
sHA(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"protocol for authentication of the user. The default value is Md5(1)."
::= { oobnacSwDiscoveryGrp 11 }
v3AuthKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Key for authentication of the user."
::= { oobnacSwDiscoveryGrp 12 }
v3EncrProtocol OBJECT-TYPE
SYNTAX INTEGER {
dES(1),
aES(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"protocol for encryption of snmp communication messages. The default value is DES(1)."
::= { oobnacSwDiscoveryGrp 13 }
v3EncrKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..15))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"key for encryting messages."
::= { oobnacSwDiscoveryGrp 14 }
cliNwProtocol OBJECT-TYPE
SYNTAX INTEGER {
telnet(1),
ssh(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"support for a command line interfaces network protocol such as TELNET or ssh. Default value is telnet(1)."
::= { oobnacSwDiscoveryGrp 15 }
cliUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"user name for CLI communication."
::= { oobnacSwDiscoveryGrp 16}
cliPwd OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"password to authenticate CLI user."
::= { oobnacSwDiscoveryGrp 17 }
cliEnablePwd OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable password to authenticate CLI user."
::= { oobnacSwDiscoveryGrp 18 }
swQueryAction OBJECT-TYPE
SYNTAX INTEGER {
initialQuery(1),
testSnmp(2),
testCli(3),
deleteAllSwEntries(4),
reLearnSwitch(5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"action to get preliminary data (like sys uptime, sys description etc) from the switch. also to test cli and snmp."
::= { oobnacSwDiscoveryGrp 19}
cliLoginType OBJECT-TYPE
SYNTAX INTEGER {
userPwd(1),
pwdEnable(2),
userPwdEnable(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Different login types supported for CLI. "
::= { oobnacSwDiscoveryGrp 20 }
profileId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"switch profile id returned by the switch."
::= { oobnacSwDiscoveryGrp 21 }
switchId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The sw global id used to re-learn the switch."
::= { oobnacSwDiscoveryGrp 22 }
-- This group consists of scalars applicable to all switches.
oobnacAllSwitchesGrp OBJECT IDENTIFIER ::= { oobnacGrp 2 }
oobnDefaultQvlanPool OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..30))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"default qvlan pool range assigned for the all switches using default qvlan pool."
::= { oobnacAllSwitchesGrp 1 }
oobnacRadNumRetries OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The default number of retries(3) allowed for radius users."
::= { oobnacAllSwitchesGrp 2 }
oobnacRadRespTimeOut OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The default timeout value(3 seconds) for radius response timeout."
::= { oobnacAllSwitchesGrp 3 }
--
-- OOB NAC Failover Group
--
--This group contains objects that identify the OOB NAC failover configuration information
--
oobnacFailoverGrp OBJECT IDENTIFIER ::= { oobnacGrp 3 }
oobnacFloatingIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Floating Management Port IP Address."
::= { oobnacFailoverGrp 1 }
oobnacFloatingIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Floating Management Port IPv6 Address."
::= { oobnacFailoverGrp 2 }
oobnacFloatingNetMask OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Floating Management Port Network mask as a IPAddress prefix."
::= { oobnacFailoverGrp 3 }
oobnacFloatingv6NetMask OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Floating Management Port IPv6 Network mask as a IPAddress prefix."
::= { oobnacFailoverGrp 4 }
oobnacFloatingGatewayIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Floating Management Port Gateway IP Address."
::= { oobnacFailoverGrp 5 }
oobnacFloatingGatewayIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Floating Management Port Gateway IP Address."
::= { oobnacFailoverGrp 6 }
oobnacPeerIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Failover Peer Management Port IP Address."
::= { oobnacFailoverGrp 7 }
oobnacPeerIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Failover Peer Management Port IPv6 Address."
::= { oobnacFailoverGrp 8 }
oobnacFailoverSensorStatus OBJECT-TYPE
SYNTAX INTEGER {
standalone (0),
standby (1),
active (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Status of the sensor in OOBNac failover."
::= { oobnacFailoverGrp 9 }
--
-- This group contains Malware related MIB objects. These are applicable to
-- all M-series except NAC-only appliances.
--
malwareGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 32 }
-- Support for malwarePriDNSServerIp is now deprecated in sensors using new MIB.
malwarePriDNSServerIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"IP address of the primary DNS server."
::= { malwareGrp 1 }
-- Support for malwareSecDNSServerIp is now deprecated in sensors using new MIB.
malwareSecDNSServerIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"IP address of the secondary DNS server."
::= { malwareGrp 2 }
-- Support for malwarePriDNSServerIpV6 is now deprecated in sensors using new MIB.
malwarePriDNSServerIpV6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"IPV6 address of the primary DNS server."
::= { malwareGrp 3 }
-- Support for malwareSecDNSServerIpV6 is now deprecated in sensors using new MIB.
malwareSecDNSServerIpV6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS obsolete
DESCRIPTION
"IPV6 address of the secondary DNS server."
::= { malwareGrp 4 }
malwareRiskLevel OBJECT-TYPE
SYNTAX INTEGER {
veryLow(1),
low(2),
medium(3),
high(4),
veryHigh(5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Malware risk level threshold value set by the user. The default level is Very Low."
::= { malwareGrp 5 }
-- Support for malwareArtemisDetectionMode is deprecated in sensors using new MIB.
malwareArtemisDetectionMode OBJECT-TYPE
SYNTAX INTEGER {
alertOnly(1),
alertAndBlock(2),
alertBlockAndTCP-Reset(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"artemis configuration to do either of the settings
Alert only,
Alert and Block or
Alert, Block and TCP-Reset."
::= { malwareGrp 6 }
-- Support for malwareUDFDetectionMode is deprecated in sensors using new MIB.
malwareUDFDetectionMode OBJECT-TYPE
SYNTAX INTEGER {
alertOnly(1),
alertAndBlock(2),
alertBlockAndTCP-Reset(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"user-defined configuration to do either of the settings
Alert only,
Alert and Block or
Alert, Block and TCP-Reset."
::= { malwareGrp 7 }
gamEngSensorCfgGrp OBJECT IDENTIFIER ::= { malwareGrp 8 }
gamEngSensorAutoUpdateConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable / disable the Sensor auto update config.
Default : True (Enable)"
::= { gamEngSensorCfgGrp 1}
gamEngSensorAutoUpdateInterval OBJECT-TYPE
SYNTAX INTEGER (90..1440)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Sets the Sensor auto update Interval in minutes.
Default : 90"
::= { gamEngSensorCfgGrp 2}
gamEngVer OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..63))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides the current gam engine version available on sensor."
::= { gamEngSensorCfgGrp 3}
gamDatVer OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..63))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides the current gam dat version available on sensor."
::= { gamEngSensorCfgGrp 4}
avEngVer OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..63))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides the current AV engine version available on sensor."
::= { gamEngSensorCfgGrp 5 }
avDatVer OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..63))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides the current AV dat version available on sensor."
::= { gamEngSensorCfgGrp 6}
gamEngUpdatedTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides the time in UTC format when sensor had updated GAM engine successfully."
::= { gamEngSensorCfgGrp 7}
gamManualFullUpdateFileUploadStatus OBJECT-TYPE
SYNTAX INTEGER {
readyForGAMUpdate (1),
gAMUpdateTransferInProgress (2),
gAMUpdateTransferError (3),
gAMUpdateQueued (4),
applyingGAMUpdate (5),
gAMUpdateCompleted (6),
gAMUpdateError (7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Provides the current file upload status."
::= { gamEngSensorCfgGrp 8}
--This group contains MIB objects related to Miscellaneous Configuration Group
miscCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 33 }
jumboframeParsingConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable jumboframe parsing.
The new setting would be effective only after a sensor reboot.
Default: disable"
::= {miscCfgGrp 1 }
currentJumboframeParsingStatus OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current running jumboframe parsing status."
::= {miscCfgGrp 2 }
appIdStatsConfigStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that the appId stats collection is enabled for the sensor.
Default: False"
::= { miscCfgGrp 3 }
hitlessRebootStatus OBJECT-TYPE
SYNTAX INTEGER {
available (1),
notavailable (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Status option to read whether hitless reboot is possible or not at this time."
::= {miscCfgGrp 4 }
existingGeoDBFilename OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..256))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This specifies the name of geo database file present in sensor. NULL would be returned
when there is no geo DB file on the sensor."
::= {miscCfgGrp 5 }
nsmTrackUserLoggingStatus OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable NSM audit logging.
Default: disable"
::= {miscCfgGrp 6 }
accelerateFTPInboundConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable accelerate ftp in inbound direction
Default: false (2)"
::= {miscCfgGrp 7 }
accelerateFTPOutboundConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable accelerate ftp in outbound direction.
Default: false (2)"
::= {miscCfgGrp 8 }
parseTunnellingConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable parsing of tunnelled packet.
Default: false (2)"
::= {miscCfgGrp 9 }
prev256ByteLoggingConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable prev 256 byte logging.
Default: false (2)"
::= {miscCfgGrp 10 }
cliAuditLoggingConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable cli audit logging through SNMP.
Default: false (2)"
::= {miscCfgGrp 11 }
snortRuleEngineConfig OBJECT-TYPE
SYNTAX INTEGER {
traditional (1),
nextGeneration (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to switch snort rule engine between traditional and next generation.
The new setting would be effective only after a sensor reboot.
Default: traditional"
::= {miscCfgGrp 12 }
currentSnortRuleEngineStatus OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current running snort rule engine on sensor."
::= {miscCfgGrp 13 }
insightsTelemetryConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable usage of configured telemetry data for Insights"
::= {miscCfgGrp 14}
--
-- This group contains MIB objects applicable to Layer2 forwarding.
--
layer2FwdGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 34 }
-- This group consists of scalars for configuring layer2 fwd feature.
layer2FwdCfgGrp OBJECT IDENTIFIER ::= { layer2FwdGrp 1 }
layer2FwdType OBJECT-TYPE
SYNTAX INTEGER {
tcp (1),
udp (2),
vlan(3),
all (4),
ip (5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Different modes for using layer2 forward feature."
::= { layer2FwdCfgGrp 1 }
layer2IntfPort OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The intf linear port index of the sensor for the mode chosen."
::= { layer2FwdCfgGrp 2 }
layer2FwdAction OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2),
clearAll(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Action to take for the specified port(s)."
::= { layer2FwdCfgGrp 3 }
layer2FwdBeginId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Start port id(range 1-65535) for the mode selected(tcp/udp/vlan)."
::= { layer2FwdCfgGrp 4 }
layer2FwdEndId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" End port id(range 1-65535) for the mode selected(tcp/udp/vlan)."
::= { layer2FwdCfgGrp 5 }
layer2FwdConfig OBJECT-TYPE
SYNTAX INTEGER (0..7)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Layer2 forward configuration to enable or disable this feature. Each bit represents the
layer2 forward type. From the LSB the 1st bit for TCP, 2nd bit for UDP, 3rd bit for VLAN.
Default will be 7, indicating this feature is enable"
::= { layer2FwdCfgGrp 6 }
--
-- This table has entries for layer2Fwd TCP Table.
--
layer2FwdTCPTable OBJECT-TYPE
SYNTAX SEQUENCE OF Layer2FwdTCPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing TCP port ranges configured for L2 forwarding.(indexed via intf port number and entry number)."
::= { layer2FwdGrp 2 }
layer2FwdTCPEntry OBJECT-TYPE
SYNTAX Layer2FwdTCPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the attributes that are specific to the L2 fwd entry for TCP table. Indexed by intfPortLinearIndex and entry number."
INDEX { tcpIntfPortIndex,
tcpEntryIndex }
::= { layer2FwdTCPTable 1 }
Layer2FwdTCPEntry ::= SEQUENCE {
tcpIntfPortIndex
TrellixPortLinearIndex,
tcpEntryIndex
INTEGER,
tcpPortRange
DisplayString
}
tcpIntfPortIndex OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The intfPort linear index"
::= { layer2FwdTCPEntry 1 }
tcpEntryIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index"
::= { layer2FwdTCPEntry 2 }
tcpPortRange OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..20))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"range for which L2 forwarding feature is enabled. "
::= { layer2FwdTCPEntry 3 }
--
-- This table has entries for layer2Fwd UDP Table.
--
layer2FwdUDPTable OBJECT-TYPE
SYNTAX SEQUENCE OF Layer2FwdUDPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing UDP port ranges configured for L2 forwarding.(indexed via intfPortIndex and entry number)."
::= { layer2FwdGrp 3 }
layer2FwdUDPEntry OBJECT-TYPE
SYNTAX Layer2FwdUDPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the attributes that are specific to the L2 fwd entry for UDP table. Indexed by intfPortLinearIndex and entry number."
INDEX { udpIntfPortIndex,
udpEntryIndex }
::= { layer2FwdUDPTable 1 }
Layer2FwdUDPEntry ::= SEQUENCE {
udpIntfPortIndex
TrellixPortLinearIndex,
udpEntryIndex
INTEGER,
udpPortRange
DisplayString
}
udpIntfPortIndex OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The intfPort linear index"
::= { layer2FwdUDPEntry 1 }
udpEntryIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index"
::= { layer2FwdUDPEntry 2 }
udpPortRange OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..20))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"range for which L2 forwarding feature is enabled. "
::= { layer2FwdUDPEntry 3 }
--
-- This table has entries for layer2Fwd VLAN Table.
--
layer2FwdVLANTable OBJECT-TYPE
SYNTAX SEQUENCE OF Layer2FwdVLANEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing VLAN port ranges configured for L2 forwarding.(indexed via interface number and entry number)."
::= { layer2FwdGrp 4 }
layer2FwdVLANEntry OBJECT-TYPE
SYNTAX Layer2FwdVLANEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the attributes that are specific to the
L2 fwd entry for VLAN table(indexed via intfPortLinearIndex and entry number)."
INDEX { vlanIntfPortIndex,
vlanEntryIndex }
::= { layer2FwdVLANTable 1 }
Layer2FwdVLANEntry ::= SEQUENCE {
vlanIntfPortIndex
TrellixPortLinearIndex,
vlanEntryIndex
INTEGER,
vlanPortRange
DisplayString
}
vlanIntfPortIndex OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The intfPort linear index"
::= { layer2FwdVLANEntry 1 }
vlanEntryIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry index "
::= { layer2FwdVLANEntry 2 }
vlanPortRange OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..20))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"range for which L2 forwarding feature is enabled. Maximum vlan range supported on each interface is 4k. "
::= { layer2FwdVLANEntry 3 }
layer2FwdIPTable OBJECT-TYPE
SYNTAX SEQUENCE OF Layer2FwdIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing IP protocol ranges configured for L2 forwarding.(indexed via intfPortIndex and entry number)."
::= { layer2FwdGrp 5 }
layer2FwdIPEntry OBJECT-TYPE
SYNTAX Layer2FwdIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the attributes that are specific to the L2 fwd. entry for IP table. Indexed by intfPortLinearIndex and entry number."
INDEX { ipIntfPortIndex,
ipEntryIndex }
::= { layer2FwdIPTable 1 }
Layer2FwdIPEntry ::= SEQUENCE {
ipIntfPortIndex
TrellixPortLinearIndex,
ipEntryIndex
INTEGER,
ipPortRange
DisplayString
}
ipIntfPortIndex OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The intfPort linear index"
::= { layer2FwdIPEntry 1 }
ipEntryIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index"
::= { layer2FwdIPEntry 2 }
ipPortRange OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..20))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"range for which L2 forwarding feature is enabled. "
::= { layer2FwdIPEntry 3 }
--This group contains MIB objects related to ARP Configuration
arpCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 103 }
arpSDEnable OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to enable/disable ARP Spoof Detection.
Default: enable"
::= {arpCfgGrp 1 }
--This group contains MIB objects related to ARP Configuration
--This group contains MIB objects related to Packet Capture Configuration
pktCapCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 35 }
pktCapMode OBJECT-TYPE
SYNTAX INTEGER {
disable (1),
portModeEnable (2),
fileModeEnable (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to select packet capture Mode.
File mode is not supported in 6.x release.
Default: disable"
::= {pktCapCfgGrp 1 }
pktCapDuration OBJECT-TYPE
SYNTAX INTEGER (0..315360000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The duration for which capture will be enabled..
Units are in seconds. Default: 120 seconds
duration value 0 indicate indefinite capture till the capture
is stopped.
Default: 120"
::= { pktCapCfgGrp 2 }
pktCapPmSpanPortForCapture OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Span linear port index for the capture:
ISM also needs to verify that port should be configured
as Span port.
Applicable only for port mode capture. Zero indicates no port assigned.
Default: 0"
::= { pktCapCfgGrp 3 }
pktCapFmLocation OBJECT-TYPE
SYNTAX INTEGER {
manager (1),
tftpServer (2),
scpServer (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This will determine whether capture file is to be uploaded to manager, tftpServer or ScpServer.
Note :Applicable only for file mode capture
Default: manager"
::= {pktCapCfgGrp 4 }
pktCapFmMaxSize OBJECT-TYPE
SYNTAX INTEGER (1..100)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The size of the maximum capture file.
It will be configurable but to the maximum value
of sensor define limit.
Default: 100 MB for M8000, M6050, M4050, M3050
58 MB for N450, Wilson
40 MB for Eagle, Diablo
Note :Applicable only for file mode capture"
::= { pktCapCfgGrp 5 }
pktCapFmFUServerAddress OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(50))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"File Upload server IPv4 / IPv6 address.
Note :Applicable only for file mode capture"
::= { pktCapCfgGrp 6 }
pktCapFmFUFileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This specifies the name of the file with the source path on the file upload server.
This is optional. If not set, the filename used will be of the format
'%DEVICE_NAME%-PacketCapture-%TimeStamp%.
Note :Applicable only for file mode capture"
::= { pktCapCfgGrp 7 }
pktCapFmFUSetting OBJECT-TYPE
SYNTAX INTEGER {
manual (1),
automatic (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This option will determine whether user needs to
initiate the file upload or it will be done automatically.
Default: automatic
Note :Applicable only for file mode capture"
::= {pktCapCfgGrp 8 }
pktCapFilterFileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet Capture Filter File Name send by NSM using secure TFTP channel"
::= {pktCapCfgGrp 9 }
pktCapFilterFileTimeStamp OBJECT-TYPE
SYNTAX INTEGER (0..4294967295)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet Capture FilterFile creationTimeStamp"
::= {pktCapCfgGrp 10 }
pktCapFmSCPUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"SCP Server Username.
Note :Applicable only for file mode capture and upload method is SCP"
::= {pktCapCfgGrp 12 }
pktCapFmSCPPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"SCP Server Password.
Note :Applicable only for file mode capture and upload method is SCP"
::= {pktCapCfgGrp 13 }
pktCapCommandGrp OBJECT IDENTIFIER ::= { pktCapCfgGrp 11 }
pktCapCmd OBJECT-TYPE
SYNTAX INTEGER {
start (1),
stop (2),
delete-filter-file(3),
cancel(4),
delete-pcap-file(5)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to start/stop packet capture feature and also
to delete filter file.
Default: stop"
::= {pktCapCommandGrp 1 }
pktCapStatus OBJECT-TYPE
SYNTAX INTEGER {
running (1),
not-running (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Option to access packet capture Status.
Default: idle"
::= {pktCapCommandGrp 2 }
packetCaptureFmFUControl OBJECT-TYPE
SYNTAX INTEGER {
start (1),
stop (2),
upload-to-NSM (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to control manual upload of the file.
Note :Applicable only for file mode capture
Default: stop"
::= {pktCapCommandGrp 3 }
packetCaptureFmFileStatus OBJECT-TYPE
SYNTAX INTEGER {
fileUploadInProgress (1),
fileExistNotUploaded (2),
fileNotExist (3),
fileUploadFailed (4),
fileUploadDone (5),
fileUploadNotStarted (6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet Capture File status.
Note :Applicable only for file mode capture
Default : fileUploadNotStarted"
::= {pktCapCommandGrp 4 }
packetCaptureFmTest OBJECT-TYPE
SYNTAX INTEGER {
start (1),
stop (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to test packet capture file upload function.
Note :Applicable only for file mode capture
Default: stop"
::= {pktCapCommandGrp 5 }
packetCaptureFmTestStatus OBJECT-TYPE
SYNTAX INTEGER {
success (1),
failure (2),
resultNotValid (3),
fileUploadServerConnectFailure (4),
fileUploadServerConnectTimeout (5),
fileUploadServerAuthenticationFailure (6),
fileUploadInProgress (7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet Capture File upload test status.
Note :Applicable only for file mode capture
Default : resultNotValid"
::= {pktCapCommandGrp 6 }
dnsCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 36 }
priDNSServerIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP address of the primary DNS server."
::= { dnsCfgGrp 1 }
secDNSServerIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP address of the secondary DNS server."
::= { dnsCfgGrp 2 }
priDNSServerIpV6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPV6 address of the primary DNS server."
::= { dnsCfgGrp 3 }
secDNSServerIpV6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPV6 address of the secondary DNS server."
::= { dnsCfgGrp 4 }
dnsSearchList OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..1024))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This specifies the space separated list of search suffix for DNS lookup"
::= { dnsCfgGrp 5 }
--
-- This table has entries for layer7DCap Table.
--
layer7DCapConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 37 }
layer7DCapPercentageOfFlows OBJECT-TYPE
SYNTAX INTEGER (1..100)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies percentage of flows allocated for L7 Dcap when
layer7 DCap feature is enabled."
::= { layer7DCapConfigGrp 1 }
layer7DCapBuffSize OBJECT-TYPE
SYNTAX INTEGER (128..1500)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the size of the buffer to be captured when L7 Dap feature is enabled .
. Default: 1500"
::= { layer7DCapConfigGrp 2 }
layer7DCapMaxSupportedFlows OBJECT-TYPE
SYNTAX INTEGER (1..4294967295)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies maximum number of flows supported for L7 Dcap when L7 Dap feature is enabled ."
::= { layer7DCapConfigGrp 3 }
interfacePhysicalPortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 38 }
intfPhysicalPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF IntfPhysicalPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each interface physical port (indexed via intfPhysicalPortIndex)
on each sensor card (indexed via appropriate slotIndex).
This table contains Trellix specific configuration objects.
Tables that contain MIB objects borrowed from MIB-II are in the
TRELLIX-SENSOR-PERF-MIB."
::= { interfacePhysicalPortGrp 1 }
intfPhysicalPortEntry OBJECT-TYPE
SYNTAX IntfPhysicalPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each interface physical port on each IntruShield sensor card.
Indexed by slotIndex/intfPhysicalPortIndex"
INDEX { slotIndex,
intfPhysicalPortIndex }
::= { intfPhysicalPortTable 1 }
IntfPhysicalPortEntry ::= SEQUENCE {
intfPhysicalPortIfDescr
DisplayString,
intfPhysicalPortIfType
TrellixIDSPortType,
intfPhysicalPortIfAdminStatus
INTEGER,
intfPhysicalPortIfOperStatus
INTEGER,
intfPhysicalPortEnableFullDuplex
TruthValue,
intfPhysicalPortSpeed
INTEGER,
intfPhysicalPortSpeedConfig
TrellixPortSpeed, -- was TrellixFEType, now deprecated
intfPhysicalPortIsMcafeeConnector
TruthValue,
intfPhysicalPortAllowAnyConnector
TruthValue,
intfPhysicalPortCageType
INTEGER,
intfPhysicalPortGetMediaType
INTEGER,
intfPhysicalPortSetMediaType
INTEGER,
intfPhysicalPortMonPortIpAddress
IpAddress,
intfPhysicalPortMonPortNetMask
IpAddress,
intfPhysicalPortGatewayIpAddress
IpAddress,
intfPhysicalPortNbadConfigStatus
TruthValue,
intfPhysicalPortVlanId
Integer32,
intfPhysicalPortLBSerialNumber
DisplayString,
intfPhysicalPortLBPortNumber
Integer32,
intfPhysicalPortConnectorType
INTEGER,
intfPhysicalPortLinearIndex
TrellixPortLinearIndex
}
intfPhysicalPortIfDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing information about the interface.
Returns the string that is printed on the box."
::= { intfPhysicalPortEntry 1 }
intfPhysicalPortIfType OBJECT-TYPE
SYNTAX TrellixIDSPortType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of interface, distinguished according to the
physical/link protocol(s) immediately 'below' the network
layer in the protocol stack.
For brevity, Trellix options are as specified by the TC,
TrellixIDSPortType.
However, the SNMP MIB-II - Interfaces MIB specifies many more
valid options. See comments section for details.
"
::= { intfPhysicalPortEntry 2 }
intfPhysicalPortIfAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired state of the interface.
The testing(3) state indicates that no operational packets
can be passed.
Default: down"
::= { intfPhysicalPortEntry 3 }
intfPhysicalPortIfOperStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current operational state of the interface.
The testing(3) state indicates that no operational packets
can be passed.
Default: down"
::= { intfPhysicalPortEntry 4 }
intfPhysicalPortEnableFullDuplex OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Sets interface port to work as a full-duplex one.
Otherwise as half-duplex.
Default: True"
::= { intfPhysicalPortEntry 5 }
intfPhysicalPortSpeed OBJECT-TYPE
SYNTAX INTEGER {
other (0),
ten-Mbps (1),
hundred-Mbps (2),
one-Gbps(3), -- renamed from gig-Mbps
ten-Gbps(4) -- support in M-series only
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Get current speed/negotiation on the interface."
::= { intfPhysicalPortEntry 6 }
intfPhysicalPortSpeedConfig OBJECT-TYPE
SYNTAX TrellixPortSpeed -- was TrellixFEType, now deprecated
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Set desired speed/negotiation on the interface.
Default values are as follows:
I-Series -
fixed-hundred-Mbps (infinity/hichborn/2x00(1a-3b)
auto-gig-Mbps on 3000/4010/4000/2x00(4a,4b)
M-Series -
auto-ten-gig-Mbps on palomar/pyramid(1a-4b),auto-gig-Mbps(5a-8b)
Default: see above"
::= { intfPhysicalPortEntry 7 }
-- intfPhysicalPortIsMcafeeConnector support in M-series sensor only
intfPhysicalPortIsMcafeeConnector OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True: connector is not inserted.
True: connector is inserted in port and McAfee certified.
False: connector is inserted and not McAfee certified. "
::= { intfPhysicalPortEntry 8 }
-- intfPhysicalPortAllowAnyConnector support in M-series sensor only
intfPhysicalPortAllowAnyConnector OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Permit usage of any connector for port.
False: Restrict usage to McAfee certified connector only.
Default: False"
::= { intfPhysicalPortEntry 9 }
-- intfPhysicalPortCageType support in M-series sensor only
intfPhysicalPortCageType OBJECT-TYPE
SYNTAX INTEGER {
other (0),
rJ-45 (1),
rJ-11 (2),
gBIC (3),
sFP (4),
xFP (5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Physical connector cage type on sensor chassis panel."
::= { intfPhysicalPortEntry 10 }
-- intfPhysicalPortGetMediaType support in M-series sensor only
intfPhysicalPortGetMediaType OBJECT-TYPE
SYNTAX INTEGER {
none (0),
optical (1),
electrical (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Gets the media of the connector present in the port cage. None (0) if cage is empty."
::= { intfPhysicalPortEntry 11 }
-- intfPhysicalPortSetMediaType support in M-series sensor only
intfPhysicalPortSetMediaType OBJECT-TYPE
SYNTAX INTEGER {
optical(1),
electrical (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Sets the media of the connector the user desired for the port.
Default: optical"
::= { intfPhysicalPortEntry 12 }
intfPhysicalPortMonPortIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve the IPv4 address of the monitoring port.
Default: 0.0.0.0"
::= { intfPhysicalPortEntry 13 }
intfPhysicalPortMonPortNetMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve netmask for the IPv4 address of the monitoring port.
Default: 0.0.0.0"
::= { intfPhysicalPortEntry 14 }
intfPhysicalPortGatewayIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve the IPv4 address of the gateway.
Default: 0.0.0.0"
::= { intfPhysicalPortEntry 15 }
intfPhysicalPortNbadConfigStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that flow record generation
to be sent to the NBAD server, is enabled over this monitoring port.
Default: False"
::= { intfPhysicalPortEntry 16 }
intfPhysicalPortVlanId OBJECT-TYPE
SYNTAX Integer32 (0..2164326399)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object indicates the Vlan ID of the VLAN to which the monitoring
port is connected."
::= { intfPhysicalPortEntry 17 }
intfPhysicalPortLBSerialNumber OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object indicates the manufacturer provided serial number of
the Load Balancer switch to which the sensor port is connected."
::= { intfPhysicalPortEntry 18 }
intfPhysicalPortLBPortNumber OBJECT-TYPE
SYNTAX Integer32 (1..16)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object returns the port number on the Load Balancer switch to
which the sensor port is connected."
::= { intfPhysicalPortEntry 19 }
-- intfPhysicalPortConnectorType support in R-series sensor only
intfPhysicalPortConnectorType OBJECT-TYPE
SYNTAX INTEGER {
other (0),
qSFP (1),
sFP-plus (2),
sFP-fiber (3),
sFP-copper (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Physical connector type plugged into the port cage."
::= { intfPhysicalPortEntry 20 }
intfPhysicalPortLinearIndex OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object indicates the Linear Index of the monitoring port. This index is
generated by the sensor appliance using the pair of slot index and the port index values.
The other MIB tables would directly use this linear index, whereever applicable."
::= { intfPhysicalPortEntry 21 }
--
-- This group has entries for GTI configuration.
--
gtiConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 39 }
gtiProxyServerName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The proxy server name is the domain name of the HTTP proxy
server in front of the sensor. It looks like www.company.com.
It can also be the IP address of the HTTP proxy server.
0.0.0.0 is the default value"
::= { gtiConfigGrp 1 }
gtiProxyPort OBJECT-TYPE
SYNTAX Integer32 (0..10000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TCP Port on which the HTTP proxy server is listening.
0 is the default value"
::= { gtiConfigGrp 2 }
gtiProxyUsername OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The username to be used to connect to the HTTP proxy server."
::= { gtiConfigGrp 3 }
gtiProxyPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The password to be used to connect to the HTTP proxy server."
::= { gtiConfigGrp 4 }
gtiConfigPrivateCloudGrp OBJECT IDENTIFIER ::= { gtiConfigGrp 5 }
gtiPrivateCloudServerIPAddressType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Identifies the type of GTI Private Cloud Server IP Address. If set to ip-v4, then the
gtiPrivateCloudServerIPv4Address object would be set else if this object is set to ip-v6, then
the gtiPrivateCloudServerIPv6Address object would be set. "
::= { gtiConfigPrivateCloudGrp 1 }
gtiPrivateCloudServerIPv4Address OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv4 address of the GTI Private Cloud server.
The gtiPrivateCloudServerIPv6Address would be zero if the current object is initialized."
::= { gtiConfigPrivateCloudGrp 2 }
gtiPrivateCloudServerIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv6 address of the GTI Private Cloud server.
The gtiPrivateCloudServerIPv4Address would be zero if the current object is initialized."
::= { gtiConfigPrivateCloudGrp 3 }
gtiPrivateCloudServerConnectionConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2),
reconnect (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable or disable or reconnect the Connection with
the GTI Private Cloud Server.
Default: 2, disable"
::= { gtiConfigPrivateCloudGrp 4 }
gtiPrivateCloudServerDeleteCertificate OBJECT-TYPE
SYNTAX INTEGER {
delete (1),
dont-delete (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to delete the GTI Private Cloud Server Certificate at the sensor.
For deleting this certificate, the gtiPrivateCloudServerConnectionConfig should be
disabled. DEFAULT: 2, dont-delete"
::= { gtiConfigPrivateCloudGrp 5 }
gtiPrivateCloudServerCertificateStatus OBJECT-TYPE
SYNTAX INTEGER {
present (1),
not-Present (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the GTI Private Cloud server
certificate status at the sensor"
::= { gtiConfigPrivateCloudGrp 6 }
gtiPrivateCloudChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
gtiPrivateCloud-TrustedSource-Channel-Down (0),
gtiPrivateCloud-TrustedSource-Channel-InProgress (1),
gtiPrivateCloud-TrustedSource-Channel-Established (2),
gtiPrivateCloud-TrustedSource-Channel-Status-Unknown (3),
gtiPrivateCloud-TrustedSource-Channel-Down-Error-In-Cert-ret(4),
gtiPrivateCloud-Network-Issue (5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the gtiPrivateCloud channel status at
the sensor"
::= { gtiConfigPrivateCloudGrp 7 }
gtiUnifiedConfigGrp OBJECT IDENTIFIER ::= { gtiConfigGrp 6 }
gtiFileRESTGTIType OBJECT-TYPE
SYNTAX INTEGER {
private-gti-server (1),
public-gti-server (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send type of GTI server to use for file reputation feature.
DEFAULT: 2, public-gti-server"
::= { gtiUnifiedConfigGrp 1 }
gtiFileRESTPublicGTIFQDN OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send Name Server or FQDN of File Rep GTI server.
Default value is NULL"
::= { gtiUnifiedConfigGrp 2 }
gtiFileRESTUsername OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send username for configured GTI server.
It should be sent in both cases, public server and private server.
Default value is NULL"
::= { gtiUnifiedConfigGrp 3 }
gtiFileRESTPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send password for configured GTI server.
It should be sent in both cases, public server and private server.
Default value is NULL"
::= { gtiUnifiedConfigGrp 4 }
gtiFileRESTConnectionConfig OBJECT-TYPE
SYNTAX INTEGER {
connect-private-gti-server (1),
connect-public-gti-server (2),
reconnect-private-gti-server (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send action to take with the recieved config.
Value 1 will be sent when config is changed to private GTI server first time.
Value 2 will be sent when config is changed to public GTI server.
Value 3 will be sent when private GTI server config is changed, given that
private GTI server is enabled already. Default value: 2"
::= { gtiUnifiedConfigGrp 5 }
gtiFileRESTPvtGTIIPType OBJECT-TYPE
SYNTAX INTEGER {
fqdn (1),
ipv4 (4),
ipv6 (6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send address type of configured GTI server.
Default value: 4, IPv4"
::= { gtiUnifiedConfigGrp 6 }
gtiFileRESTPvtGTIIPv4Address OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv4 address of the GTI File-Rep REST Cloud server.
The gtiFileRESTPvtGTIIPV6Address would be zero if the current object is initialized.
Default Value: NULL"
::= { gtiUnifiedConfigGrp 7 }
gtiFileRESTPvtGTIIPV6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv6 address of the GTI File-Rep REST Cloud server.
The gtiFileRESTPvtGTIIPv4Address would be zero if the current object is initialized.
Default Value: NULL"
::= { gtiUnifiedConfigGrp 8 }
ntpConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 40 }
ntpConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF NtpConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each NTP(Network Time Protocol) server that is specified (indexed via ntpServerIndex).
A maximum of two entries will be supported. Valid ntpServerIndex values are 1 and 2."
::= { ntpConfigGrp 1 }
ntpConfigEntry OBJECT-TYPE
SYNTAX NtpConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry comprises the ntp client side configuration for each of the ntp servers specified."
INDEX { ntpServerIndex }
::= { ntpConfigTable 1 }
NtpConfigEntry ::= SEQUENCE {
ntpConfigServerIPv4
IpAddress,
ntpConfigServerIPv6
Ipv6Address,
ntpConfigPollInterval
INTEGER,
ntpConfigAuthenticationEnable
TruthValue,
ntpConfigKeyId
Integer32,
ntpConfigKeyType
INTEGER,
ntpConfigKeyValue
OCTET STRING
}
ntpConfigServerIPv4 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to specify the IPv4 address of the remote NTP server.
Default: 0.0.0.0"
::= { ntpConfigEntry 1 }
ntpConfigServerIPv6 OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to specify the IPv6 address of the remote NTP server."
::= { ntpConfigEntry 2 }
ntpConfigPollInterval OBJECT-TYPE
SYNTAX INTEGER (3..17)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the minimum poll interval.
The value which is received represents the exponent of 2. If the received value is
x then NTPD daemon process will calculate the min poll as 2^x seconds.
Default: 6"
::= { ntpConfigEntry 3 }
ntpConfigAuthenticationEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies if ntp server authentication is enabled or not for the specified
ntp server.
False : Authentication Disable
True : Authentication Enable
Default: False"
::= { ntpConfigEntry 4 }
ntpConfigKeyId OBJECT-TYPE
SYNTAX Integer32 (1..65534)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object specifies the key id for the corresponding association between an
ntp server and ntp client. This object is used only if ntp server authentication is enabled.
Default: 1"
::= { ntpConfigEntry 5 }
ntpConfigKeyType OBJECT-TYPE
SYNTAX INTEGER {
md5 (1),
sha (2),
sha1 (3),
not-supported (4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the key type for the corresponding key id. This object is used
only if ntp server authentication is enabled.
Default: MD5(1)"
::= { ntpConfigEntry 6 }
ntpConfigKeyValue OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the symmetric key value for the corresponding key id. This object
is used only if ntp server authentication is enabled."
::= { ntpConfigEntry 7 }
ntpConfigFileCreate OBJECT-TYPE
SYNTAX INTEGER {
stop-ntpd (0),
start-ntpd (1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to (create ntp.conf file and start)/(stop) ntpd process.
Default: stop-ntpd (0)"
::= { ntpConfigGrp 2 }
-- This group conatins all MIB objects that specify the configuration of
-- the IntruShield pluggable modules.
--
-- The object pluggableModuleTable within this group suggests that the MIB is
-- designed to support pluggable modules that can contain more than one interface
-- port.
--
-- Support for pluggableModuleGrp is deprecated in V-series sensors(VmIPS).
pluggableModuleGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 41 }
pluggableModuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF PluggableModuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each pluggable Module (indexed via slotIndex)."
::= { pluggableModuleGrp 1 }
pluggableModuleEntry OBJECT-TYPE
SYNTAX PluggableModuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each pluggable module on each IntruShield sensor
card. Indexed by slotIndex"
INDEX { slotIndex }
::= { pluggableModuleTable 1 }
PluggableModuleEntry ::= SEQUENCE {
moduleSerialNumber
DisplayString,
moduleSysType
TrellixPluggableModuleType,
modulePresent
TruthValue,
moduleNumPorts
INTEGER,
moduleRebootRequired
TruthValue
}
moduleSerialNumber OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object describes the Manufacturer-provided serial number
of the pluggable module."
::= { pluggableModuleEntry 1 }
moduleSysType OBJECT-TYPE
SYNTAX TrellixPluggableModuleType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object describes the type of the module plugged in."
::= { pluggableModuleEntry 2 }
modulePresent OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True: Indicates the module is present.
Otherwise not present.
Default: False"
::= { pluggableModuleEntry 3}
moduleNumPorts OBJECT-TYPE
SYNTAX INTEGER (0..12)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object returns the number of ports in this module."
::= { pluggableModuleEntry 4 }
moduleRebootRequired OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object returns whether a reboot is needed to apply the module.
Default: False"
::= { pluggableModuleEntry 5 }
--
-- insightixNetworkGrp
--
insightixNetworkGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 42 }
insightixCfgGrp OBJECT IDENTIFIER ::= { insightixNetworkGrp 1 }
ldapServerIPAddressType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the type of Insightix LDAP server IPAddress. If set to ip-v4, then the
ldapServerIpv4Address object would be set else if this object is set to ip-v6, then
the ldapServerIpv6Address object would be set. "
::= { insightixCfgGrp 1 }
ldapServerIPv4Address OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The IPv4 address of the Insightix LDAP server"
::= { insightixCfgGrp 2 }
ldapServerIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPv6 Address of the Insightix LDAP server."
::= { insightixCfgGrp 3 }
ldapServerPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The ldap server listener port on the insightix server. If SSL is enabled, the standard portnum is 636,
else if ssl is disabled, the standard portnum is 389.
Default: 636"
::= { insightixCfgGrp 4 }
ldapServerSSLConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies if SSL is enabled for insightix ldap server.
Default: 1, enable"
::= { insightixCfgGrp 5 }
ldapServerBaseDN OBJECT-TYPE
SYNTAX DisplayString (SIZE(3..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Base Distinguished Name to be used for retrieving device profile information from the Insightix ldap server.
Default : dc=insightix"
::= { insightixCfgGrp 6 }
ldapServerUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(3..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"UserName to be used for authenticating to the Insightix ldap server."
::= { insightixCfgGrp 7 }
ldapServerPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(3..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Password to be used for authenticating to the Insightix ldap server."
::= { insightixCfgGrp 8 }
ldapServerConfigAction OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object describes about the sensor's possible configuration actions with the insightix ldap server.
Default: 2, disable"
::= { insightixCfgGrp 9 }
ldapServerConfigStatus OBJECT-TYPE
SYNTAX INTEGER {
disConnected (1),
inProgress (2),
connected (3),
sslError(4),
baseDNError(5),
credError(6),
ldapServerError(7),
ldapServerTimeoutError(8),
ldapServerConnectionError(9)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This describes the sensor's possible insightix ldap server configuration states.
Default : deinstalled (4)"
::= { insightixCfgGrp 10 }
--------------------------------------------------
--
-- ntbaChannelCfgGrp
--
ntbaChannelCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 43 }
ntbaServerIPAddressType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IP address type of the
mgmt port at the NTBA end"
::= { ntbaChannelCfgGrp 1 }
ntbaServerIPv4Address OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv4 address of the NTBA server.
The ntbaServerIPv6Address would be zero if the current object is initialized"
::= { ntbaChannelCfgGrp 2 }
ntbaServerIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv6 address of the NTBA server.
The ntbaServerIPv4Address would be zero if the current object is initialized"
::= { ntbaChannelCfgGrp 3 }
ntbaServerPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the NTBA Server Listening TCP port
Default: 8505"
::= { ntbaChannelCfgGrp 4 }
ntbaServerConnectionConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable or disable the TCP Connection with
the NTBA server
Default: 2, disable"
::= { ntbaChannelCfgGrp 5 }
ntbaServerDeleteCertificate OBJECT-TYPE
SYNTAX INTEGER {
delete (1),
dont-delete (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to delete the ntba Server Certificate at the sensor.
For deleting this certificate, the ntbaServerConnectionConfig should be
disabled. DEFAULT: 2, dont-delete"
::= { ntbaChannelCfgGrp 6 }
ntbaServerCertificateStatus OBJECT-TYPE
SYNTAX INTEGER {
present (1),
not-present (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the NTBA server certificate status at
the sensor"
::= { ntbaChannelCfgGrp 7 }
ntbaShdKeySHAValue OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object contains the SHA1 hashed value of sensor name and sensormodel from NSM"
::= { ntbaChannelCfgGrp 8 }
ntbaChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
ntba-Channel-Down (0),
ntba-Channel-InProgress (1),
ntba-Channel-Established (2),
ntba-Channel-Status-Unknown (3),
ntba-Cert-Mismatch (4),
ntba-Hash-Mismatch (5),
ntba-Network-Issue (6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the NTBA SSL channel status at
the sensor"
::= { ntbaChannelCfgGrp 9 }
--------------------------------------------------
--
-- validEdgeChannelCfgGrp
--
validEdgeChannelCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 44 }
validEdgeServerIPAddressType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IP address type of the
mgmt port at the validEdge end"
::= { validEdgeChannelCfgGrp 1 }
validEdgeServerIPv4Address OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv4 address of the validEdge server.
The validEdgeServerIPv6Address would be zero if the current object is initialized"
::= { validEdgeChannelCfgGrp 2 }
validEdgeServerIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv6 address of the validEdge server.
The validEdgeServerIPv4Address would be zero if the current object is initialized"
::= { validEdgeChannelCfgGrp 3 }
validEdgeServerPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the validEdge Server Listening TCP port
Default: 8505"
::= { validEdgeChannelCfgGrp 4 }
validEdgeServerConnectionConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable or disable the TCP Connection with
the validEdge server
Default: 2, disable"
::= { validEdgeChannelCfgGrp 5 }
validEdgeServerDeleteCertificate OBJECT-TYPE
SYNTAX INTEGER {
delete (1),
dont-delete (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to delete the validEdge Server Certificate at the sensor.
For deleting this certificate, the validEdgeServerConnectionConfig should be
disabled. DEFAULT: 2, dont-delete"
::= { validEdgeChannelCfgGrp 6 }
validEdgeServerCertificateStatus OBJECT-TYPE
SYNTAX INTEGER {
present (1),
not-present (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the validEdge server certificate status at
the sensor"
::= { validEdgeChannelCfgGrp 7 }
validEdgeShdKeySHAValue OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object contains the SHA1 hashed value of sensor name and sensormodel from NSM"
::= { validEdgeChannelCfgGrp 8 }
validEdgeChannelStatus OBJECT-TYPE
SYNTAX INTEGER {
validEdge-Channel-Down (0),
validEdge-Channel-InProgress (1),
validEdge-Channel-Established (2),
validEdge-Channel-Status-Unknown (3),
validEdge-Cert-Mismatch (4),
validEdge-Hash-Mismatch (5),
validEdge-Network-Issue (6),
validEdge-Channel-Down-Error-In-Cert-ret(7),
validEdge-Channel-Down-No-Config(8),
validEdge-Channel-Down-Wrong-Config(9),
validEdge-Channel-Down-Cert-Absent(10),
validEdge-Channel-SSL-HandShake-Fail(11),
validEdge-Channel-Down-Reason-Unknown(12),
validEdge-Channel-Down-Config-Disable(13),
validEdge-Channel-Down-Closed-By-NTBA(14),
validEdge-Channel-Down-Large-Pkt-From-NTBA(15),
validEdge-Channel-Down-Missed-KeepAlives(16),
validEdge-Channel-Up-No-Reason(17)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the validEdge SSL channel status at
the sensor"
::= { validEdgeChannelCfgGrp 9 }
validEdgeChannelGlobalUserId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure global matd user id/profile id assigned to a sensor."
::= { validEdgeChannelCfgGrp 10 }
validEdgeChannelGlobalUserName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object is used to configure global matd user name/profile name assigned to a sensor."
::= { validEdgeChannelCfgGrp 11 }
--------------------------------------------------
--
-- dxlCfgGrp
--
dxlCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 45 }
dxlConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Option to enable(1) or dissable(2) the DXL on Sensor."
::= {dxlCfgGrp 1 }
epoCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 46 }
epoIPAddressType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the type of EPO IPAddress. If set to ip-v4, then the epoIPAddress object
would be set else if this object is set to ip-v6, then the epoIPv6Address object
would be set."
::= { epoCfgGrp 1 }
epoIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The IPv4 Address of the EPO Server"
::= { epoCfgGrp 2 }
epoIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IPv6 Address of a EPO Server"
::= { epoCfgGrp 3 }
epoPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The EPO port through which MA connects to EPO Server Default: 8443"
::= { epoCfgGrp 4 }
epoCredUsername OBJECT-TYPE
SYNTAX DisplayString (SIZE(3..100))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"EPO server :username"
::= { epoCfgGrp 5 }
epoCredPasswd OBJECT-TYPE
SYNTAX DisplayString (SIZE(3..100))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"EPO server :Password"
::= { epoCfgGrp 6 }
epoAction OBJECT-TYPE
SYNTAX INTEGER {
connect (1),
disconnect (2),
reconnect (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This config object indicates the epo action (1-Connect, 2-Disconnect, 3-Reconnect) to be taken
by all the dependent modules in the sensor."
::= { epoCfgGrp 7 }
--User authentication using RADIUS
radiusAuthGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 47 }
radiusAuthConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This action object can be used to enable/re-init or disable user authentication using RADIUS.
The value of 'True/Enable' would be interpreted as 're-init', when the configuration is already set to True/Enable.
Default: False (2)"
::= { radiusAuthGrp 1}
radiusPrimaryServerIPAddrType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Identifies the type of IPAddress of the Primary Radius Server. If set to ip-v4, then the radiusPrimaryServerIPAddr object
would be set else if this object is set to ip-v6, then the radiusPrimaryServerIPv6Addr object
would be set."
::= { radiusAuthGrp 2 }
radiusPrimaryServerIPAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the IPv4 Address of the Primary RADIUS server"
::= { radiusAuthGrp 3 }
radiusPrimaryServerIPv6Addr OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the IPv6 Address of the Primary RADIUS Server"
::= { radiusAuthGrp 4 }
radiusPrimaryServerEncrSecret OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the secret to be used in generating the encrypted RADIUS traffic between the client and Primary Radius Server"
::= { radiusAuthGrp 5}
radiusPriServerAuthPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the port on which Primary RADIUS Server is listening for authentication requests.
Default: 1812"
::= { radiusAuthGrp 6}
radiusPriServerAccConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies whether accounting has to be enabled on the Primary Radius Server or not.
Default: True (1)"
::= { radiusAuthGrp 7}
radiusPriServerAccPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the port on which Primary RADIUS Server is listening for accounting requests.
Default: 1813"
::= { radiusAuthGrp 8}
radiusPriServerConnTimeOut OBJECT-TYPE
SYNTAX INTEGER (1..60)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the time in seconds the client has to wait before it can contact the Backup RADIUS Server in case the Primary RADIUS Server fails.
Default: 6"
::= { radiusAuthGrp 9}
radiusBackupServerIPAddrType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the IP Address Type of the Backup RADIUS server"
::= { radiusAuthGrp 10 }
radiusBackupServerIPAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the IPv4 Address of the Backup RADIUS server"
::= { radiusAuthGrp 11 }
radiusBackupServerIPv6Addr OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the IPv6 Address of the Backup RADIUS Server"
::= { radiusAuthGrp 12 }
radiusBackupServerEncrSecret OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..256))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the secret to be used in generating the encrypted RADIUS traffic between the client and Backup Radius Server"
::= { radiusAuthGrp 13 }
radiusBackupServerAuthPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the port on which Backup RADIUS Server is listening for authentication requests.
Default: 1812"
::= { radiusAuthGrp 14}
radiusBackupServerAccConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies whether accounting has to be enabled on the Backup Radius Server or not.
Default: True (1)"
::= { radiusAuthGrp 15}
radiusBackupServerAccPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the port on which Backup RADIUS Server is listening for accounting requests.
Default: 1813"
::= { radiusAuthGrp 16}
radiusBackupServerConnTimeOut OBJECT-TYPE
SYNTAX INTEGER (1..60)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the time in seconds before which the the sensor decides that the Backup server is not responding.
Default: 6"
::= { radiusAuthGrp 17}
sshAccessGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 48 }
sshAccessCfgGrp OBJECT IDENTIFIER ::= { sshAccessGrp 1 }
sshAccessControlStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable ssh access control list for ipv4.
Default: false (2)"
::= {sshAccessCfgGrp 1 }
sshAccessControlResetIpv4 OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to to delete/reset the ssh access ipv4 contol list.
Default: false (2)"
::= {sshAccessCfgGrp 2 }
sshAccessLogSupport OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to enable/disable ssh access messages logging support.
Default: false (2)"
::= {sshAccessCfgGrp 3 }
sshAccessControlResetIpv6 OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to delete/reset ssh access control list for ipv6.
Default: false (2)"
::= {sshAccessCfgGrp 4 }
sshAccessNumIpv4Entries OBJECT-TYPE
SYNTAX INTEGER (0..100)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object ranges from 1 to 100, as only a maximum of 100 entries are supported."
::= { sshAccessGrp 2 }
sshAccessIpTable OBJECT-TYPE
SYNTAX SEQUENCE OF SSHAccessIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"
"
::= { sshAccessGrp 3 }
sshAccessIpEntry OBJECT-TYPE
SYNTAX SSHAccessIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <sshIpv4Index>. "
INDEX { sshIpv4Index }
::= { sshAccessIpTable 1 }
SSHAccessIpEntry ::= SEQUENCE {
sshIpv4Index
INTEGER,
sshIpAddress
IpAddress,
sshMaskIpv4
INTEGER,
sshAccessIpConfig
RowStatus
}
sshIpv4Index OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object sshIpv4Index ranges from 1 to 100, It support only 100 entries."
::= { sshAccessIpEntry 1 }
sshIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP Address of a SSH Access Control(ipv4)."
::= { sshAccessIpEntry 2 }
sshMaskIpv4 OBJECT-TYPE
SYNTAX INTEGER (1..32)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Mask of a SSH Access Control(ipv4)."
::= { sshAccessIpEntry 3 }
sshAccessIpConfig OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object used for user to add and delete rows in to the table."
::= { sshAccessIpEntry 4 }
sshAccessNumIpv6Entries OBJECT-TYPE
SYNTAX INTEGER (0..100)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object ranges from 1 to 100, as only a maximum of 100 entries are supported."
::= { sshAccessGrp 4 }
sshAccessIpv6Table OBJECT-TYPE
SYNTAX SEQUENCE OF SSHAccessIpv6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"
"
::= { sshAccessGrp 5 }
sshAccessIpv6Entry OBJECT-TYPE
SYNTAX SSHAccessIpv6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <sshIpv6Index>.
"
INDEX { sshIpv6Index }
::= { sshAccessIpv6Table 1}
SSHAccessIpv6Entry ::= SEQUENCE {
sshIpv6Index
INTEGER,
sshAccessIpv6Address
Ipv6Address,
sshAccessIpv6Mask
INTEGER,
sshAccessIpv6Config
RowStatus
}
sshIpv6Index OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object sshIpv6Index range from 1 to 100, It support max
100 entries"
::= { sshAccessIpv6Entry 1 }
sshAccessIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPv6 address for the ssh access control list"
::= { sshAccessIpv6Entry 2 }
sshAccessIpv6Mask OBJECT-TYPE
SYNTAX INTEGER (1..128)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPv6 Mask for the ssh access control list"
::= { sshAccessIpv6Entry 3 }
sshAccessIpv6Config OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object used for user to add and delete rows in to the table."
::= { sshAccessIpv6Entry 4 }
--------------------------------------------------
-- This group contains all MIB objects that specify the configuration of
-- pluggable modules for the VSS Switch Load Balancer to be used in conjunction with
-- existing MIB interfacePortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 11 } which will be used as virtual interface port group of VSS switch.
virtualPluggableModuleGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 49 }
moduleOneNumPorts OBJECT-TYPE
SYNTAX INTEGER (0..16)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object returns the number of ports in the first module of VSS Box.
To be used in conjunction with interfacePortGrp of { ivSensorConfigurationMIB 11 } to represent attributes of VSS switch virtual ports.
Default: 0 (If the module is not inserted)"
::= { virtualPluggableModuleGrp 1 }
moduleTwoNumPorts OBJECT-TYPE
SYNTAX INTEGER (0..16)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object returns the number of ports in the first module of VSS Box.
To be used in conjunction with interfacePortGrp of { ivSensorConfigurationMIB 11 } to represent attributes of VSS switch virtual ports.
Default: 0 (If the module is not inserted)"
::= { virtualPluggableModuleGrp 2 }
--------------------------------------------------
--
-- sslProbeAccessGrp
--
sslProbeAccessGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 51 }
sslProbeAccessCfgGrp OBJECT IDENTIFIER ::= { sslProbeAccessGrp 1 }
sslProbeAccessMaxAgentConn OBJECT-TYPE
SYNTAX INTEGER (1..1024)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Configuration option to restrict the total number of connections
that the sensor can handle from the SSL Probes.
Default: 1024"
::= {sslProbeAccessCfgGrp 1 }
sslProbeAccessNumIpv4Entries OBJECT-TYPE
SYNTAX INTEGER (0..64)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object ranges from 1 to 64, as only a maximum of 64 entries are supported."
::= { sslProbeAccessGrp 2 }
sslProbeAccessIpTable OBJECT-TYPE
SYNTAX SEQUENCE OF SSLProbeAccessIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"
"
::= { sslProbeAccessGrp 3 }
sslProbeAccessIpEntry OBJECT-TYPE
SYNTAX SSLProbeAccessIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <sslProbeIpv4Index>. "
INDEX { sslProbeIpv4Index }
::= { sslProbeAccessIpTable 1 }
SSLProbeAccessIpEntry ::= SEQUENCE {
sslProbeIpAddress
IpAddress,
sslProbeMaskIpv4
INTEGER,
sslProbeAccessIpConfig
RowStatus
}
sslProbeIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP Address of a SSL Probe Access Control(ipv4)."
::= { sslProbeAccessIpEntry 1 }
sslProbeMaskIpv4 OBJECT-TYPE
SYNTAX INTEGER (1..32)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Mask of a SSL Probe Access Control(ipv4)."
::= { sslProbeAccessIpEntry 2 }
sslProbeAccessIpConfig OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object used for user to add and delete rows in to the table."
::= { sslProbeAccessIpEntry 3 }
sslProbeAccessNumIpv6Entries OBJECT-TYPE
SYNTAX INTEGER (0..64)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object ranges from 1 to 64, as only a maximum of 64 entries are supported."
::= { sslProbeAccessGrp 4 }
sslProbeAccessIpv6Table OBJECT-TYPE
SYNTAX SEQUENCE OF SSLProbeAccessIpv6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"
"
::= { sslProbeAccessGrp 5 }
sslProbeAccessIpv6Entry OBJECT-TYPE
SYNTAX SSLProbeAccessIpv6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry specified is indexed by <sslProbeIpv6Index>.
"
INDEX { sslProbeIpv6Index }
::= { sslProbeAccessIpv6Table 1}
SSLProbeAccessIpv6Entry ::= SEQUENCE {
sslProbeAccessIpv6Address
Ipv6Address,
sslProbeAccessIpv6Mask
INTEGER,
sslProbeAccessIpv6Config
RowStatus
}
sslProbeAccessIpv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPv6 address for the sslProbe access control list"
::= { sslProbeAccessIpv6Entry 1 }
sslProbeAccessIpv6Mask OBJECT-TYPE
SYNTAX INTEGER (1..128)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IPv6 Mask for the sslProbe access control list"
::= { sslProbeAccessIpv6Entry 2 }
sslProbeAccessIpv6Config OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object used for user to add and delete rows in to the table."
::= { sslProbeAccessIpv6Entry 3 }
--------------------------------------------------
--This group contains MIB objects related to Sensor Certificate Configuration
sensorCertificateGroup OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 52 }
sensorCertificateConfigGrp OBJECT IDENTIFIER ::= { sensorCertificateGroup 1 }
sensorCertificateCSRConfigGrp OBJECT IDENTIFIER ::= { sensorCertificateConfigGrp 1 }
sensorCertificateCSRCountryName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Country name for generating the CSR. Use the two-letter code
without punctuation for country like US or CA."
::= { sensorCertificateCSRConfigGrp 1 }
sensorCertificateCSRStateProvince OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"State or Province name for generating the CSR. Spell out the
state completely."
::= { sensorCertificateCSRConfigGrp 2 }
sensorCertificateCSRLocality OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"City or town name for generating the CSR."
::= { sensorCertificateCSRConfigGrp 3 }
sensorCertificateCSRCompany OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Company name for generating the CSR. If the company name has
symbols, spell out the symbol or omit it to enroll."
::= { sensorCertificateCSRConfigGrp 4 }
sensorCertificateCSROrganizationalUnit OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The organizational unit is the name of the department or organization unit
making the request. This is an optional field"
::= { sensorCertificateCSRConfigGrp 5 }
sensorCertificateCSRCommonName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The common name is the host plus domain name. It looks like
www.company.com or company.com."
::= { sensorCertificateCSRConfigGrp 6 }
sensorCertificateCSRGenerateAction OBJECT-TYPE
SYNTAX INTEGER {
other(0),
generateCSR(1),
generateSelfSigned(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This action is used to generate the CSR/self signed certificate.
Default : other (0)"
::= { sensorCertificateCSRConfigGrp 7 }
sensorCertificateCSRGenerateStatus OBJECT-TYPE
SYNTAX INTEGER {
other (0),
generationInProgress (1),
generationComplete (2),
generationFailed (3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object describes the possible CSR generation states.
Default : other (0)"
::= { sensorCertificateCSRConfigGrp 8 }
sensorCertSubAltName OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"To push sensorCert subject alternative name"
::= { sensorCertificateCSRConfigGrp 9 }
sensorCertificateStatus OBJECT-TYPE
SYNTAX INTEGER {
other (0),
certAbsent (1),
defaultCert (2),
selfsignedCert (3),
casignedCert (4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the cert status on the sensor.
Default: 0"
::= { sensorCertificateConfigGrp 2 }
sensorCertMigrateAction OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"To push request for sensor cert migration"
::= { sensorCertificateConfigGrp 3 }
--------------------------------------------------
sensorStackGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 53 }
stackName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Stack Name"
::= { sensorStackGrp 1 }
stackNodeId OBJECT-TYPE
SYNTAX INTEGER (1..16)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ID of stackNode."
::= { sensorStackGrp 2 }
stackNodeLeftNeighbour OBJECT-TYPE
SYNTAX INTEGER (1..16)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Node id of Left Neighbour, configured in stack"
::= { sensorStackGrp 3 }
stackNodeRightNeighbour OBJECT-TYPE
SYNTAX INTEGER (1..16)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Node id of Right Neighbour, configured in stack"
::= { sensorStackGrp 4 }
interfaceVirtualPortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 54 }
intfVirtualPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF IntfVirtualPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each interface port (indexed via intfPortIndex)
on each sensor card (indexed via appropriate slotIndex).
This table contains Trellix specific configuration objects.
Tables that contain MIB objects borrowed from MIB-II are in the
TRELLIX-SENSOR-PERF-MIB."
::= { interfaceVirtualPortGrp 1 }
intfVirtualPortEntry OBJECT-TYPE
SYNTAX IntfVirtualPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each interface port on each IntruShield sensor card.
Indexed by slotIndex/intfPortIndex"
INDEX { intfVirtualSlotIndex,
intfVirtualPortIndex }
::= { intfVirtualPortTable 1 }
IntfVirtualPortEntry ::= SEQUENCE {
intfVirtualPortIfDescr
DisplayString,
intfVirtualPortIfType
TrellixIDSPortType,
intfVirtualPortIfAdminStatus
INTEGER,
intfVirtualPortOperatingMode
TrellixIDSOperatingMode,
intfVirtualPortEnableFullDuplex
TruthValue,
intfVirtualPortSpeedConfig
TrellixPortSpeed,
intfVirtualPortEnableInternalTap
TruthValue,
intfVirtualPortInOutType
INTEGER,
intfVirtualFailOpenSwitchStatus
INTEGER,
intfVirtualFailOpenPortStatus
INTEGER,
intfVirtualPortEnableAntiSpoofing
INTEGER,
intfVirtualPortAllowAnyConnector
TruthValue,
intfVirtualPortCageType
INTEGER,
intfVirtualPortSetMediaType
INTEGER,
intfVirtualPortMonPortIpAddress
IpAddress,
intfVirtualPortMonPortNetMask
IpAddress,
intfVirtualPortGatewayIpAddress
IpAddress,
intfVirtualPortNbadConfigStatus
TruthValue,
intfVirtualPortVlanId
Integer32,
intfVirtualPortAppIdStatsConfigStatus
TruthValue,
intfVirtualPortLinearIndex
TrellixPortLinearIndex,
intfVirtualPortFECConfig
TruthValue
}
intfVirtualPortIfDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing information about the interface.
Returns the string that is printed on the box."
::= { intfVirtualPortEntry 1 }
intfVirtualPortIfType OBJECT-TYPE
SYNTAX TrellixIDSPortType
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The type of interface, distinguished according to the
physical/link protocol(s) immediately 'below' the network
layer in the protocol stack.
For brevity, Trellix options are as specified by the TC,
TrellixIDSPortType.
However, the SNMP MIB-II - Interfaces MIB specifies many more
valid options. See comments section for details.
"
::= { intfVirtualPortEntry 2 }
intfVirtualPortIfAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired state of the interface.
The testing(3) state indicates that no operational packets
can be passed.
Default: down"
::= { intfVirtualPortEntry 3 }
intfVirtualPortOperatingMode OBJECT-TYPE
SYNTAX TrellixIDSOperatingMode
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"ReadWrite parameter specifies the operating mode for the
Trellix IDS sensor to be used. Different modes supported are
inline-fo-passive(1), non-inline or tap(2), span(3) and
inlne-fc(4), inline-fo-active kit(5 - available on M-series only).
Default: non-inline"
::= { intfVirtualPortEntry 4 }
intfVirtualPortEnableFullDuplex OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Sets interface port to work as a full-duplex one.
Otherwise as half-duplex.
Default: True"
::= { intfVirtualPortEntry 5 }
intfVirtualPortSpeedConfig OBJECT-TYPE
SYNTAX TrellixPortSpeed -- was TrellixFEType, now deprecated
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Set desired speed/negotiation on the interface."
::= { intfVirtualPortEntry 6 }
intfVirtualPortEnableInternalTap OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Set to TRUE to enable feature. Applies to Fast Ethernet (FE)
ports only (see TrellixIDSPortType).
For non FE ports, set to 'FALSE' .
Setting this to 'TRUE' requires that
<intfPortCurrentOperatingMode> is already set to
'monitor-dual-intf'
Default: True"
::= { intfVirtualPortEntry 7 }
intfVirtualPortInOutType OBJECT-TYPE
SYNTAX INTEGER {
inside (1),
outside (2),
not-specified (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object reflects the Input or Output labeling
of this interface port. Used only when operating mode
is inline(1) or monitor-dual-intf(2).
Default: not-specified(3)"
::= { intfVirtualPortEntry 8 }
intfVirtualFailOpenSwitchStatus OBJECT-TYPE
SYNTAX INTEGER {
not-applicable(1),
present(2),
not-present(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Returns the status of the external optical bypass switch
status. For FE ports, this object will return
not-applicable(1). For GE ports, if external optical bypass
switch is connected to sensor ports, this will return
present(2). Otherwise, it will return not-present(3)."
::= { intfVirtualPortEntry 9 }
intfVirtualFailOpenPortStatus OBJECT-TYPE
SYNTAX INTEGER {
not-applicable(1),
inline-fail-open(2),
bypass(3),
tap (4),
absent (5),
unknown (6),
layer2-bypass (7)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Returns the packet forwarding status of the sensor ports connected to the optical bypass switch.
If status is inline-fail-open(2), sensor is doing the
forwarding. If status is bypass(3), the bypass switch is
doing the forwarding and sensor will not process any
traffic in this mode. Tap(4), absent(5) , unknown (6) and layer2-bypass(7)
are available only in M-series for non RJ45(captive) ports
when connected to active FO kit and sensor operating mode
is inline-fail-open-active-kit.
tap - operational status(up), kit(present), heart-beat(tap)
absent - operational status(up), kit(absent), hear-beat(none)
unknown - operational status(down), kit(absent), heart-beat(not available)."
::= { intfVirtualPortEntry 10 }
intfVirtualPortEnableAntiSpoofing OBJECT-TYPE
SYNTAX INTEGER {
disable-bothsides-spoof-detect (1),
enable-inside-spoof-detect (2),
enable-outside-spoof-detect (3),
enable-bothsides-spoof-detect (4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"spoofed packet detect rcvd on the both sides .
Default: 'disable-bothsides-spoof-detect' (0) "
::= { intfVirtualPortEntry 11 }
intfVirtualPortAllowAnyConnector OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Permit usage of any connector for port.
False: Restrict usage to McAfee certified connector only.
Default: False"
::= { intfVirtualPortEntry 12 }
intfVirtualPortCageType OBJECT-TYPE
SYNTAX INTEGER {
other (0),
rJ-45 (1),
rJ-11 (2),
gBIC (3),
sFP (4),
xFP (5),
sFP-plus (6), -- support in R-series only
qSFP (7), -- support in R-series only
rJ-45-plus (8), -- support in R-series only
sFP-plus-BPFO (9) -- support in R-series only
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Physical connector cage type on sensor chassis panel."
::= { intfVirtualPortEntry 13 }
intfVirtualPortSetMediaType OBJECT-TYPE
SYNTAX INTEGER {
optical(1),
electrical (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Sets the media of the connector the user desired for the port.
Default: optical"
::= { intfVirtualPortEntry 14 }
intfVirtualPortMonPortIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve the IPv4 address of the monitoring port.
Default: 0.0.0.0"
::= { intfVirtualPortEntry 15 }
intfVirtualPortMonPortNetMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve netmask for the IPv4 address of the monitoring port.
Default: 0.0.0.0"
::= { intfVirtualPortEntry 16 }
intfVirtualPortGatewayIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure / retrieve the IPv4 address of the gateway.
Default: 0.0.0.0"
::= { intfVirtualPortEntry 17 }
intfVirtualPortNbadConfigStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that flow record generation
to be sent to the NBAD server, is enabled over this monitoring port.
Default: False"
::= { intfVirtualPortEntry 18 }
intfVirtualPortVlanId OBJECT-TYPE
SYNTAX Integer32 (0..2164326399)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB object indicates the Vlan ID of the VLAN to which the monitoring
port is connected."
::= { intfVirtualPortEntry 19 }
intfVirtualPortAppIdStatsConfigStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that the appId stats collection is enabled
over this monitoring port.
Default: True"
::= { intfVirtualPortEntry 20 }
intfVirtualPortLinearIndex OBJECT-TYPE
SYNTAX TrellixPortLinearIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This MIB object indicates the Linear Index of the monitoring port. This index is
generated by the sensor appliance using the pair of slot index and the port index values.
The other MIB tables would directly use this linear index, whereever applicable."
::= { intfVirtualPortEntry 21 }
intfVirtualPortFECConfig OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object value if set to TRUE indicates that FEC is enabled, FALSE for FEC disbaled
Default: False"
::= { intfVirtualPortEntry 22 }
-- responseVirtualPortGrp 'ivSensorConfigurationMIB 55' is not supported currently, reserved for future use
responseVirtualPortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 55 }
respVirtualPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF RespVirtualPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each response port (indexed via respPortIndex)
on each sensor card (indexed via valid slotIndex).
This table contains Trellix specific MIB objects.
"
::= { responseVirtualPortGrp 1 }
respVirtualPortEntry OBJECT-TYPE
SYNTAX RespVirtualPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This MIB object contains all the columnar objects,
that describe the contents of each response port within the Trellix IDS sensor card.
Indexed by slotIndex/respPortIndex"
INDEX { slotIndex,
respPortIndex }
::= { respVirtualPortTable 1 }
RespVirtualPortEntry ::= SEQUENCE {
respVirtualPortDescr
DisplayString,
respVirtualPortType
TrellixIDSPortType,
respVirtualPortAdminStatus
INTEGER,
respVirtualPortOperStatus
INTEGER,
respVirtualPortEnableFullDuplex
TruthValue,
respVirtualPortSpeed
TrellixPortSpeed, -- was TrellixFEType,
respVirtualPortPktDestination
INTEGER,
respVirtualPortMacAddress
MacAddress,
respVirtualCUGEPortSpeed
TrellixCUGEType,
respVirtualAdditionalInfo
DisplayString
}
respVirtualPortDescr OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing information about the interface.
Returns the string that is printed on the box."
::= { respVirtualPortEntry 1 }
respVirtualPortType OBJECT-TYPE
SYNTAX TrellixIDSPortType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of interface, distinguished according to the
physical/link protocol(s) immediately 'below' the network
layer in the protocol stack.
See TrellixIDSPortType.
"
::= { respVirtualPortEntry 2 }
respVirtualPortAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired state of the interface.
Default: Up"
::= { respVirtualPortEntry 3 }
respVirtualPortOperStatus OBJECT-TYPE
SYNTAX INTEGER {
up (1),
down (2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current operational state of the interface.
The testing(3) state indicates that no operational packets
can be passed."
::= { respVirtualPortEntry 4 }
respVirtualPortEnableFullDuplex OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"True: Sets response port to work as a full-duplex one.
otherwise as half-duplex.
If True, respPortFullDuplexPeer must be specified.
Default: False
"
::= { respVirtualPortEntry 5 }
-- Support for respPortSpeed is deprecated in V-series sensors(VmIPS).
respVirtualPortSpeed OBJECT-TYPE
SYNTAX TrellixPortSpeed
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"See TrellixPortSpeed
Default: fixed-hundred-Mbps (2)"
::= { respVirtualPortEntry 6 }
respVirtualPortPktDestination OBJECT-TYPE
SYNTAX INTEGER {
switch (1),
router (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used when response ports are chosen for
sending response packets. When router mode is chosen,
packets will be sent to router with destination MAC as
defined in intfRespMacAddress.
Default value is switch (1)."
::= { respVirtualPortEntry 7 }
respVirtualPortMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the macaddress of the router to which the response
packets have to be sent to."
::= { respVirtualPortEntry 8 }
-- Support for respCUGEPortSpeed is deprecated in V-series sensors(VmIPS).
respVirtualCUGEPortSpeed OBJECT-TYPE
SYNTAX TrellixCUGEType
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Only applicable to copper-gigabit-ethernet ports, to specify whether
10mbps or 100mbps or 1-gbps or auto-neg. See TrellixCUGEType
Default: auto-negotiate"
::= { respVirtualPortEntry 9 }
respVirtualAdditionalInfo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string containing additional information about the response interface.
This mib object will be available only on V-series sensors."
::= { respVirtualPortEntry 11 }
--
-- Interface Virtual Response Table
--
intfVirtualRespTable OBJECT-TYPE
SYNTAX SEQUENCE OF IntfVirtualRespEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table containing entries for each interface port. The
table describes how responses have to be sent in monitoring
mode."
::= { responseVirtualPortGrp 2 }
intfVirtualRespEntry OBJECT-TYPE
SYNTAX IntfVirtualRespEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indexed by slotIndex/intfPortIndex"
INDEX { slotIndex, intfPortIndex }
::= { intfVirtualRespTable 1 }
IntfVirtualRespEntry ::= SEQUENCE {
intfVirtualRespType
INTEGER,
intfVirtualRespPortNo
INTEGER
}
intfVirtualRespType OBJECT-TYPE
SYNTAX INTEGER {
responsePort (1),
inline (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to responsePort (2) causes responses
to be sent via the response port. The response port no that
needs to be used is specified with intfRespPortNo object.
Setting this object to inline (3) causes responses to be
sent inline. Note that in monitoring mode, responses can
only be sent inline when the monitoring port is in
half-duplex mode.
Default action will be responsePort (1)."
::= { intfVirtualRespEntry 1 }
intfVirtualRespPortNo OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the response port number that needs to be used
for this monitoring port. The response ports are configured
by respPortTable."
::= { intfVirtualRespEntry 2 }
--------------------------------------------------
--
-- mvxCfgGrp
--
mvxCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 56 }
mvxConnectionConfig OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable or disable the MVX integration
Default: 2, disable"
::= { mvxCfgGrp 1 }
mvxIPAddressType OBJECT-TYPE
SYNTAX INTEGER {
ip-v4 (4),
ip-v6 (6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IP address type of the
mgmt port at the MVX engine end"
::= { mvxCfgGrp 2 }
mvxBrokerIPv4Address OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv4 address of the MVX engine.
The mvxBrokerIPv4Address would be zero if the current object is initialized"
::= { mvxCfgGrp 3 }
mvxBrokerIPv6Address OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure the IPv6 address of the MVX engine.
The mvxBrokerIPv6Address would be zero if the current object is initialized"
::= { mvxCfgGrp 4 }
mvxUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send username for configured MVX engine.
Default value is NULL"
::= { mvxCfgGrp 5 }
mvxPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..80))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to send password for configured MVX engine.
Default value is NULL"
::= { mvxCfgGrp 6 }
mvxCertificateValidation OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to indicate the MVX server certificate flag at
the sensor"
::= { mvxCfgGrp 7 }
mvxAuthStatus OBJECT-TYPE
SYNTAX INTEGER {
down(2),
up (1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to indicate the authentication status between
sensor and MVX engine "
::= { mvxCfgGrp 8 }
mvxUseProxy OBJECT-TYPE
SYNTAX INTEGER {
disable(2),
enable(1)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to indicate the configured proxy is used by the MVX engine or not "
::= { mvxCfgGrp 9 }
--------------------------------------------------
END