10574 lines
316 KiB
Plaintext
10574 lines
316 KiB
Plaintext
|
|
-- *****************************************************************
|
|
-- MUSARUBRA CONFIDENTIAL
|
|
-- TRELLIX-SENSOR-CONF-MIB:
|
|
-- Trellix (Sensor Configuration MIB)
|
|
--
|
|
-- Copyright (c) 2022 MUSARUBRA US, LLC
|
|
-- All rights reserved.
|
|
--
|
|
-- *****************************************************************
|
|
|
|
TRELLIX-SENSOR-CONF-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
OBJECT-TYPE, MODULE-IDENTITY, Integer32,
|
|
IpAddress, TimeTicks, Unsigned32
|
|
FROM SNMPv2-SMI
|
|
TimeInterval, TruthValue, RowStatus,
|
|
MacAddress, DateAndTime, DisplayString
|
|
FROM SNMPv2-TC
|
|
Ipv6Address
|
|
FROM IPV6-TC
|
|
ivSensorConfiguration, respPortIndex, intfPortIndex, slotIndex, intfPhysicalPortIndex, ntpServerIndex, sslProbeIpv4Index, sslProbeIpv6Index, processorNumIndex, intfVirtualPortIndex, intfVirtualSlotIndex
|
|
FROM TRELLIX-SENSOR-SMI
|
|
TrellixFEType, TrellixIDSOperatingMode, TrellixIDSPortType,
|
|
TrellixIDSResponseMode, TrellixIDSActionResult, TrellixIDSActionStatus,
|
|
TrellixIDSAction, TrellixIDSCardType, TrellixTFTPFileType,
|
|
TrellixTFTPFailedResult, TrellixTFTPInProgressResult, TrellixTFTPStatus,
|
|
TrellixTFTPAction, TrellixGEType,TrellixCUGEType, TrellixPortSpeed, TrellixPluggableModuleType,
|
|
TrellixPortLinearIndex
|
|
FROM TRELLIX-INTRUVERT-TC;
|
|
|
|
ivSensorConfigurationMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200707090000Z"
|
|
ORGANIZATION
|
|
"MUSARUBRA US LLC"
|
|
CONTACT-INFO
|
|
"Trellix Customer Service Department
|
|
|
|
Postal: 6220 American Center Drive
|
|
San Jose CA 95002-2563
|
|
|
|
|
|
Tel: +1 800 338 8754
|
|
|
|
E-mail: support@mcafee.com"
|
|
DESCRIPTION
|
|
"The Configuration MIB for the Trellix IntruShield product.
|
|
|
|
They are furthur broken down into the following groups:
|
|
systemGrp - configuration of the IntruShield node identification.
|
|
emsGrp - configuration of possible EMSs identification
|
|
chassisGrp - configuration of the chassis slots
|
|
managementCardGrp - configuration of the management card(s)
|
|
tftpGrp - configuration of TFTP based services
|
|
sensorCardGp - configuration of the sensor anlysis card(s)
|
|
interfacePortGrp - configuration of interface port(s)
|
|
responsePortGrp - configuration of response port(s)
|
|
pktLogGrp - configuration of the Packet Logging Application
|
|
sslGrp - SSL configuration
|
|
"
|
|
|
|
REVISION "200706140000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
::= { ivSensorConfiguration 1 }
|
|
|
|
|
|
--This group contains objects that identify the IntruShield network element.
|
|
|
|
systemGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 1 }
|
|
|
|
|
|
ivSysName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An administratively assigned name for this IntruShied node.
|
|
By convention, this is the node's fully-qualified domain name."
|
|
::= { systemGrp 1 }
|
|
|
|
ivSysLocation OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The physical location of this node (e.g., `Building 6, IS room 443, 3rd floor')."
|
|
::= { systemGrp 2 }
|
|
|
|
ivSysContact OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The textual identification of the contact person for this IntruShield node,
|
|
together with information on how to contact this person."
|
|
::= { systemGrp 3 }
|
|
|
|
ivSysModel OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is where the manufacturer specifies the model identification
|
|
(number or type) of the network element."
|
|
::= { systemGrp 4 }
|
|
|
|
-- Support for ivSysSerialNumber is deprecated in V-series sensors(VmIPS).
|
|
ivSysSerialNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Manufacturer-provided serial number."
|
|
::= { systemGrp 5 }
|
|
|
|
ivSysDescr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual description of the entity. This value should include the full name and version
|
|
identification of the system's hardware type, software operating system, and networking
|
|
software. It is current that this only contains printable ASCII characters."
|
|
::= { systemGrp 6 }
|
|
|
|
ivSysObjectID OBJECT-TYPE
|
|
SYNTAX OBJECT IDENTIFIER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The vendor's authoritative identification of the
|
|
network management subsystem contained in the
|
|
entity. This value is allocated within the SMI
|
|
enterprises subtree (1.3.6.1.4.1) and provides an
|
|
easy and unambiguous means for determining `what
|
|
kind of box' is being managed. For example, if
|
|
vendor `Flintstones, Inc.' was assigned the
|
|
subtree 1.3.6.1.4.1.4242, it could assign the
|
|
identifier 1.3.6.1.4.1.4242.1.1 to its `Fred
|
|
Router'."
|
|
::= { systemGrp 7 }
|
|
|
|
ivSysUpTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time (in hundredths of a second) since the network management portion of the system
|
|
was last re-initialized."
|
|
::= { systemGrp 8 }
|
|
|
|
ivSysLastCfgTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates time when configuration was changed last."
|
|
::= { systemGrp 9 }
|
|
|
|
-- Support for ivSysDiskSpaceLeft is deprecated in V-series sensors(VmIPS).
|
|
ivSysDiskSpaceLeft OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the numbers of kbytes left on the disk."
|
|
::= { systemGrp 10 }
|
|
|
|
ivSysAlertChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
down (0),
|
|
up (1),
|
|
errorInGetTimeFromManager (2),
|
|
errorGeneratingCertificates (3),
|
|
errorPersistingCertificates (4),
|
|
errorConnectingToManager (5),
|
|
errorInUntrustedConnectionSetup (6),
|
|
errorInInstall (7),
|
|
errorPersistingManagerPublicCertificate (8),
|
|
errorInMutualTrustMatch (9),
|
|
errorInSnmpKeyExchange (10),
|
|
errorInInitialProtocolMessageExchange (11),
|
|
sensorInstallInProgress (12),
|
|
openingAlertChannelInProgress (13),
|
|
errorInLinkHenceReopening (14),
|
|
errorInChannelReopening (15),
|
|
closingChannelInProgress (16),
|
|
errorClosingChannel (17),
|
|
sendAlertWarning (18),
|
|
keepAliveWarning (19),
|
|
errorDeletingCerts (20),
|
|
errorCreatingSnmpUser (21),
|
|
errorChangingSnmpUserKeys (22)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the status of the alert channel connection with
|
|
EMS."
|
|
::= { systemGrp 11 }
|
|
|
|
ivSysPacketLogChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
down (0),
|
|
up (1),
|
|
errorInGetTimeFromManager (2),
|
|
errorGeneratingCertificates (3),
|
|
errorPersistingCertificates (4),
|
|
errorConnectingToManager (5),
|
|
errorInUntrustedConnectionSetup (6),
|
|
errorInInstall (7),
|
|
errorPersistingManagerPublicCertificate (8),
|
|
errorInMutualTrustMatch (9),
|
|
errorInSnmpKeyExchange (10),
|
|
errorInInitialProtocolMessageExchange (11),
|
|
packetLogInstallInProgress (12),
|
|
openingPacketLogInProgress (13),
|
|
errorInLinkHenceReopening (14),
|
|
errorInChannelReopening (15),
|
|
closingChannelInProgress (16),
|
|
errorClosingChannel (17),
|
|
sendLogWarning (18),
|
|
keepAliveWarning (19)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the status of the packet log channel connection with
|
|
EMS."
|
|
::= { systemGrp 12 }
|
|
|
|
ivSysHealth OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
bad (0),
|
|
good (1),
|
|
uninitialized (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the health of the sensor. uninitialized means
|
|
that the sensor does not have signatures hence does not
|
|
detect attacks"
|
|
::= { systemGrp 13 }
|
|
|
|
ivSysResetPassword OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable (0),
|
|
resetPassword (1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to reset the password back to default
|
|
value. Returns not-applicable(0) upon read."
|
|
::= { systemGrp 14 }
|
|
|
|
ivSysDeleteSignatures OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable (0),
|
|
deleteSignatures (1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to delete the signatures on the sensor if present.
|
|
This also reboots the sensor after deleting the signatures. Does nothing
|
|
if signatures are not present. Returns not-applicable(0) upon read."
|
|
::= { systemGrp 15 }
|
|
|
|
-- Support for ivSysSlaveSerialNumber is deprecated in V-series sensors(VmIPS).
|
|
ivSysSlaveSerialNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Manufacturer-provided slave serial number. This is the serial number
|
|
for a cluster-slave in a palomar cluster"
|
|
::= { systemGrp 16 }
|
|
|
|
ivSysUIDSeed OBJECT-TYPE
|
|
SYNTAX INTEGER (0..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the portion of the seed value to be used for generating
|
|
UIDs' for alerts and logs. In case there is a mismatch, the ISM would set the
|
|
right value, which would used by the sensor for new alerts and logs."
|
|
::= { systemGrp 17 }
|
|
|
|
ivSysFipsMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This Object holds the status of the fips mode.If the sensor is operating in FIPS
|
|
mode then this Object will have enable value or else disable value."
|
|
::= { systemGrp 18 }
|
|
|
|
ivSysNumLbPorts OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is set by the NSM to inform the sensors connected to the Load Balancer(LB)
|
|
of the number of ports on the LB switch."
|
|
::= { systemGrp 19 }
|
|
|
|
ivSysUpTimeNew OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time (in hundredths of a second) since the network management portion of the system
|
|
was last re-initialized."
|
|
::= { systemGrp 20 }
|
|
|
|
ivSysCapacityMode OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To push new license from NSM"
|
|
::= { systemGrp 21 }
|
|
|
|
ivSysCurrentCapacityMode OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To get current license mode of sensor"
|
|
::= { systemGrp 22 }
|
|
|
|
ivSysDeviceMode OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To get current device mode"
|
|
::= { systemGrp 23 }
|
|
|
|
ivSysConfDeviceMode OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To get configured device mode"
|
|
::= { systemGrp 24 }
|
|
|
|
ivSysRebootStatus OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If a system reboot is required and Why
|
|
REBOOT_DEFAULT_STATUS (0) // No Reboot Required
|
|
REBOOT_UPGRADE_DOWNLOAD (1)
|
|
REBOOT_SETUP_CHANGE (2)
|
|
REBOOT_IPV6_CONFIG_CHANGE (3)
|
|
REBOOT_SSL_MODE_CHANGE (4)
|
|
REBOOT_JUMBOFRAMEPARSING_CONFIG_CHANGE (5)
|
|
REBOOT_PREV_256BYTES_LOGGING_CONFIG_CHANGE (6)
|
|
NMS_USERS_WRITE_ACCESS_CONFIG_CHANGE (7)
|
|
REBOOT_LAYER7_DCAP_NUM_FLOWS_CHANGE (8)
|
|
REBOOT_LAYER7_DCAP_BUFF_SIZE_CHANGE (9)
|
|
REBOOT_LAYER7_DCAP_STATUS_CHANGE (10)
|
|
REBOOT_SBC_CORE_INCREMENT_CONFIG_CHANGE (11)
|
|
REBOOT_REQUIRED_MAX_SNMPD_RESTART_EXCEEDED (12)
|
|
REBOOT_REQUIRED_SBC_TLV_ERROR (13)
|
|
REBOOT_SNORT_CONFIG_CHANGE (15)
|
|
REBOOT_CAPACITY_MODE_CHANGE (16)
|
|
REBOOT_SSL_FLOWALLOC_CHANGE (17)
|
|
"
|
|
::= { systemGrp 25 }
|
|
|
|
ivSysRebootReason OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains reason for the sensor reboot.
|
|
NULL is stored in the object if reboot is not required"
|
|
::= { systemGrp 26 }
|
|
|
|
--This group contains objects that identify the IP configuration information for the
|
|
--IntruShield network element.
|
|
--
|
|
|
|
systemIPCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 2 }
|
|
|
|
ivSysIPAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the IP Address of the management card on the IntruShield node,
|
|
that interfaces with the EMS."
|
|
::= { systemIPCfgGrp 1 }
|
|
|
|
ivSysMACAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the MAC address of the management card on the IntruShield node."
|
|
::= { systemIPCfgGrp 2 }
|
|
|
|
ivSysSubnetMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the Subnet mask of the management card on the IntruShield node."
|
|
::= { systemIPCfgGrp 3 }
|
|
|
|
ivSysGateway OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the gateway address of the management card on the IntruShield node."
|
|
::= { systemIPCfgGrp 4 }
|
|
|
|
ivSysIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the IPv6 Address of the management card on the IntruShield node,
|
|
that interfaces with the EMS."
|
|
::= { systemIPCfgGrp 5 }
|
|
|
|
ivSysIpv6SubnetMask OBJECT-TYPE
|
|
SYNTAX INTEGER (0..128)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the number of bits that need to set to '1' from left to right,
|
|
int the Ipv6 address Subnet mask of the management card on the IntruShield node."
|
|
::= { systemIPCfgGrp 6 }
|
|
|
|
ivSysIpv6Gateway OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the gateway Ipv6 address of the management card on the IntruShield node."
|
|
::= { systemIPCfgGrp 7 }
|
|
|
|
ivSysVmHostIPAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the IP Address of the Vm Host on which VIPS will be running.
|
|
This mib object will be available only on V-series sensors."
|
|
::= { systemIPCfgGrp 8 }
|
|
|
|
ivSysVmHostIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the IP Address of the Vm Host on which VIPS will be running.
|
|
This mib object will be available only on v-series sensors."
|
|
::= { systemIPCfgGrp 9 }
|
|
|
|
ivSysVmHostName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the Vm Host name on which VIPS will be running.
|
|
This mib object will be available only on V-series sensors."
|
|
::= { systemIPCfgGrp 10 }
|
|
|
|
ivSysVmMgmtAdditionalInfo OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing additional information about the management interface.
|
|
This mib object will be available only on v-series sensors."
|
|
::= { systemIPCfgGrp 11 }
|
|
|
|
|
|
|
|
--
|
|
-- System Failover Group
|
|
--
|
|
--This group contains objects that identify the failover configuration information for the
|
|
--IntruShield network element.
|
|
|
|
systemFailoverGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 3 }
|
|
|
|
ivSysFailoverStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
peer-up (1),
|
|
peer-down (2),
|
|
peer-incompatible (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates if IDS peer is in peer-down or peer-up mode. Default: peer-down (2)."
|
|
::= { systemFailoverGrp 1 }
|
|
|
|
ivSysFailoverAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
on (1),
|
|
off (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate if the sensor is in failover
|
|
configuration or not. If the sensors are in failover
|
|
configuration, then both sensors have to be set to on(1).
|
|
Default: off(2)"
|
|
::= { systemFailoverGrp 2 }
|
|
|
|
ivSysFailoverMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
standalone (0),
|
|
primary (1),
|
|
secondary (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Added for the I-3000/I-4010 sensors.
|
|
This object is used to specify to the sensor if it is primary
|
|
or secondary when failover is enabled.
|
|
This value ( 1 or 2) must be set on the sensor prior to
|
|
enabling failover.
|
|
When failover is disabled, the sensor will automatically
|
|
update this object to standalone (0).
|
|
The manager can opt to explicitly set this after disabling
|
|
failover on the sensor, however it is not necessary.
|
|
Default: standalone(0), since failover is disabled"
|
|
::= { systemFailoverGrp 3 }
|
|
|
|
ivSysFailopenAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate if the sensor should fail-open when
|
|
in failover mode.
|
|
Default: disable(2)"
|
|
::= { systemFailoverGrp 4 }
|
|
|
|
|
|
ivSysSTPForwardConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate if the sensor should forward the STP traffic
|
|
through peer in failover mode.
|
|
Default: disable(2)"
|
|
::= { systemFailoverGrp 5 }
|
|
|
|
--
|
|
-- EmsGrp
|
|
--
|
|
-- This group contians the <emsTable> that identifies two EMSs for this sensor
|
|
-- They are indexed by <emsIndex> and identified by their <emsIPAddress>.
|
|
-- The only field that is writable for each EMS is the emsPriority. All
|
|
-- the other fields are updated by the sensor itself.
|
|
--
|
|
-- An EMS can look at this emsTable to find out the status of sensors
|
|
-- connection to EMSs. Any changes at the EMS can be communicated to the sensor
|
|
-- using the emsChangeAction mib object.
|
|
-- Under error scenarios like sensor getting out of sync with the EMS because it was
|
|
-- offline when the change at EMS took place can also be corrected using the same
|
|
-- emsChangeAction mib object.
|
|
--
|
|
--
|
|
|
|
emsGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 4 }
|
|
|
|
emsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EmsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table comprises of exactly two possible EMS entries each defined by <emsEntry>.
|
|
|
|
|
|
"
|
|
::= { emsGrp 1 }
|
|
|
|
emsEntry OBJECT-TYPE
|
|
SYNTAX EmsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <emsIndex>.
|
|
Additonaly it contains the <emsIPAddress> and <emsPriority>
|
|
"
|
|
INDEX { emsIndex }
|
|
::= { emsTable 1 }
|
|
|
|
EmsEntry ::= SEQUENCE {
|
|
emsIndex
|
|
Integer32,
|
|
emsPriority
|
|
INTEGER,
|
|
emsIPAddress
|
|
IpAddress,
|
|
emsHAMode
|
|
INTEGER,
|
|
emsHAStatus
|
|
INTEGER,
|
|
emsAlertChannelStatus
|
|
INTEGER,
|
|
emsPacketLogChannelStatus
|
|
INTEGER,
|
|
emsIPv6Address
|
|
Ipv6Address,
|
|
emsIPAddressType
|
|
INTEGER,
|
|
emsAuthChannelStatus
|
|
INTEGER
|
|
}
|
|
|
|
|
|
emsIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Fixed index for the two EMS entries. Valid values are [1,2] only."
|
|
::= { emsEntry 1 }
|
|
|
|
|
|
emsPriority OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
primary (1),
|
|
secondary (2),
|
|
standalone (3),
|
|
unknown (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Identifies whether the EMS identifed by the IPAddress is the Primary or Secondary. This value
|
|
is only informational from sensor point of view and is set by the EMS when we have established
|
|
connection to it. Note that transition at EMS from Primary to Secondary or vice versa will have
|
|
no effect on the sensor. The only thing sensor needs to worry about while in MDR mode is the
|
|
active/standby status.
|
|
"
|
|
::= { emsEntry 2 }
|
|
|
|
|
|
emsIPAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP Address of a EMS (in this entry)."
|
|
::= { emsEntry 3 }
|
|
|
|
|
|
emsHAMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
failover (1),
|
|
standalone (2),
|
|
unknown (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Identifies the MDR mode of the EMS. Initially when the system comes up this would be set to
|
|
unknown till we contact the EMS and get its MDR status. This field also gets updated when a
|
|
MDR-to-Standalone or Standalone-to-MDR action is triggered.
|
|
"
|
|
::= { emsEntry 4 }
|
|
|
|
emsHAStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
unknown(1),
|
|
active (2),
|
|
standby (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies if the EMS is an active or a standby when operating in failover mode"
|
|
::= { emsEntry 5 }
|
|
|
|
emsAlertChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
down (0),
|
|
up (1),
|
|
errorInGetTimeFromManager (2),
|
|
errorGeneratingCertificates (3),
|
|
errorPersistingCertificates (4),
|
|
errorConnectingToManager (5),
|
|
errorInUntrustedConnectionSetup (6),
|
|
errorInInstall (7),
|
|
errorPersistingManagerPublicCertificate (8),
|
|
errorInMutualTrustMatch (9),
|
|
errorInSnmpKeyExchange (10),
|
|
errorInInitialProtocolMessageExchange (11),
|
|
sensorInstallInProgress (12),
|
|
openingAlertChannelInProgress (13),
|
|
errorInLinkHenceReopening (14),
|
|
errorInChannelReopening (15),
|
|
closingChannelInProgress (16),
|
|
errorClosingChannel (17),
|
|
sendAlertWarning (18),
|
|
keepAliveWarning (19),
|
|
errorDeletingCerts (20),
|
|
errorCreatingSnmpUser (21),
|
|
errorChangingSnmpUserKeys (22)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the status of the alert channel connection with
|
|
EMS identifed by the emsIPAddress of this entry."
|
|
::= { emsEntry 6 }
|
|
|
|
emsPacketLogChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
down (0),
|
|
up (1),
|
|
errorInGetTimeFromManager (2),
|
|
errorGeneratingCertificates (3),
|
|
errorPersistingCertificates (4),
|
|
errorConnectingToManager (5),
|
|
errorInUntrustedConnectionSetup (6),
|
|
errorInInstall (7),
|
|
errorPersistingManagerPublicCertificate (8),
|
|
errorInMutualTrustMatch (9),
|
|
errorInSnmpKeyExchange (10),
|
|
errorInInitialProtocolMessageExchange (11),
|
|
packetLogInstallInProgress (12),
|
|
openingPacketLogInProgress (13),
|
|
errorInLinkHenceReopening (14),
|
|
errorInChannelReopening (15),
|
|
closingChannelInProgress (16),
|
|
errorClosingChannel (17),
|
|
sendLogWarning (18),
|
|
keepAliveWarning (19)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the status of the packet log channel connection with
|
|
EMS identified by the emsIPAddress of this entry."
|
|
::= { emsEntry 7 }
|
|
|
|
emsIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 Address of a EMS (in this entry)."
|
|
::= { emsEntry 8 }
|
|
|
|
emsIPAddressType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Identifies the type of EMS IPAddress. If set to ip-v4, then the emsIPAddress object
|
|
would be set else if this object is set to ip-v6, then the empIPv6Address object
|
|
would be set.
|
|
"
|
|
::= { emsEntry 9 }
|
|
|
|
emsAuthChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
down (0),
|
|
up (1)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the status of the authentication channel connection with
|
|
EMS identified by the emsIPAddress of this entry."
|
|
::= { emsEntry 10 }
|
|
|
|
emsChangeAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
standalone-to-ha (1),
|
|
ha-to-standalone (2),
|
|
switchover (3),
|
|
add-ism-sec-ip (4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate to the sensor, changes in the EMS MDR operation mode."
|
|
::= { emsGrp 2 }
|
|
|
|
emsParamIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is one of the parameters that need to be set before emsChangeAction is triggered.
|
|
If the action is Switchover this specifies the IP address of the Manager that the sensor should switch to.
|
|
If the action is Standalone-to-MDR this specifies the Peer EMS IP address and this will result in using
|
|
a free entry in the emsTable.
|
|
If the action is MDR-to-Standalone this specifies the future Standalone EMS IP address which should be
|
|
one of the two EMSs specified in the emsTable.
|
|
The acutal swithover or change in MDR opearation mode will be done when indicated by the Manager through the
|
|
emsChangeAction object.
|
|
Setting this object would reset the emsParamIpv6Address and emsParamAddIpv6Address objects.
|
|
"
|
|
::= { emsGrp 3 }
|
|
|
|
emsParamPriority OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
primary (1),
|
|
secondary (2),
|
|
standalone (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object specifies the priority of the EMS setting the standalone-to-MDR change action."
|
|
::= { emsGrp 4 }
|
|
|
|
emsParamAddIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object specifies the secondary IP address of the EMS while in MDR mode. If the emsChangeAction
|
|
is standalone-to-MDR, this specifies the secondary IP address of the new peer Manager. If the
|
|
emsChangeAction is secondary NIC address, this specifies the secondary IP address of the EMS
|
|
identified by emsParamIpAddress.
|
|
Setting this object would reset the emsParamIpv6Address and emsParamAddIpv6Address objects."
|
|
::= { emsGrp 5 }
|
|
|
|
emsParamIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is one of the parameters that need to be set before emsChangeAction is triggered.
|
|
If the action is Switchover this specifies the IPv6 address of the Manager that the sensor should switch to.
|
|
If the action is Standalone-to-MDR this specifies the Peer EMS IPv6 address and this will result in using
|
|
a free entry in the emsTable.
|
|
If the action is MDR-to-Standalone this specifies the future Standalone EMS IPv6 address which should be
|
|
one of the two EMSs specified in the emsTable.
|
|
The acutal swithover or change in MDR opearation mode will be done when indicated by the Manager through the
|
|
emsChangeAction object.
|
|
Setting this object would reset the emsParamIpAddress and emsParamAddIpAddress objects.
|
|
"
|
|
::= { emsGrp 6 }
|
|
|
|
emsParamAddIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object specifies the secondary IPv6 address of the EMS while in MDR mode. If the emsChangeAction
|
|
is standalone-to-MDR, this specifies the secondary IPV6 address of the new peer Manager. If the
|
|
emsChangeAction is secondary NIC address, this specifies the secondary IPv6 address of the EMS
|
|
identified by emsParamIpAddress.
|
|
Setting this object would reset the emsParamIpAddress and emsParamAddIpAddress objects."
|
|
::= { emsGrp 7 }
|
|
|
|
emsTenantId OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(36))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object specifies the TenantId. which identifies unique customer in Trellix eco system"
|
|
::= { emsGrp 8 }
|
|
|
|
emsPrimaryNSMGUID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(36))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object specifies the Primary NSM Server GUID. which identifies unique NSM in Trellix eco system"
|
|
::= { emsGrp 9 }
|
|
|
|
emsSecondaryNSMGUID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(36))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object specifies the Secondary NSM Server GUID. which identifies unique NSM in Trellix eco system"
|
|
::= { emsGrp 10 }
|
|
|
|
--This group contains MIB objects for the configuration of the TFTP service.
|
|
|
|
tftpGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 5 }
|
|
|
|
tftpKey OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the tftp shared secret key between the IntruShield Sensor and EMS.
|
|
Default: All 128 octets filled with '0'."
|
|
::= { tftpGrp 1 }
|
|
|
|
tftpFileSize OBJECT-TYPE
|
|
SYNTAX Integer32 (0..134217727)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The size of the file in bytes. Default: 0 "
|
|
::= { tftpGrp 2 }
|
|
|
|
tftpFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the name of the file to TFTP (with the source path)"
|
|
::= { tftpGrp 3 }
|
|
|
|
tftpServerAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TFTP server IP address.
|
|
Is the EMS address when downloading from EMS to management card.
|
|
Setting this object would reset the tftpServerIpv6Address objects."
|
|
::= { tftpGrp 4 }
|
|
|
|
tftpAction OBJECT-TYPE
|
|
SYNTAX TrellixTFTPAction
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Invokes TFTP service using other (required) parameters defined in <tftpGrp>.
|
|
Valid values are : (0)-other, (1)-downloadimage, (2)-downloadsigfile, (3)-uploaddos,
|
|
(4)-uploadtrace, (5)-downloaddos, (6)-aborttransfer, (7)-downloadcertfile,
|
|
(8)-downloadimageandsigfile, (9)-downloadmperootcertfile,
|
|
(10)-download_sgap_ssl_cert, (11)-upload_sgap_ssl_csr,
|
|
(12)-upload_ibac_ad_file, (13)-download_ibac_ad_file,
|
|
(14)-upload_swh_learned_file,
|
|
(15)-downloadPacketCaptureFilterFile ,(16)-uploadPacketCaptureFilterFile,
|
|
(17)-downloadGeoLocationDatabase, (18)-uploadPacketCapturePCAPFile,
|
|
(19)-download_usrid_acl_file,
|
|
(20)-download-bot-dat-file,
|
|
(21)-download-ntba-ssl-cert-file,(22)-upload-dev-prof-file,
|
|
(25)-download_matd_ssl_cert, (28)-download-ffp-bulk-file,
|
|
(33)-download_zcenter_ssl_cert, (34)-download-gti-private-cloud-cert-file,
|
|
(35)-upload_suricata_failed_rules, (36)-upload_ca_sensor_csr,
|
|
(37)-download_ca_sensor_cert, (38)-download_syslog_ssl_cert,
|
|
(39)-download_ca_cert_store"
|
|
::= { tftpGrp 5 }
|
|
|
|
tftpActionStatus OBJECT-TYPE
|
|
SYNTAX TrellixTFTPStatus
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of the current TFTP action"
|
|
::= { tftpGrp 6 }
|
|
|
|
tftpActionInProgressResult OBJECT-TYPE
|
|
SYNTAX TrellixTFTPInProgressResult
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies TFTP service completion percentage.
|
|
"
|
|
::= { tftpGrp 7 }
|
|
|
|
tftpActionFailedResult OBJECT-TYPE
|
|
SYNTAX TrellixTFTPFailedResult
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"See TrellixTFTPFailedResult"
|
|
::= { tftpGrp 8 }
|
|
|
|
tftpActionTransactionId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used to ensure single file transfer at a time. Default: 0."
|
|
::= { tftpGrp 9 }
|
|
|
|
tftpServerIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TFTP server IPv6 address.
|
|
Is the EMS IPv6 address when downloading from EMS to management card.
|
|
Either one of the Ipv4 or Ipv6 address should be set by the ISM.
|
|
Setting this object would reset the tftpServerIpAddress objects."
|
|
::= { tftpGrp 10 }
|
|
|
|
tftpIVKey OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the tftp Initialization Vector that is used for AES Decryption between the IntruShield Sensor and EMS.
|
|
Default: All 128 octets filled with '0'."
|
|
::= { tftpGrp 11 }
|
|
|
|
--Trellix IntruShield chassis.
|
|
--The chassis may be a slim line enclosure with no explicit slot concept or a larger enclosure
|
|
--with multiple slots.
|
|
--
|
|
--This MIB does not differentiate between the two and models all it's cards
|
|
--as entities that can be associated with a containing slot.
|
|
-- Support for chassisGrp is deprecated in V-series sensors(VmIPS).
|
|
|
|
chassisGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 7 }
|
|
|
|
|
|
temperatureStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
normal (0),
|
|
abnormal (1)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
::= { chassisGrp 1 }
|
|
|
|
fanStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
normal (0),
|
|
abnormal (1),
|
|
removed (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
::= { chassisGrp 2 }
|
|
|
|
primaryPowerSupplyStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-present (0),
|
|
present-operational (1),
|
|
present-nonoperational (2),
|
|
error (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This powerSupply MIB object gives the primary powerSupply status.
|
|
(0) - Primary PowerSupply Module is not present.
|
|
(1) - Primary PowerSupply Module is present and operational.
|
|
(2) - Primary PowerSupply Module is present and its not operational.
|
|
(3) - Error while retrieving the powerSupply status, please re-try after some time."
|
|
::= { chassisGrp 3 }
|
|
|
|
secondaryPowerSupplyStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-present (0),
|
|
present-operational (1),
|
|
present-nonoperational (2),
|
|
error (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This powerSupply MIB object gives the secondary powerSupply status.
|
|
(0) - Secondary PowerSupply Module is not present.
|
|
(1) - Secondary PowerSupply Module is present and operational.
|
|
(2) - Secondary PowerSupply Module is present and its not operational.
|
|
(3) - Error while retrieving the powerSupply status, please re-try after some time."
|
|
::= { chassisGrp 4 }
|
|
|
|
pciLegacyErrorStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"BMC PCI Legacy Error (parity error (PERR) and system error (SERR))"
|
|
::= { chassisGrp 5 }
|
|
|
|
pciFatalError1Status OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"BMC PCI Fatal Error1 Status"
|
|
::= { chassisGrp 6 }
|
|
|
|
pciFatalError2Status OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"BMC PCI Fatal Error2 Status (Continuation of Fatat Error 1)"
|
|
::= { chassisGrp 7 }
|
|
|
|
systemEventLogStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"BMC System Event Log (SEL buffer) Status"
|
|
::= { chassisGrp 8 }
|
|
|
|
bmcWatchdogStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"BMC Watchdog Status"
|
|
::= { chassisGrp 9 }
|
|
|
|
processorStatusTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF ProcessorStatusEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contain list of processors"
|
|
::= { chassisGrp 10 }
|
|
|
|
processorStatusEntry OBJECT-TYPE
|
|
SYNTAX ProcessorStatusEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table entries denotes various processor details for each index (processor) "
|
|
INDEX { processorNumIndex }
|
|
::= { processorStatusTable 1 }
|
|
|
|
ProcessorStatusEntry ::= SEQUENCE{
|
|
processorStatus
|
|
DisplayString,
|
|
}
|
|
|
|
processorStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Processor Presence Status"
|
|
::= { processorStatusEntry 1 }
|
|
|
|
memoryECCStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Memory ECC Status"
|
|
::= { chassisGrp 11 }
|
|
|
|
postSysEventStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"POST Sys Event Status"
|
|
::= { chassisGrp 12 }
|
|
|
|
postErrorStatus OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..512))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"POST Error Status"
|
|
::= { chassisGrp 13 }
|
|
|
|
--Trellix Sensor Slave chassis.
|
|
|
|
slave-ChassisGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 9 }
|
|
|
|
slaveTemperatureStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
normal (0),
|
|
abnormal (1)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
::= { slave-ChassisGrp 1 }
|
|
|
|
slaveFanStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
normal (0),
|
|
abnormal (1)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
::= { slave-ChassisGrp 2 }
|
|
|
|
slavePrimaryPowerSupplyStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-present (0),
|
|
present-operational (1),
|
|
present-nonoperational (2),
|
|
error (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This powerSupply MIB object gives the primary powerSupply status.
|
|
(0) - Slave Primary PowerSupply Module is not present.
|
|
(1) - Slave Primary PowerSupply Module is present and operational.
|
|
(2) - Slave Primary PowerSupply Module is present and its not operational.
|
|
(3) - Error while retrieving the powerSupply status, please re-try after some time."
|
|
::= { slave-ChassisGrp 3 }
|
|
|
|
slaveSecondaryPowerSupplyStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-present (0),
|
|
present-operational (1),
|
|
present-nonoperational (2),
|
|
error (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This powerSupply MIB object gives the secondary powerSupply status.
|
|
(0) - Slave Secondary PowerSupply Module is not present.
|
|
(1) - Slave Secondary PowerSupply Module is present and operational.
|
|
(2) - Slave Secondary PowerSupply Module is present and its not operational.
|
|
(3) - Error while retrieving the powerSupply status, please re-try after some time."
|
|
::= { slave-ChassisGrp 4 }
|
|
|
|
--This group conatins all MIB objects that specify the configuration of the
|
|
--Trellix IntrusShield management card.
|
|
--
|
|
--The object mgmtCardTable within this group suggest that each IntruShield chassis
|
|
--can contain more than one management card, only for standby purposes.
|
|
|
|
managementCardGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 8 }
|
|
|
|
mgmtCardTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF MgmtCardEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains entries, one per management card, indexed by the appropriate slotIndex."
|
|
::= { managementCardGrp 1 }
|
|
|
|
mgmtCardEntry OBJECT-TYPE
|
|
SYNTAX MgmtCardEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each management card within the IntruShield node.
|
|
This entry is indexed by a fixed value slotIndex of 1 (one) for all models."
|
|
INDEX { slotIndex }
|
|
::= { mgmtCardTable 1 }
|
|
|
|
MgmtCardEntry ::= SEQUENCE {
|
|
mcAction
|
|
TrellixIDSAction,
|
|
mcActionStatus
|
|
TrellixIDSActionStatus,
|
|
mcActionResult
|
|
TrellixIDSActionResult,
|
|
mcHwVersion
|
|
DisplayString,
|
|
mcCurrentSwVersion
|
|
DisplayString,
|
|
mcFutureSwFileName
|
|
DisplayString,
|
|
mcDateAndTime
|
|
DateAndTime
|
|
}
|
|
|
|
mcAction OBJECT-TYPE
|
|
SYNTAX TrellixIDSAction
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Actions applicable on this card, uses TC TrellixIDSAction.
|
|
Default: other
|
|
Only 'reset' and 'swupdate' action are supported."
|
|
::= { mgmtCardEntry 1 }
|
|
|
|
mcActionStatus OBJECT-TYPE
|
|
SYNTAX TrellixIDSActionStatus
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Outcome of a SNMP set on the mcAction object. Uses TC TrellixIDSActionStatus
|
|
|
|
Default: other"
|
|
::= { mgmtCardEntry 2 }
|
|
|
|
mcActionResult OBJECT-TYPE
|
|
SYNTAX TrellixIDSActionResult
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detail information when <mcAction> is set to 'reset', based on <mcActionStatus>
|
|
|
|
Default: 0, details not defined."
|
|
::= { mgmtCardEntry 3 }
|
|
|
|
-- Support for mcHwVersion is deprecated in V-series sensors(VmIPS).
|
|
mcHwVersion OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The manufacturer specified hardware version information.
|
|
Typically indicated major, minor, patch information for version."
|
|
::= { mgmtCardEntry 4 }
|
|
|
|
mcCurrentSwVersion OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The manufacturer specified software version information that is currently running.
|
|
Typically indicated major, minor, patch information for version."
|
|
::= { mgmtCardEntry 5 }
|
|
|
|
mcFutureSwFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The new software (image) file residing on flash."
|
|
::= { mgmtCardEntry 6 }
|
|
|
|
mcDateAndTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"System date and time set by EMS."
|
|
::= { mgmtCardEntry 7 }
|
|
|
|
--This group conatins all MIB objects that specify the configuration of the
|
|
--Trellix IDS sensor (analysis) card.
|
|
--
|
|
--The object sensorCardTable within this group suggests that each Trellix IDS chassis
|
|
--may contain more than one sensor card.
|
|
--
|
|
--Support for each logical function is defined in its own table.
|
|
--Each table in this group contains entries, one per sensor card, indexed by <slotIndex>
|
|
|
|
sensorCardGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 10 }
|
|
|
|
sensorCardTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SensorCardEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains entries, one per sensor card and indexed by the slotIndex.
|
|
"
|
|
::= { sensorCardGrp 1 }
|
|
|
|
sensorCardEntry OBJECT-TYPE
|
|
SYNTAX SensorCardEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each sensor card within the Trellix IDS.
|
|
This entry is indexed by a fixed value chassis slotIndex of 2 (two) for all models."
|
|
INDEX { slotIndex }
|
|
::= { sensorCardTable 1 }
|
|
|
|
SensorCardEntry ::= SEQUENCE {
|
|
scAction
|
|
TrellixIDSAction,
|
|
scSigUpdateResult
|
|
TrellixIDSActionResult,
|
|
scHwVersion
|
|
DisplayString,
|
|
scCurrentSwVersion
|
|
DisplayString,
|
|
scFutureSwFileName
|
|
DisplayString,
|
|
scCurrentSigVersion
|
|
DisplayString,
|
|
scFutureSigFileName
|
|
DisplayString,
|
|
scMACAddress
|
|
MacAddress,
|
|
scCurrentBotDATVersion
|
|
DisplayString
|
|
}
|
|
|
|
scAction OBJECT-TYPE
|
|
SYNTAX TrellixIDSAction
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Actions on this card. See TrellixIDSAction
|
|
Default: other
|
|
Only reset and sigupdate are supported."
|
|
::= { sensorCardEntry 1 }
|
|
|
|
scSigUpdateResult OBJECT-TYPE
|
|
SYNTAX TrellixIDSActionResult
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates detail results of scAction object.
|
|
Default: 0
|
|
|
|
"
|
|
::= { sensorCardEntry 2 }
|
|
|
|
-- Support for scHwVersion is deprecated in V-series sensors(VmIPS).
|
|
scHwVersion OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The manufacturer specified hardware version information.
|
|
Typically indicated major, minor, patch information for version."
|
|
::= { sensorCardEntry 3 }
|
|
|
|
scCurrentSwVersion OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The manufacturer specified software version information that is currently running.
|
|
Typically indicated major, minor, patch information for version."
|
|
::= { sensorCardEntry 4 }
|
|
|
|
scFutureSwFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The new software (image) file residing on flash."
|
|
::= { sensorCardEntry 5 }
|
|
|
|
scCurrentSigVersion OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The manufacturer specified signature file version information that is currently running.
|
|
Typically indicated major, minor, patch information for version."
|
|
::= { sensorCardEntry 6 }
|
|
|
|
scFutureSigFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The new signature file residing on flash."
|
|
::= { sensorCardEntry 7 }
|
|
|
|
scMACAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ReadOnly parameter, to allow SNMP manager to view the MAC address of this card."
|
|
::= { sensorCardEntry 8 }
|
|
|
|
scCurrentBotDATVersion OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The manufacturer specified BotDAT file version information that is currently running."
|
|
::= { sensorCardEntry 9 }
|
|
|
|
|
|
--
|
|
-- IP table
|
|
--
|
|
ipTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains entries that define the IP
|
|
configuration objects per sensor card."
|
|
::= { sensorCardGrp 6 }
|
|
|
|
ipEntry OBJECT-TYPE
|
|
SYNTAX IpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table entry contains the sensor card specific ( <slotIndex> based)
|
|
IP configuration objects.
|
|
This entry is indexed by a fixed value chassis slotIndex of 2 (two) for all models."
|
|
INDEX { slotIndex }
|
|
::= { ipTable 1 }
|
|
|
|
IpEntry ::= SEQUENCE {
|
|
ipFragmentTimer
|
|
INTEGER,
|
|
ipOverlapOption
|
|
INTEGER,
|
|
ipTTLConfigMode
|
|
INTEGER,
|
|
ipTTLThreshold
|
|
INTEGER,
|
|
ipTTLResetValue
|
|
INTEGER,
|
|
ipSmallestFragmentSize
|
|
INTEGER,
|
|
ipSmallFragmentThreshold
|
|
INTEGER,
|
|
ipFragmentReassemblyOption
|
|
INTEGER,
|
|
ipv6OverlapOption
|
|
INTEGER,
|
|
ipv6SmallestFragmentSize
|
|
INTEGER,
|
|
ipv6SmallFragmentThreshold
|
|
INTEGER
|
|
|
|
}
|
|
|
|
ipFragmentTimer OBJECT-TYPE
|
|
SYNTAX INTEGER (3..180)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP fragment reassembly timer
|
|
Default: 30 seconds
|
|
|
|
"
|
|
::= { ipEntry 1 }
|
|
|
|
ipOverlapOption OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
oldData (1),
|
|
newData (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to oldData(1), ip reassembly module takes old data.
|
|
Otherwise it takes new data.
|
|
|
|
Default: oldData (1)"
|
|
::= { ipEntry 2 }
|
|
|
|
ipTTLConfigMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noTTLChecking (1),
|
|
checkThreshold (2),
|
|
resetTTL (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to noTTLChecking(1), the TTL in the packet is not
|
|
checked. If set to checkThreshold(2), then TTL is checked
|
|
against the value in ipTTLThreshold object. If set to
|
|
resetTTL(3), the TTL value is reset to the value set by
|
|
ipTTLResetValue object.
|
|
|
|
Default: noTTLChecking (1)"
|
|
::= { ipEntry 3 }
|
|
|
|
ipTTLThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (1..255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the minimum threshold for the TTL value. The TTL
|
|
in the packet is checked against the value configured here.
|
|
If TTL is less than the value configured here, an alert is
|
|
raised.
|
|
|
|
Default: 32"
|
|
::= { ipEntry 4 }
|
|
|
|
ipTTLResetValue OBJECT-TYPE
|
|
SYNTAX INTEGER (1..255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the value that TTL should be reset to.
|
|
|
|
Default: 32"
|
|
::= { ipEntry 5 }
|
|
|
|
ipSmallestFragmentSize OBJECT-TYPE
|
|
SYNTAX INTEGER (8..1480)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the smallest fragment size that is acceptable.
|
|
Any fragments smaller than the size specified here (other
|
|
than the last one) will be counted and an alert raised if
|
|
exceeds the threshold configured. The size should be multiple
|
|
of 8.
|
|
|
|
Default: 256"
|
|
::= { ipEntry 6 }
|
|
|
|
ipSmallFragmentThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (100..100000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Count of acceptable small fragments as specified by
|
|
ipSmallestFragmentSize in 1 minute.
|
|
|
|
Default: 10000"
|
|
::= { ipEntry 7 }
|
|
|
|
ipFragmentReassemblyOption OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
enable (0),
|
|
disable (1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Flag to indicate if sensor should reassemble IP Framgments. Default: enable"
|
|
::= { ipEntry 8 }
|
|
|
|
ipv6OverlapOption OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
oldData (1),
|
|
newData (2),
|
|
drop (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to oldData(1), ipv6 reassembly module takes old data.
|
|
Otherwise it takes new data.
|
|
|
|
Default: oldData (1)"
|
|
::= { ipEntry 9 }
|
|
|
|
ipv6SmallestFragmentSize OBJECT-TYPE
|
|
SYNTAX INTEGER (40..1280)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the smallest ipv6 fragment size that is acceptable.
|
|
Any fragments smaller than the size specified here (other
|
|
than the last one) will be counted and an alert raised if
|
|
exceeds the threshold configured. The size should be multiple
|
|
of 8.
|
|
|
|
Default: 48"
|
|
::= { ipEntry 10 }
|
|
|
|
ipv6SmallFragmentThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (100..100000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Count of acceptable small fragments as specified by
|
|
ipSmallestFragmentSize in 1 minute.
|
|
|
|
Default: 10000"
|
|
::= { ipEntry 11 }
|
|
|
|
--
|
|
-- TCP Table
|
|
--
|
|
tcpTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TcpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains entries that define the TCP configuration objects per sensor card."
|
|
::= { sensorCardGrp 7 }
|
|
|
|
tcpEntry OBJECT-TYPE
|
|
SYNTAX TcpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table entry contains the sensor card specific ( <slotIndex> based)
|
|
TCP configuration objects.
|
|
This entry is indexed by a fixed value chassis slotIndex of 2 (two) for all models."
|
|
INDEX { slotIndex }
|
|
::= { tcpTable 1 }
|
|
|
|
TcpEntry ::= SEQUENCE {
|
|
supportedUDPFlows
|
|
Integer32,
|
|
tcbInactivityTimer
|
|
INTEGER,
|
|
tcpSegmentTimer
|
|
INTEGER,
|
|
tcp2MSLTimer
|
|
INTEGER,
|
|
inactiveFlowsRSTEnabled
|
|
TruthValue,
|
|
dropReTxTCPEnabled
|
|
TruthValue,
|
|
coldStartTime
|
|
INTEGER,
|
|
coldStartDropAction
|
|
INTEGER,
|
|
normalizationOnOffOption
|
|
INTEGER,
|
|
tcpOverlapOption
|
|
INTEGER,
|
|
sAckPermittedOption
|
|
INTEGER,
|
|
tTCPOptionThreshold
|
|
INTEGER,
|
|
dropOnPAWSFail
|
|
INTEGER,
|
|
timestampEchoMatchFail
|
|
INTEGER,
|
|
dropMD5Option
|
|
INTEGER,
|
|
unsolicitedUDPPacketsTimeout
|
|
INTEGER,
|
|
synProxyEnable
|
|
INTEGER,
|
|
ackScanDiscardTime
|
|
INTEGER,
|
|
halfOpenConnectionResetEnable
|
|
INTEGER,
|
|
outOfContextTcpPktEnable
|
|
INTEGER,
|
|
synCookieConfig
|
|
INTEGER,
|
|
synCookieInboundThreshold
|
|
INTEGER,
|
|
synCookieOutboundThreshold
|
|
INTEGER,
|
|
synCookieMss
|
|
INTEGER,
|
|
sinkHoleTimeToLive
|
|
INTEGER,
|
|
sinkHoleIpAddress
|
|
IpAddress
|
|
|
|
}
|
|
|
|
supportedUDPFlows OBJECT-TYPE
|
|
SYNTAX Integer32 (8..1000000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of UDP flows supported.
|
|
Deafult: 1 million, UDP and TCP combined.
|
|
|
|
Default: 100000 for I4000, 25000 for I2600, 5000 for I1200, 10000 for I1400"
|
|
::= { tcpEntry 1 }
|
|
|
|
tcbInactivityTimer OBJECT-TYPE
|
|
SYNTAX INTEGER (3..1200)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCB inactivity timeout
|
|
|
|
Default: 10 minutes"
|
|
::= { tcpEntry 2 }
|
|
|
|
tcpSegmentTimer OBJECT-TYPE
|
|
SYNTAX INTEGER (10..120)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCP segment reassembly timer.
|
|
|
|
Default: 60 seconds
|
|
"
|
|
::= { tcpEntry 3 }
|
|
|
|
tcp2MSLTimer OBJECT-TYPE
|
|
SYNTAX INTEGER (3..120)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCP 2MSL timer
|
|
|
|
Default: 10 seconds"
|
|
::= { tcpEntry 4 }
|
|
|
|
inactiveFlowsRSTEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to RST incative flows enabled (TRUE) or not (FALSE).
|
|
|
|
Default: FALSE"
|
|
::= { tcpEntry 5 }
|
|
|
|
dropReTxTCPEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IntruShield may get TCP segments which have already been processed by it apriori
|
|
(due to the segments being dropped in between it and the destination).
|
|
By default, forward it without any processing, but provide the user with an option
|
|
to drop such selectively retransmitted segments.
|
|
|
|
This object enables the dropping of retransmitted TCP packets.
|
|
|
|
Default: FALSE"
|
|
::= { tcpEntry 6 }
|
|
|
|
coldStartTime OBJECT-TYPE
|
|
SYNTAX INTEGER (0..10080)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When sensor powers up, it will treat the packets for flows
|
|
that did not exist without valid TCB as valid packets. After
|
|
the time configured with this object, packets without valid
|
|
flows are considered invalid packets.
|
|
|
|
Default: 60min"
|
|
::= { tcpEntry 7 }
|
|
|
|
coldStartDropAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
dropFlows (1),
|
|
forwardFlows (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this object is set to dropFlows(1), in inline mode
|
|
sensor will drop the packets without valid TCB.
|
|
|
|
When this object is set to forwardFlows(2), in inline mode
|
|
sensor will forward the packets until coldStartTime. After
|
|
that it will drop the packets without valid TCB.
|
|
|
|
Default: forwardFlows(2)"
|
|
::= { tcpEntry 8 }
|
|
|
|
normalizationOnOffOption OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
on (1),
|
|
off (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or Disable normalization
|
|
|
|
Default: off(2)"
|
|
::= { tcpEntry 9 }
|
|
|
|
tcpOverlapOption OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
oldData (1),
|
|
newData (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this object is set to oldData(1), tcp reassembly module
|
|
will use the old data. Otherwise it will use the newer data.
|
|
|
|
Default: newData(2)"
|
|
::= { tcpEntry 10 }
|
|
|
|
sAckPermittedOption OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
on (1),
|
|
off (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to on, removes in SYN and clears in further packets.
|
|
This applies only in inline mode."
|
|
::= { tcpEntry 11 }
|
|
|
|
tTCPOptionThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Generate alert if too many. TBD"
|
|
::= { tcpEntry 12 }
|
|
|
|
dropOnPAWSFail OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to enable, drop if fails PAWS test. If set to disable
|
|
always forward the packet."
|
|
::= { tcpEntry 13 }
|
|
|
|
timestampEchoMatchFail OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to enable, drop if TS-echo was one not sent earlier.
|
|
If set to disable always forward the packet."
|
|
::= { tcpEntry 14 }
|
|
|
|
dropMD5Option OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to enable, drop packet if SYN=0 and it contains
|
|
no MD5 but MD5 was used at setup. If set to disable always
|
|
forward the packet."
|
|
::= { tcpEntry 15 }
|
|
|
|
unsolicitedUDPPacketsTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (10..3600)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If a UDP response packet is received without a request
|
|
packet, the packet will be dropped. This object configures
|
|
the acceptable request to response time.
|
|
|
|
Default: 60"
|
|
::= { tcpEntry 16 }
|
|
|
|
synProxyEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to enable, sensor will do SYN proxy for every SYN
|
|
request. SYN proxy is done only when TCP SYN flood is
|
|
detected."
|
|
::= { tcpEntry 17 }
|
|
|
|
ackScanDiscardTime OBJECT-TYPE
|
|
SYNTAX INTEGER (0..1440)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time in which ACK scan messages should be discarded.
|
|
Default 15 minutes"
|
|
::= { tcpEntry 18 }
|
|
|
|
halfOpenConnectionResetEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
resetDisable (1),
|
|
resetAllUnfinished3WHConns (2),
|
|
resetDosUnfinished3WHConns (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Resets either all or only DOS packets whose 3 Way Handshake has not finished. Default: Disable(1). "
|
|
::= { tcpEntry 19 }
|
|
|
|
outOfContextTcpPktEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2),
|
|
permit-out-of-order (3),
|
|
deny-no-tcb (4),
|
|
stateless-inspection (5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used to en/dis able processing of out of context TCP packets. Enable aka PERMIT, Disable aka DENY, PERMIT_OUT_OF_ORDER(3), DENY-NO-TCB (4) aka PERMIT-ACL-MODE, STATELESS_INSPECTION (5). Default: PERMIT(1)"
|
|
::= { tcpEntry 20 }
|
|
|
|
synCookieConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disable (0),
|
|
enable-inbound (1),
|
|
enable-outbound (2),
|
|
enable-in-out (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object specifies the directions in which to enable syn cookie when there is a
|
|
SYN flood. This option is valid only for monitoring ports operating in inline mode.
|
|
Default: 0"
|
|
::= { tcpEntry 21 }
|
|
|
|
synCookieInboundThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (0..420000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the threshold value for the number of incomplete SYNs from outside
|
|
network beyond which SYN cookie mechanism has to be enabled.
|
|
Default: 4096"
|
|
::= { tcpEntry 22 }
|
|
|
|
synCookieOutboundThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (0..420000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the threshold value for the number of incomplete SYNs from inside
|
|
network beyond which SYN cookie mechanism has to be enabled.
|
|
Default: 4096"
|
|
::= { tcpEntry 23 }
|
|
|
|
synCookieMss OBJECT-TYPE
|
|
SYNTAX INTEGER (536..1460)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the maximum segment size to be sent in SYN Ack, with SYN cookie mechanism enabled.
|
|
Default: 536"
|
|
::= { tcpEntry 24 }
|
|
|
|
sinkHoleTimeToLive OBJECT-TYPE
|
|
SYNTAX INTEGER (6..18)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the TTL duration for sinkhole. TTL duration can range from 6 hours to 18 hours,
|
|
Default: 12 hours"
|
|
::= { tcpEntry 25 }
|
|
|
|
sinkHoleIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure IPv4 address of sinkhole. It can be any valid ip address apart from
|
|
broadcast and multicast address.
|
|
Default: 127.0.0.1"
|
|
::= { tcpEntry 26 }
|
|
|
|
--
|
|
-- TCP/UDP session reset and log table
|
|
--
|
|
sessionTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Session table is used by user to configure TCP and UDP flows
|
|
in the sensor."
|
|
::= { sensorCardGrp 8 }
|
|
|
|
sessionEntry OBJECT-TYPE
|
|
SYNTAX SessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed with 5-tuple flow parameters and VIDS identifier.
|
|
This table is used only to send sets to the sensor. Doing
|
|
GET on this table will not return any information."
|
|
INDEX {sessionSrcIpAddress, sessionDestIpAddress,
|
|
sessionSrcPortNo, sessionDestPortNo, sessionProtocol,
|
|
sessionVIDSIdentifier }
|
|
::= { sessionTable 1 }
|
|
|
|
SessionEntry ::= SEQUENCE {
|
|
sessionSrcIpAddress
|
|
IpAddress,
|
|
sessionDestIpAddress
|
|
IpAddress,
|
|
sessionSrcPortNo
|
|
INTEGER,
|
|
sessionDestPortNo
|
|
INTEGER,
|
|
sessionProtocol
|
|
INTEGER,
|
|
sessionVIDSIdentifier
|
|
INTEGER,
|
|
sessionConfigAction
|
|
INTEGER,
|
|
sessionLogTime
|
|
INTEGER,
|
|
sessionIntfPortNo
|
|
TrellixPortLinearIndex
|
|
}
|
|
|
|
sessionSrcIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source ip address."
|
|
::= { sessionEntry 1 }
|
|
|
|
sessionDestIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination ip address."
|
|
::= { sessionEntry 2 }
|
|
|
|
sessionSrcPortNo OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source port number."
|
|
::= { sessionEntry 3 }
|
|
|
|
sessionDestPortNo OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination port number."
|
|
::= { sessionEntry 4 }
|
|
|
|
sessionProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
tcp (1),
|
|
udp (2)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Protocol type."
|
|
::= { sessionEntry 5 }
|
|
|
|
sessionVIDSIdentifier OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"VIDS identifier that owns this flow. If VIDS is not
|
|
enabled, this oject will be ignored."
|
|
::= { sessionEntry 6 }
|
|
|
|
sessionConfigAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
resetSession (1),
|
|
logSession (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this object to resetSession(1) causes the flow
|
|
to be reset.
|
|
|
|
Setting this object to logSession(2) causes the flow to be
|
|
logged for the time specified with sessionLogTime object."
|
|
::= { sessionEntry 7 }
|
|
|
|
sessionLogTime OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time for which the packet needs to be logged."
|
|
::= { sessionEntry 8 }
|
|
|
|
sessionIntfPortNo OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sensor linear interface port index on which the attack has been detected.
|
|
This is mandatory when the sessionConfigAction is resetSession. "
|
|
::= { sessionEntry 9 }
|
|
|
|
|
|
--
|
|
-- IPV6 TCP/UDP session reset and log table
|
|
--
|
|
|
|
sessionV6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SessionV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Session table v6 is used by user to configure TCP and UDP flows
|
|
over Ipv6 in the sensor."
|
|
::= { sensorCardGrp 9 }
|
|
|
|
sessionV6Entry OBJECT-TYPE
|
|
SYNTAX SessionV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed with 5-tuple flow parameters and VIDS identifier.
|
|
This table is used only to send sets to the sensor. Doing
|
|
GET on this table will not return any information."
|
|
INDEX {sessionSrcIpv6Address, sessionDestIpv6Address,
|
|
sessionv6SrcPortNo, sessionv6DestPortNo, sessionv6Protocol,
|
|
sessionv6VIDSIdentifier }
|
|
::= { sessionV6Table 1 }
|
|
|
|
SessionV6Entry ::= SEQUENCE {
|
|
sessionSrcIpv6Address
|
|
Ipv6Address,
|
|
sessionDestIpv6Address
|
|
Ipv6Address,
|
|
sessionv6SrcPortNo
|
|
INTEGER,
|
|
sessionv6DestPortNo
|
|
INTEGER,
|
|
sessionv6Protocol
|
|
INTEGER,
|
|
sessionv6VIDSIdentifier
|
|
INTEGER,
|
|
sessionv6ConfigAction
|
|
INTEGER,
|
|
sessionv6LogTime
|
|
INTEGER,
|
|
sessionv6IntfPortNo
|
|
TrellixPortLinearIndex
|
|
}
|
|
|
|
sessionSrcIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source ipv6 address."
|
|
::= { sessionV6Entry 1 }
|
|
|
|
sessionDestIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination ipv6 address."
|
|
::= { sessionV6Entry 2 }
|
|
|
|
sessionv6SrcPortNo OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source port number."
|
|
::= { sessionV6Entry 3 }
|
|
|
|
sessionv6DestPortNo OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination port number."
|
|
::= { sessionV6Entry 4 }
|
|
|
|
sessionv6Protocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
tcp (1),
|
|
udp (2)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Protocol type."
|
|
::= { sessionV6Entry 5 }
|
|
|
|
sessionv6VIDSIdentifier OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"VIDS identifier that owns this flow. If VIDS is not
|
|
enabled, this oject will be ignored."
|
|
::= { sessionV6Entry 6 }
|
|
|
|
sessionv6ConfigAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
resetSession (1),
|
|
logSession (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this object to resetSession(1) causes the flow
|
|
to be reset.
|
|
|
|
Setting this object to logSession(2) causes the flow to be
|
|
logged for the time specified with sessionLogTime object."
|
|
::= { sessionV6Entry 7 }
|
|
|
|
sessionv6LogTime OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time for which the packet needs to be logged."
|
|
::= { sessionV6Entry 8 }
|
|
|
|
sessionv6IntfPortNo OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sensor linear interface port index on which the attack has been detected.
|
|
This is mandatory when the sessionConfigAction is resetSession "
|
|
::= { sessionV6Entry 9 }
|
|
|
|
pluggableModuleState OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the state of the pluggable modules in the system. Applicable
|
|
for Rubicon models only. 32 bit starting from LSB, 4 bits for each
|
|
slot starting from 2, will contain the moduleSysType enum
|
|
=> 0000 0000 0000 0000 0000 <slot4> <slot3> 0000."
|
|
::= { sensorCardGrp 10 }
|
|
|
|
-- This group conatins all MIB objects that specify the configuration of
|
|
-- the IntruShield interface port.
|
|
--
|
|
-- The object intfPortTable within this group suggests that the MIB is
|
|
-- designed to support sensor cards that can contain more than one interface
|
|
-- port.
|
|
--
|
|
|
|
interfacePortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 11 }
|
|
|
|
intfPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IntfPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each interface port (indexed via intfPortIndex)
|
|
on each sensor card (indexed via appropriate slotIndex).
|
|
|
|
This table contains Trellix specific configuration objects.
|
|
Tables that contain MIB objects borrowed from MIB-II are in the
|
|
TRELLIX-SENSOR-PERF-MIB."
|
|
::= { interfacePortGrp 1 }
|
|
|
|
intfPortEntry OBJECT-TYPE
|
|
SYNTAX IntfPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each interface port on each IntruShield sensor card.
|
|
Indexed by slotIndex/intfPortIndex"
|
|
INDEX { slotIndex,
|
|
intfPortIndex }
|
|
::= { intfPortTable 1 }
|
|
|
|
IntfPortEntry ::= SEQUENCE {
|
|
intfPortIfDescr
|
|
DisplayString,
|
|
intfPortIfType
|
|
TrellixIDSPortType,
|
|
intfPortIfAdminStatus
|
|
INTEGER,
|
|
intfPortIfOperStatus
|
|
INTEGER,
|
|
intfPortOperatingMode
|
|
TrellixIDSOperatingMode,
|
|
intfPortEnableFullDuplex
|
|
TruthValue,
|
|
intfPortFullDuplexPeer
|
|
Integer32,
|
|
intfPortSpeed
|
|
INTEGER,
|
|
intfPortSpeedConfig
|
|
TrellixPortSpeed, -- was TrellixFEType, now deprecated
|
|
intfPortEnableInternalTap
|
|
TruthValue,
|
|
intfPortInOutType
|
|
INTEGER,
|
|
intfGEPortSpeedConfig
|
|
INTEGER,
|
|
intfFailOpenSwitchStatus
|
|
INTEGER,
|
|
intfFailOpenPortStatus
|
|
INTEGER,
|
|
intfPortEnableAntiSpoofing
|
|
INTEGER,
|
|
intfPortHostQRActionStatus
|
|
INTEGER,
|
|
intfPortMpeQRActionStatus
|
|
INTEGER,
|
|
intfPortAllowlistACLLookupStatus
|
|
INTEGER,
|
|
intfPortPeerDeviceAdvtStatus
|
|
INTEGER,
|
|
intfPortIsMcafeeConnector
|
|
TruthValue,
|
|
intfPortAllowAnyConnector
|
|
TruthValue,
|
|
intfPortCageType
|
|
INTEGER,
|
|
intfPortGetMediaType
|
|
INTEGER,
|
|
intfPortSetMediaType
|
|
INTEGER,
|
|
intfPortAdditionalInfo
|
|
DisplayString,
|
|
intfPortMonPortIpAddress
|
|
IpAddress,
|
|
intfPortMonPortNetMask
|
|
IpAddress,
|
|
intfPortGatewayIpAddress
|
|
IpAddress,
|
|
intfPortNbadConfigStatus
|
|
TruthValue,
|
|
intfPortVlanId
|
|
Integer32,
|
|
intfPortAppIdStatsConfigStatus
|
|
TruthValue,
|
|
intfPortConnectorType
|
|
INTEGER,
|
|
intfPortLinearIndex
|
|
TrellixPortLinearIndex,
|
|
intfPortFecConfig
|
|
INTEGER,
|
|
intfPortTranceiverSerialNumber
|
|
DisplayString
|
|
}
|
|
|
|
intfPortIfDescr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing information about the interface.
|
|
Returns the string that is printed on the box."
|
|
::= { intfPortEntry 1 }
|
|
|
|
intfPortIfType OBJECT-TYPE
|
|
SYNTAX TrellixIDSPortType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of interface, distinguished according to the
|
|
physical/link protocol(s) immediately 'below' the network
|
|
layer in the protocol stack.
|
|
|
|
For brevity, Trellix options are as specified by the TC,
|
|
TrellixIDSPortType.
|
|
|
|
However, the SNMP MIB-II - Interfaces MIB specifies many more
|
|
valid options. See comments section for details.
|
|
"
|
|
::= { intfPortEntry 2 }
|
|
|
|
intfPortIfAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The desired state of the interface.
|
|
The testing(3) state indicates that no operational packets
|
|
can be passed.
|
|
|
|
Default: down"
|
|
::= { intfPortEntry 3 }
|
|
|
|
intfPortIfOperStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current operational state of the interface.
|
|
The testing(3) state indicates that no operational packets
|
|
can be passed.
|
|
|
|
Default: down"
|
|
::= { intfPortEntry 4 }
|
|
|
|
intfPortOperatingMode OBJECT-TYPE
|
|
SYNTAX TrellixIDSOperatingMode
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ReadWrite parameter specifies the operating mode for the
|
|
Trellix IDS sensor to be used. Different modes supported are
|
|
inline-fo-passive(1), non-inline or tap(2), span(3) and
|
|
inlne-fc(4), inline-fo-active kit(5 - available on M-series only).
|
|
|
|
Default: non-inline"
|
|
::= { intfPortEntry 5 }
|
|
|
|
-- Support for intfPortEnableFullDuplex is deprecated in V-series sensors(VmIPS).
|
|
intfPortEnableFullDuplex OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Sets interface port to work as a full-duplex one.
|
|
Otherwise as half-duplex.
|
|
|
|
Default: True"
|
|
::= { intfPortEntry 6 }
|
|
|
|
-- Support for intfPortFullDuplexPeer is deprecated in V-series sensors(VmIPS).
|
|
intfPortFullDuplexPeer OBJECT-TYPE
|
|
SYNTAX Integer32 (1..32)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object returns the intfPortIndex value of the
|
|
interface port that is a peer. Used only when operating mode
|
|
is inline(1) or monitor-dual-intf(2)."
|
|
::= { intfPortEntry 7 }
|
|
|
|
-- Support for intfPortSpeed is deprecated in V-series sensors(VmIPS).
|
|
intfPortSpeed OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
ten-Mbps (1),
|
|
hundred-Mbps (2),
|
|
one-Gbps(3), -- renamed from gig-Mbps
|
|
ten-Gbps(4), -- support in M-series and R-series only
|
|
forty-Gbps(5) -- support in R-series only
|
|
}
|
|
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Get current speed/negotiation on the interface."
|
|
::= { intfPortEntry 8 }
|
|
|
|
-- Support for intfPortSpeedConfig is deprecated in V-series sensors(VmIPS).
|
|
intfPortSpeedConfig OBJECT-TYPE
|
|
SYNTAX TrellixPortSpeed -- was TrellixFEType, now deprecated
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Set desired speed/negotiation on the interface.
|
|
Default values are as follows:
|
|
I-Series -
|
|
fixed-hundred-Mbps (infinity/hichborn/2x00(1a-3b)
|
|
auto-gig-Mbps on 3000/4010/4000/2x00(4a,4b)
|
|
M-Series -
|
|
auto-ten-gig-Mbps on palomar/pyramid(1a-4b),auto-gig-Mbps(5a-8b)
|
|
Default: see above"
|
|
::= { intfPortEntry 9 }
|
|
|
|
|
|
intfPortEnableInternalTap OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Set to TRUE to enable feature. Applies to Fast Ethernet (FE)
|
|
ports only (see TrellixIDSPortType).
|
|
For non FE ports, set to 'FALSE' .
|
|
Setting this to 'TRUE' requires that
|
|
<intfPortCurrentOperatingMode> is already set to
|
|
'monitor-dual-intf'
|
|
Default: True"
|
|
|
|
::= { intfPortEntry 10 }
|
|
|
|
intfPortInOutType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
inside (1),
|
|
outside (2),
|
|
not-specified (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object reflects the Input or Output labeling
|
|
of this interface port. Used only when operating mode
|
|
is inline(1) or monitor-dual-intf(2).
|
|
|
|
Default: not-specified(3)"
|
|
::= { intfPortEntry 11 }
|
|
|
|
-- Definition of intfGEPortSpeedConfig OID stays in the MIB
|
|
-- Support for intfGEPortSpeedConfig is deprecated in sensors using new MIB.
|
|
-- Support for intfGEPortSpeedConfig is deprecated in M-series sensors and V-series sensors(VmIPS).
|
|
intfGEPortSpeedConfig OBJECT-TYPE
|
|
SYNTAX TrellixGEType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only applicable to gigabit-ethernet ports, to specify
|
|
whether auto or 1 Gbps
|
|
See TrellixGEType
|
|
|
|
Default: 'auto-negotiate'"
|
|
::= { intfPortEntry 12 }
|
|
|
|
-- Support for intfFailOpenSwitchStatus is availble in V-series sensors(VmIPS)
|
|
-- only when port operting mode is inline-fo-active
|
|
intfFailOpenSwitchStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable(1),
|
|
present(2),
|
|
not-present(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the status of the external optical bypass switch
|
|
status. For FE ports, this object will return
|
|
not-applicable(1). For GE ports, if external optical bypass
|
|
switch is connected to sensor ports, this will return
|
|
present(2). Otherwise, it will return not-present(3)."
|
|
::= { intfPortEntry 13 }
|
|
|
|
-- Support for intfFailOpenPortStatus is availble in V-series sensors(VmIPS)
|
|
-- only when port operting mode is inline-fo-active
|
|
intfFailOpenPortStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable(1),
|
|
inline-fail-open(2),
|
|
bypass(3),
|
|
tap (4),
|
|
absent (5),
|
|
unknown (6),
|
|
layer2-bypass (7)
|
|
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the packet forwarding status of the sensor ports connected to the optical bypass switch.
|
|
If status is inline-fail-open(2), sensor is doing the
|
|
forwarding. If status is bypass(3), the bypass switch is
|
|
doing the forwarding and sensor will not process any
|
|
traffic in this mode. Tap(4), absent(5) , unknown (6) and layer2-bypass(7)
|
|
are available only in M-series for non RJ45(captive) ports
|
|
when connected to active FO kit and sensor operating mode
|
|
is inline-fail-open-active-kit.
|
|
tap - operational status(up), kit(present), heart-beat(tap)
|
|
absent - operational status(up), kit(absent), hear-beat(none)
|
|
unknown - operational status(down), kit(absent), heart-beat(not available)."
|
|
::= { intfPortEntry 14 }
|
|
|
|
intfPortEnableAntiSpoofing OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disable-bothsides-spoof-detect (1),
|
|
enable-inside-spoof-detect (2),
|
|
enable-outside-spoof-detect (3),
|
|
enable-bothsides-spoof-detect (4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"spoofed packet detect rcvd on the both sides .
|
|
|
|
Default: 'disable-bothsides-spoof-detect' (0) "
|
|
::= { intfPortEntry 15 }
|
|
|
|
-- unallocated ::= { intfPortEntry 16 }
|
|
-- unallocated ::= { intfPortEntry 17 }
|
|
|
|
intfPortHostQRActionStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(0),
|
|
quarantine(1),
|
|
remediate(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"This object depicts the sensor level host quarantine and remediation action status
|
|
for the specific interface port. The value 'quarantine' indicates just quarantine the host and
|
|
the value 'remediate' indicates both quarantining and remediating the host.
|
|
Default: disabled"
|
|
::= { intfPortEntry 18 }
|
|
|
|
|
|
intfPortMpeQRActionStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(0),
|
|
mpeNotify(1),
|
|
mpeQuarantine(2),
|
|
mpeRemediate(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"This object depicts the MPE respone based host quarantine and remediation action status for the
|
|
specific interface port. The value 'mpeNotify' indicates just informing the MPE server
|
|
about the problem host; the value 'mpeQuarantine' indicates first informing the MPE server
|
|
about the problem host and then quarantine the host based on the response from the MPE-server
|
|
and the MPE based Quarantine and Remediation scope mib object value; and the value 'mpeRemediate'
|
|
indicates first informing the MPE server about the problem host and then remediating the host
|
|
based on the response from the MPE-server and the MPE based Quarantine and Remediation scope
|
|
mib object value.
|
|
Default: disabled"
|
|
::= { intfPortEntry 19 }
|
|
|
|
intfPortAllowlistACLLookupStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(0),
|
|
enabled(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"This object indicates the status of allowlist ACL lookup for this interface port.
|
|
Default: disabled"
|
|
::= { intfPortEntry 20 }
|
|
|
|
-- intfPortPeerDeviceAdvtStatus support in M-series sensor only
|
|
intfPortPeerDeviceAdvtStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0) -- need to provide enum list
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Applicable if sensor port is set to auto-negotiate, else other(0). Specifies the advertised speed-duplex of the peer appliance port connected to this sensor port."
|
|
::= { intfPortEntry 21 }
|
|
|
|
-- intfPortIsMcafeeConnector support in M-series sensor only
|
|
intfPortIsMcafeeConnector OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: connector is not inserted.
|
|
True: connector is inserted in port and McAfee certified.
|
|
False: connector is inserted and not McAfee certified. "
|
|
::= { intfPortEntry 22 }
|
|
|
|
-- intfPortAllowAnyConnector support in M-series sensor only
|
|
intfPortAllowAnyConnector OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Permit usage of any connector for port.
|
|
False: Restrict usage to McAfee certified connector only.
|
|
Default: False"
|
|
::= { intfPortEntry 23 }
|
|
|
|
-- intfPortCageType support in M-series and R-series sensor only
|
|
intfPortCageType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
rJ-45 (1),
|
|
rJ-11 (2),
|
|
gBIC (3),
|
|
sFP (4),
|
|
xFP (5),
|
|
sFP-plus (6), -- support in R-series only
|
|
qSFP (7), -- support in R-series only
|
|
rJ-45-plus (8), -- support in R-series only
|
|
sFP-plus-BPFO (9) -- support in R-series only
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Physical connector cage type on sensor chassis panel."
|
|
::= { intfPortEntry 24 }
|
|
|
|
-- intfPortGetMediaType support in M-series sensor only
|
|
intfPortGetMediaType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none (0),
|
|
optical (1),
|
|
electrical (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Gets the media of the connector present in the port cage. None (0) if cage is empty."
|
|
::= { intfPortEntry 25 }
|
|
|
|
-- intfPortSetMediaType support in M-series sensor only
|
|
intfPortSetMediaType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
optical(1),
|
|
electrical (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sets the media of the connector the user desired for the port.
|
|
Default: optical"
|
|
::= { intfPortEntry 26 }
|
|
|
|
intfPortAdditionalInfo OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing information about the interface.
|
|
Typically returns connector specific information.
|
|
For V-series sensors(vmips) this object will return monitoring ports label."
|
|
::= { intfPortEntry 27 }
|
|
|
|
intfPortMonPortIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve the IPv4 address of the monitoring port.
|
|
Default: 0.0.0.0"
|
|
::= { intfPortEntry 28 }
|
|
|
|
intfPortMonPortNetMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve netmask for the IPv4 address of the monitoring port.
|
|
Default: 0.0.0.0"
|
|
::= { intfPortEntry 29 }
|
|
|
|
intfPortGatewayIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve the IPv4 address of the gateway.
|
|
Default: 0.0.0.0"
|
|
::= { intfPortEntry 30 }
|
|
|
|
intfPortNbadConfigStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that flow record generation
|
|
to be sent to the NBAD server, is enabled over this monitoring port.
|
|
Default: False"
|
|
::= { intfPortEntry 31 }
|
|
|
|
intfPortVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2164326399)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object indicates the Vlan ID of the VLAN to which the monitoring
|
|
port is connected."
|
|
::= { intfPortEntry 32 }
|
|
|
|
intfPortAppIdStatsConfigStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that the appId stats collection is enabled
|
|
over this monitoring port.
|
|
Default: True"
|
|
::= { intfPortEntry 33 }
|
|
|
|
-- intfPortConnectorType support in R-series sensor only
|
|
intfPortConnectorType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
qSFP (1),
|
|
sFP-plus (2),
|
|
sFP-fiber (3),
|
|
sFP-copper (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Physical connector type plugged into the port cage."
|
|
::= { intfPortEntry 34 }
|
|
|
|
intfPortLinearIndex OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object indicates the Linear Index of the monitoring port. This index is
|
|
generated by the sensor appliance using the pair of slot index and the port index values.
|
|
The other MIB tables would directly use this linear index, whereever applicable."
|
|
::= { intfPortEntry 35 }
|
|
|
|
intfPortFecConfig OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure FEC"
|
|
::= { intfPortEntry 36 }
|
|
|
|
intfPortTranceiverSerialNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing information about the interface.
|
|
Typically returns transceiver's serial number."
|
|
::= { intfPortEntry 37 }
|
|
|
|
-- Support for intfPortGBICHotSwapTime is deprecated in V-series sensors(VmIPS).
|
|
intfPortGBICHotSwapTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates time when the front end GBIC for any port was hot swapped last."
|
|
::= { interfacePortGrp 2 }
|
|
|
|
--This group contains all MIB objects that specify the configuration of the IntruShield
|
|
--response port.
|
|
--
|
|
--The object respPortTable within this group suggests that the MIB is designed to support
|
|
--response cards that can contain more than one response port.
|
|
|
|
responsePortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 12 }
|
|
|
|
respPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RespPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each response port (indexed via respPortIndex)
|
|
on each sensor card (indexed via valid slotIndex).
|
|
|
|
This table contains Trellix specific MIB objects.
|
|
"
|
|
::= { responsePortGrp 1 }
|
|
|
|
respPortEntry OBJECT-TYPE
|
|
SYNTAX RespPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each response port within the Trellix IDS sensor card.
|
|
Indexed by slotIndex/respPortIndex"
|
|
INDEX { slotIndex,
|
|
respPortIndex }
|
|
::= { respPortTable 1 }
|
|
|
|
RespPortEntry ::= SEQUENCE {
|
|
respPortDescr
|
|
DisplayString,
|
|
respPortType
|
|
TrellixIDSPortType,
|
|
respPortAdminStatus
|
|
INTEGER,
|
|
respPortOperStatus
|
|
INTEGER,
|
|
respPortEnableFullDuplex
|
|
TruthValue,
|
|
respPortSpeed
|
|
TrellixPortSpeed, -- was TrellixFEType,
|
|
respPortPktDestination
|
|
INTEGER,
|
|
respPortMacAddress
|
|
MacAddress,
|
|
respCUGEPortSpeed
|
|
TrellixCUGEType,
|
|
respAdditionalInfo
|
|
DisplayString
|
|
}
|
|
|
|
respPortDescr OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing information about the interface.
|
|
Returns the string that is printed on the box."
|
|
::= { respPortEntry 1 }
|
|
|
|
respPortType OBJECT-TYPE
|
|
SYNTAX TrellixIDSPortType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of interface, distinguished according to the
|
|
physical/link protocol(s) immediately 'below' the network
|
|
layer in the protocol stack.
|
|
|
|
See TrellixIDSPortType.
|
|
"
|
|
::= { respPortEntry 2 }
|
|
|
|
respPortAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The desired state of the interface.
|
|
|
|
Default: Up"
|
|
::= { respPortEntry 3 }
|
|
|
|
respPortOperStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current operational state of the interface.
|
|
The testing(3) state indicates that no operational packets
|
|
can be passed."
|
|
::= { respPortEntry 4 }
|
|
|
|
-- Support for respPortEnableFullDuplex is deprecated in V-series sensors(VmIPS).
|
|
respPortEnableFullDuplex OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Sets response port to work as a full-duplex one.
|
|
otherwise as half-duplex.
|
|
If True, respPortFullDuplexPeer must be specified.
|
|
|
|
Default: False
|
|
"
|
|
::= { respPortEntry 5 }
|
|
|
|
-- Support for respPortSpeed is deprecated in V-series sensors(VmIPS).
|
|
respPortSpeed OBJECT-TYPE
|
|
SYNTAX TrellixPortSpeed
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"See TrellixPortSpeed
|
|
|
|
Default: fixed-hundred-Mbps (2)"
|
|
::= { respPortEntry 6 }
|
|
|
|
respPortPktDestination OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
switch (1),
|
|
router (2)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used when response ports are chosen for
|
|
sending response packets. When router mode is chosen,
|
|
packets will be sent to router with destination MAC as
|
|
defined in intfRespMacAddress.
|
|
|
|
Default value is switch (1)."
|
|
::= { respPortEntry 7 }
|
|
|
|
respPortMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the macaddress of the router to which the response
|
|
packets have to be sent to."
|
|
::= { respPortEntry 8 }
|
|
|
|
-- Support for respCUGEPortSpeed is deprecated in V-series sensors(VmIPS).
|
|
respCUGEPortSpeed OBJECT-TYPE
|
|
SYNTAX TrellixCUGEType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only applicable to copper-gigabit-ethernet ports, to specify whether
|
|
10mbps or 100mbps or 1-gbps or auto-neg. See TrellixCUGEType
|
|
|
|
Default: auto-negotiate"
|
|
::= { respPortEntry 9 }
|
|
|
|
|
|
respAdditionalInfo OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing additional information about the response interface.
|
|
This mib object will be available only on V-series sensors."
|
|
::= { respPortEntry 11 }
|
|
|
|
|
|
-- respPortPktDestination OBJECT-TYPE
|
|
--
|
|
-- Interface Response Table
|
|
--
|
|
intfRespTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IntfRespEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each interface port. The
|
|
table describes how responses have to be sent in monitoring
|
|
mode."
|
|
::= { responsePortGrp 2 }
|
|
|
|
intfRespEntry OBJECT-TYPE
|
|
SYNTAX IntfRespEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by slotIndex/intfPortIndex"
|
|
INDEX { slotIndex, intfPortIndex }
|
|
::= { intfRespTable 1 }
|
|
|
|
IntfRespEntry ::= SEQUENCE {
|
|
intfRespType
|
|
INTEGER,
|
|
intfRespPortNo
|
|
INTEGER
|
|
}
|
|
|
|
intfRespType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
responsePort (1),
|
|
inline (2)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this object to responsePort (2) causes responses
|
|
to be sent via the response port. The response port no that
|
|
needs to be used is specified with intfRespPortNo object.
|
|
|
|
Setting this object to inline (3) causes responses to be
|
|
sent inline. Note that in monitoring mode, responses can
|
|
only be sent inline when the monitoring port is in
|
|
half-duplex mode.
|
|
|
|
Default action will be responsePort (1)."
|
|
::= { intfRespEntry 1 }
|
|
|
|
intfRespPortNo OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the response port number that needs to be used
|
|
for this monitoring port. The response ports are configured
|
|
by respPortTable."
|
|
::= { intfRespEntry 2 }
|
|
|
|
|
|
--
|
|
-- DOS Configuration Group
|
|
--
|
|
dosConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 14 }
|
|
|
|
dosLearningModeAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
forceDetection (1),
|
|
learning (2),
|
|
reloadProfile (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to switch the mode to DOS learning or
|
|
force detection mode .
|
|
|
|
The saved profile can be reloaded by setting the object to
|
|
reloadProfile(3).
|
|
|
|
When set to forceDetection (1), user must be warned as follows,
|
|
Warning: You are about to force the sensor into Detection Mode
|
|
before the required 48-hour learning period.
|
|
The traffic profile learned by the sensor may not be
|
|
adequate for DOS attack detection and prevention.
|
|
It is desirable to place the sensor in learning mode
|
|
while receiving normal traffic for at least 48 hours.
|
|
"
|
|
::= {dosConfigGrp 1 }
|
|
|
|
--
|
|
-- DOS Profile Table
|
|
--
|
|
-- This table will only support GET requests
|
|
--
|
|
dosProfileTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF DosProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table defines profile data for each DOS VPT entry."
|
|
::= { dosConfigGrp 2 }
|
|
|
|
dosProfileEntry OBJECT-TYPE
|
|
SYNTAX DosProfileEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by VIDS ID and Profile ID."
|
|
INDEX { dosProfileVidsId, dosProfileId }
|
|
::= { dosProfileTable 1 }
|
|
|
|
DosProfileEntry ::= SEQUENCE {
|
|
dosProfileVidsId
|
|
Unsigned32,
|
|
dosProfileId
|
|
Unsigned32,
|
|
dosProfileStatus
|
|
INTEGER,
|
|
dosProfileLearningTime
|
|
Unsigned32
|
|
}
|
|
|
|
dosProfileVidsId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The virtual admin domain identifier."
|
|
::= { dosProfileEntry 1 }
|
|
|
|
dosProfileId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identifier of the profile."
|
|
::= { dosProfileEntry 2 }
|
|
|
|
dosProfileStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
learning(1),
|
|
detection(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of the profile entry."
|
|
::= { dosProfileEntry 3 }
|
|
|
|
dosProfileLearningTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time (in hundredths of a second) since learning was started for the profile."
|
|
::= { dosProfileEntry 4 }
|
|
|
|
|
|
--
|
|
-- DOS Profile Bulk Table
|
|
--
|
|
dosProfileBulkTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF DosProfileBulkEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table defines profile data for each DOS VPT entry. This table
|
|
is primarily used to get the GETNEXT and GETBULK."
|
|
::= { dosConfigGrp 3 }
|
|
|
|
dosProfileBulkEntry OBJECT-TYPE
|
|
SYNTAX DosProfileBulkEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by profile index."
|
|
INDEX { dosProfileBulkIndex }
|
|
::= { dosProfileBulkTable 1 }
|
|
|
|
DosProfileBulkEntry ::= SEQUENCE {
|
|
dosProfileBulkIndex
|
|
INTEGER,
|
|
dosProfileBulkVidsId
|
|
Unsigned32,
|
|
dosProfileBulkId
|
|
Unsigned32,
|
|
dosProfileBulkStatus
|
|
INTEGER,
|
|
dosProfileBulkLearningTime
|
|
Unsigned32
|
|
}
|
|
|
|
dosProfileBulkIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of the profile table."
|
|
::= { dosProfileBulkEntry 1 }
|
|
|
|
dosProfileBulkVidsId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The virtual admin domain identifier."
|
|
::= { dosProfileBulkEntry 2 }
|
|
|
|
dosProfileBulkId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identifier of the profile."
|
|
::= { dosProfileBulkEntry 3 }
|
|
|
|
dosProfileBulkStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
learning(1),
|
|
detection(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of the profile entry."
|
|
::= { dosProfileBulkEntry 4 }
|
|
|
|
dosProfileBulkLearningTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time (in hundredths of a second) since learning was started for the profile."
|
|
::= { dosProfileBulkEntry 5 }
|
|
|
|
|
|
--
|
|
-- DOS ShortTerm LongTerm Profile Table
|
|
-- This table will onl support GET requests
|
|
--
|
|
dosProfileShortAndLongTermTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF DosProfileShortAndLongTermEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table defines short term and long term profile data per DOS measure per VPT. Each VPT is indexed by the global VIDSID, global NIId."
|
|
::= { dosConfigGrp 4 }
|
|
|
|
dosProfileShortAndLongTermEntry OBJECT-TYPE
|
|
SYNTAX DosProfileShortAndLongTermEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by global VIDSIndex, global NIIndex & measureId."
|
|
INDEX { dosProfileShortAndLongTermVIDSIndex, dosProfileShortAndLongTermNIIndex, dosProfileShortAndLongTermMeasureIndex }
|
|
::= { dosProfileShortAndLongTermTable 1 }
|
|
|
|
DosProfileShortAndLongTermEntry ::= SEQUENCE {
|
|
dosProfileShortAndLongTermVIDSIndex
|
|
Unsigned32,
|
|
dosProfileShortAndLongTermNIIndex
|
|
Unsigned32,
|
|
dosProfileShortAndLongTermMeasureIndex
|
|
INTEGER,
|
|
dosProfileShortAndLongTermBinCount
|
|
INTEGER,
|
|
dosProfileShortTermContent
|
|
OCTET STRING,
|
|
dosProfileLongTermContent
|
|
OCTET STRING
|
|
}
|
|
|
|
dosProfileShortAndLongTermVIDSIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VIDS id index."
|
|
::= { dosProfileShortAndLongTermEntry 1 }
|
|
|
|
dosProfileShortAndLongTermNIIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The NI id index."
|
|
::= { dosProfileShortAndLongTermEntry 2 }
|
|
|
|
dosProfileShortAndLongTermMeasureIndex OBJECT-TYPE
|
|
SYNTAX INTEGER (1..10)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The measure id index."
|
|
::= { dosProfileShortAndLongTermEntry 3 }
|
|
|
|
dosProfileShortAndLongTermBinCount OBJECT-TYPE
|
|
SYNTAX INTEGER (1..32)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count indicates the number of short or long term values to be interpreted in their respective content objects. Max value is 32. If the value is set to 10, then only the first 80 bytes in each of the strings have valid data. Note: that 256 octet strings can accomodate a max of 32 values (3 octects each) "
|
|
::= { dosProfileShortAndLongTermEntry 4 }
|
|
|
|
dosProfileShortTermContent OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(256))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the short term profile data.
|
|
Default: All 256 octets filled with '0'."
|
|
::= { dosProfileShortAndLongTermEntry 5 }
|
|
|
|
dosProfileLongTermContent OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(256))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the long term profile data.
|
|
Default: All 256 octets filled with '0'."
|
|
::= { dosProfileShortAndLongTermEntry 6 }
|
|
|
|
enableDosPktLogging OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to turn on/off the logging od DOS packets. Default: disable (2)."
|
|
::= { dosConfigGrp 6 }
|
|
|
|
--
|
|
-- Timed Drop DOS Pkt Table
|
|
-- This table does not support GET NEXT requests
|
|
--
|
|
timedDosPktDropTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TimedDosPktDropEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table defines action and duration to enable/disable/extend the duration for which DOS pkts are to be drpped. Also provides the absolute time remaining till when it the sensor will drop these packets. "
|
|
::= { dosConfigGrp 7 }
|
|
|
|
timedDosPktDropEntry OBJECT-TYPE
|
|
SYNTAX TimedDosPktDropEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by VIDS ID NI ID and MeasureId."
|
|
INDEX { timedDosPktDropVidsIdIndex, timedDosPktDropNiIdIndex, timedDosPktDropMsrIdIndex }
|
|
::= { timedDosPktDropTable 1 }
|
|
|
|
TimedDosPktDropEntry ::= SEQUENCE {
|
|
timedDosPktDropVidsIdIndex
|
|
Unsigned32,
|
|
timedDosPktDropNiIdIndex
|
|
Unsigned32,
|
|
timedDosPktDropMsrIdIndex
|
|
INTEGER,
|
|
timedDosPktDropAction
|
|
INTEGER,
|
|
timedDosPktDropDuration
|
|
Unsigned32,
|
|
timedDosPktDropEndTime
|
|
Unsigned32
|
|
}
|
|
|
|
timedDosPktDropVidsIdIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Vids identifier."
|
|
::= { timedDosPktDropEntry 1 }
|
|
|
|
timedDosPktDropNiIdIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The NI identifier."
|
|
::= { timedDosPktDropEntry 2 }
|
|
|
|
timedDosPktDropMsrIdIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MeasureId identifier."
|
|
::= { timedDosPktDropEntry 3 }
|
|
|
|
timedDosPktDropAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2),
|
|
extend(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action tells the bulkTimedDosPktDropTable to add(enable the duration for), delete(disable), modify(extend the duration for) an entry."
|
|
|
|
::= { timedDosPktDropEntry 4 }
|
|
|
|
timedDosPktDropDuration OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The duration for which the DOS pkt drop has been enabled or extended."
|
|
::= { timedDosPktDropEntry 5 }
|
|
|
|
--
|
|
timedDosPktDropEndTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The absolute end time when the duration for intended action expires."
|
|
::= { timedDosPktDropEntry 6 }
|
|
|
|
--
|
|
-- Bulk Timed Drop DOS Pkt Table
|
|
--
|
|
bulkTimedDosPktDropTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BulkTimedDosPktDropEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table lists entries indexed by the bulkTimedDosPktDropIndex, each returns the corresponding VidsId, NiId, MeasureId and the EndTime value."
|
|
::= { dosConfigGrp 8 }
|
|
|
|
bulkTimedDosPktDropEntry OBJECT-TYPE
|
|
SYNTAX BulkTimedDosPktDropEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by bulk index."
|
|
INDEX { bulkTimedDosPktDropIndex }
|
|
::= { bulkTimedDosPktDropTable 1 }
|
|
|
|
BulkTimedDosPktDropEntry ::= SEQUENCE {
|
|
bulkTimedDosPktDropIndex
|
|
INTEGER,
|
|
bulkTimedDosPktDropVidsId
|
|
Unsigned32,
|
|
bulkTimedDosPktDropNiId
|
|
Unsigned32,
|
|
bulkTimedDosPktDropMsrId
|
|
INTEGER,
|
|
bulkTimedDosPktDropEndTime
|
|
Unsigned32
|
|
}
|
|
|
|
bulkTimedDosPktDropIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The bulk index ."
|
|
::= { bulkTimedDosPktDropEntry 1 }
|
|
|
|
bulkTimedDosPktDropVidsId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Vids identifier."
|
|
::= { bulkTimedDosPktDropEntry 2 }
|
|
|
|
bulkTimedDosPktDropNiId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The NI identifier."
|
|
::= { bulkTimedDosPktDropEntry 3 }
|
|
|
|
bulkTimedDosPktDropMsrId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MeasureId identifier."
|
|
::= { bulkTimedDosPktDropEntry 4 }
|
|
|
|
bulkTimedDosPktDropEndTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The absolute end time when the duration for intended action expires."
|
|
::= { bulkTimedDosPktDropEntry 5 }
|
|
|
|
internalVLANId OBJECT-TYPE
|
|
SYNTAX INTEGER (0..4095)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object identifies the VLAN ID to be used by the sensor to tag
|
|
any untagged pkts on Rx, and untag them on Tx. It must not match any
|
|
other VLAN ID assigned for the customer network. Default: 4095
|
|
"
|
|
::= { dosConfigGrp 9 }
|
|
|
|
--This group contians MIB objects for configuration of packet logging.
|
|
--The <pktLogServerIPAddress> identifies the IP address of the server
|
|
--receiving packets that the Sensor logs when detecting attacks.
|
|
--The <pktLogServerPort> identifies the TCP port on this server
|
|
--that receives the logged packets.
|
|
|
|
pktLogGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 15 }
|
|
|
|
pktLogServerIPAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP Address"
|
|
::= { pktLogGrp 1 }
|
|
|
|
pktLogServerPort OBJECT-TYPE
|
|
SYNTAX Integer32 (1..10000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCP Port on which the pkt log server can receive packet
|
|
logs from the IntruShield IDS."
|
|
::= { pktLogGrp 2 }
|
|
|
|
pktLogMaxPacketsPerFlow OBJECT-TYPE
|
|
SYNTAX Integer32 (0..64000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of packets per flow which need to be logged,
|
|
0 means log entire flow.
|
|
Default: 1000"
|
|
::= { pktLogGrp 3 }
|
|
|
|
pktLogEncryptionEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable encryption of packet log channel.
|
|
RC4 will be used for encryption.
|
|
Default: enable (1)"
|
|
::= { pktLogGrp 4 }
|
|
|
|
pktLogServerIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 Address of the ISM to which the logs need to be delivered.
|
|
ISM should set either the Ipv4 or the Ipv6 address."
|
|
::= { pktLogGrp 5 }
|
|
|
|
--This group contians MIB objects for configuration of alert throttling.
|
|
|
|
pktAlertThrottleGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 16 }
|
|
|
|
pktAlertThrottleGlobalThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (1..32)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Once this threshold is exceeded, sensor will only send one
|
|
summary alert for all addresses (srcip's and destip's) that
|
|
match the attackid/vidsid.
|
|
|
|
Default: 10"
|
|
::= { pktAlertThrottleGrp 1 }
|
|
|
|
pktAlertThrottleInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (1..3600)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If the number of alerts exceeds the amount configured
|
|
in pktAlertThrottleThreshold or
|
|
pktAlertThrottleGlobalThreshold in pktAlertThrottleInterval
|
|
seconds, alerts will be throttled.
|
|
|
|
Units are in seconds.
|
|
|
|
Default: 120 seconds"
|
|
::= { pktAlertThrottleGrp 2 }
|
|
|
|
pktAlertThrottleAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable and disable alert
|
|
throttling.
|
|
|
|
Default: enable(1)"
|
|
::= { pktAlertThrottleGrp 3 }
|
|
|
|
pktAlertThrottleThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (1..25)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the number of alerts that
|
|
need to be sent before sensor starts to throttle the alerts.
|
|
For example if this value is 10, it will send the first 10
|
|
alerts with the following key: attackid/vidsid/srcip/destip.
|
|
This parameters will use the pktAlertThrottleInterval as the
|
|
interval.
|
|
|
|
Default: 5"
|
|
::= { pktAlertThrottleGrp 4 }
|
|
|
|
pktAlertCorrelationTime OBJECT-TYPE
|
|
SYNTAX INTEGER (1..20)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the time that the sensor will
|
|
correlate multiple signatures for a single attack and only send
|
|
the signature with the lowest benign trigger probability.
|
|
|
|
Default: 5 secs"
|
|
::= { pktAlertThrottleGrp 5 }
|
|
|
|
|
|
sslConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 17 }
|
|
|
|
sslSessionCacheLifetime OBJECT-TYPE
|
|
SYNTAX INTEGER (0..4294967296)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Duration in minutes for which the SSL Session is kept alive, inspite of no
|
|
SSL data transfer between the client/server .
|
|
Default: 5"
|
|
::= { sslConfigGrp 1 }
|
|
|
|
sslSupportAction OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable support for specific ssl flow count (non 0)
|
|
and disable SSL (0) on sensor. Sensor reboot is typically required to activate
|
|
support of requested flow count.
|
|
EMS must check for max requested ssl flows based on product type:
|
|
I4000: 100K, I2600: 25K , I1200: not supported.
|
|
Default: not supported (0)"
|
|
::= { sslConfigGrp 2 }
|
|
|
|
sslSupportStatus OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to get SSL support status on sensor. It will show 0 if disabled, or a non 0 value indicating the ssl flow count currently supported. User must reboot sensor to ensure that requested flow count is actually supported by sensor.
|
|
EMS must check for max supported ssl flows based on product type:
|
|
I4000: 100K, I2600: 25K , I1200: not supported.
|
|
Default: not supported (0)"
|
|
::= { sslConfigGrp 3 }
|
|
|
|
sslSessionRemoveCerts OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
reset (0)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Delete all ssl certs, thereby terminating decryption of related ssl traffic, but leave ssl support enabled within sensor."
|
|
::= { sslConfigGrp 4 }
|
|
|
|
sslPktLoggingEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies if sensor should log decrypted SSL packets or not.
|
|
|
|
Default: 2, disabled"
|
|
::= { sslConfigGrp 5 }
|
|
|
|
sslModesofOperation OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
disable (0),
|
|
inbound-known-key-only(1),
|
|
outbound-proxy-only (2),
|
|
inbound-proxy-only (3),
|
|
inbound-and-outbound-proxy (4),
|
|
inbound-known-key-and-outbound-proxy (5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Determines the SSL decryption direction and method.
|
|
disable(0) - No SSL decryption performed for traffic.
|
|
inbound known key only(1) - Only Inbound SSL decryption using RSA key exchange.
|
|
outbound proxy only(2) - Only Outbound SSL using MITM proxy
|
|
inbound proxy only(3) - Only Inbound SSL using MITM Proxy
|
|
inbound and outbound proxy(4) - Inbound and Outbound proxy using MITM Proxy
|
|
inbound known key and outbound proxy(5) - Inbound using RSA key exchange and Outbound using MITM Proxy
|
|
Default: disable (0)"
|
|
::= { sslConfigGrp 6 }
|
|
|
|
sslSessionCacheLifetimeOutbound OBJECT-TYPE
|
|
SYNTAX INTEGER (0..4294967296)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Duration in minutes for which the SSL Session is kept alive, inspite of no
|
|
SSL data transfer between the client/server. This setting will be applied for
|
|
SSL traffic in Outbound direction.
|
|
This is not applicable on I-series and M-series
|
|
Default: 5"
|
|
::= { sslConfigGrp 7 }
|
|
|
|
sslPktLoggingOutboundEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies if sensor should log decrypted SSL packets or not on the Outbound direction.
|
|
This is not applicable on I-series and M-series
|
|
Default: 2, disabled"
|
|
::= { sslConfigGrp 8 }
|
|
|
|
sslProxyOutboundUnknownServerCertificate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ignore (1),
|
|
block (2),
|
|
decrypt (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object will be used to configure the action that the sensor will need to
|
|
take when the sensor is unable to verify the validaity of the certificate.
|
|
This is not applicable on I-series and M-series
|
|
Default: decrypt(3)"
|
|
::= { sslConfigGrp 9 }
|
|
|
|
|
|
sslProxyOutboundUntrustedServerCertficate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ignore (1),
|
|
block (2),
|
|
decrypt (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object will be used to configure the action that the sensor will need to take
|
|
when the sensor receives an untrusted certificate from the external server. This could
|
|
be either due to certificate not being trusted by any root CA, expired, revoked etc.
|
|
This is not applicable on I-series and M-series
|
|
Default: decrypt (3)"
|
|
::= { sslConfigGrp 10 }
|
|
|
|
sslProxyOutboundUnsupportedCipherSuite OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ignore (1),
|
|
block (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object will be used to configure the action that the sensor will need to take when an
|
|
internal client sends a list of ciphers and the sensor does not support any of the cipher suite
|
|
This is not applicable on I-series and M-series
|
|
Default: ignore (1)"
|
|
::= { sslConfigGrp 11 }
|
|
|
|
sslProxyInboundUnsupportedCipherSuite OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ignore (1),
|
|
block (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This is reserved for future used. This object is not currently implemented.
|
|
This object will be used to configure the action that the sensor will need to take when an
|
|
external client sends a list of ciphers and the sensor does not support any of the cipher suite
|
|
This is not applicable on I-series and M-series
|
|
Default: ignore (1)"
|
|
::= { sslConfigGrp 12 }
|
|
|
|
sslProxyOutboundUnsupportedServerCertificate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ignore (1),
|
|
block (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object will be used to configure the action that the sensor will need to take
|
|
when the sensor encounters an unsupported server certificate in an outbound direction.
|
|
This is not applicable on I-series and M-series
|
|
Default: ignore (1)"
|
|
::= { sslConfigGrp 13 }
|
|
|
|
sslProxyInboundUnsupportedServerCertificate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ignore (1),
|
|
block (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This is reserved for future used. This object is not currently implemented.
|
|
This object will be used to configure the action that the sensor will need to take
|
|
when the sensor encounters an unsupported server certificate in an inbound direction.
|
|
This is not applicable on I-series and M-series
|
|
Default: ignore (1)"
|
|
::= { sslConfigGrp 14 }
|
|
|
|
maxSslFlowSupportedInSslDisableMode OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the max number of SSL flows supported when SSL is disabled on the sensor."
|
|
::= { sslConfigGrp 15 }
|
|
|
|
maxFlowSupportedInSslDisableMode OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the max number of flows supported by sensor when SSL is disabled on the sensor."
|
|
::= { sslConfigGrp 16 }
|
|
|
|
maxSslFlowSupportedInSslInboundLegacyMode OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the max number of SSL flows supported when SSL is enabled in inbound legacy mode."
|
|
::= { sslConfigGrp 17 }
|
|
|
|
maxFlowSupportedInSslInboundLegacyMode OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the max number of flows supported by sensor when SSL is enabled in inbound legacy mode"
|
|
::= { sslConfigGrp 18 }
|
|
|
|
maxSslFlowSupportedInSslOutboundMode OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the max number of SSL flows supported when SSL is enabled in outbound mode."
|
|
::= { sslConfigGrp 19 }
|
|
|
|
maxFlowSupportedInSslOutboundMode OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the max number of flows supported by sensor when SSL is enabled in outbound mode"
|
|
::= { sslConfigGrp 20 }
|
|
|
|
sslModesofOperationStatus OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
disable (0),
|
|
inbound-known-key-only(1),
|
|
outbound-proxy-only (2),
|
|
inbound-proxy-only (3),
|
|
inbound-and-outbound-proxy (4),
|
|
inbound-known-key-and-outbound-proxy (5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides current SSL decryption method used in Sensor for inbound traffic.
|
|
disable(0) - No SSL decryption performed for traffic.
|
|
inbound known key only(1) - Only Inbound SSL decryption using RSA key exchange.
|
|
outbound proxy only(2) - Only Outbound SSL using MITM proxy
|
|
inbound proxy only(3) - Only Inbound SSL using MITM Proxy
|
|
inbound and outbound proxy(4) - Inbound and Outbound proxy using MITM Proxy
|
|
inbound known key and outbound proxy(5) - Inbound using RSA key exchange and Outbound using MITM Proxy
|
|
Default: disable (0)"
|
|
::= { sslConfigGrp 21 }
|
|
|
|
sslProxyOutboundUnknownURLCategory OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ignore (1),
|
|
decrypt (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object will be used to configure the action that the sensor will need to take
|
|
when the sensor identifies an unknown url category in the ssl packet. This configuration
|
|
is only supported in case of outbound ssl.
|
|
This is not applicable on I-series and M-series
|
|
Default: ignore (1)"
|
|
::= { sslConfigGrp 22 }
|
|
|
|
sslShKeyDecryptEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies if sensor should decrypt using shared keys from SSL probes.
|
|
Default: 2, disabled"
|
|
::= { sslConfigGrp 23 }
|
|
|
|
---
|
|
---
|
|
---
|
|
|
|
|
|
l2ConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 18 }
|
|
|
|
l2ModeEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies if sensor is configured to detect failure and go into L2 mode on exceeding cfg threshold within cfg duration.
|
|
|
|
Default: 2, disabled"
|
|
::= { l2ConfigGrp 1 }
|
|
|
|
l2ModeStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
layer2Mode(1),
|
|
ipsMode(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object identifies the mode the sensor is currently in."
|
|
|
|
::= { l2ConfigGrp 2 }
|
|
|
|
l2ModeCfgDuration OBJECT-TYPE
|
|
SYNTAX INTEGER (1..60)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the time duration input criteria for enabling the sensor in layer2 mode.
|
|
|
|
Default: 10 mins"
|
|
::= { l2ConfigGrp 3 }
|
|
|
|
l2ModeCfgThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (1..10)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the event frequency input criteria for enabling the sensor in layer2 mode.
|
|
|
|
Default: 1"
|
|
::= { l2ConfigGrp 4 }
|
|
|
|
l2ModeOccCount OBJECT-TYPE
|
|
SYNTAX INTEGER (0..10)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object identifies the frequency of event occurence when ensor was last enabled in layer2 mode.
|
|
|
|
"
|
|
::= { l2ConfigGrp 5 }
|
|
|
|
l2ModeReason OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..127))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains reason for sensor to enter into Layer-2 mode."
|
|
::= { l2ConfigGrp 6 }
|
|
|
|
|
|
-- acl Logging support on the Sensor
|
|
|
|
aclLogAlertGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 19 }
|
|
|
|
aclAlertLogging OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
g-enable-dropped (1),
|
|
g-enable-allowed (2),
|
|
g-enable-all (3),
|
|
enable-per-acl (4),
|
|
disable (5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies various ways to enable ACL Alert logging or disable it altogether.
|
|
This is applicable on a sensor wide basis for all ports in inline mode.
|
|
Default: disable (5)"
|
|
::= { aclLogAlertGrp 1 }
|
|
|
|
aclAlertThrottleMaxIpPair OBJECT-TYPE
|
|
SYNTAX INTEGER (1..32)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Once this threshold is exceeded, sensor will only send one
|
|
summary acl alert for all addresses (srcip's and destip's) that
|
|
match the aclid/vidsid.
|
|
|
|
Default: 10"
|
|
::= { aclLogAlertGrp 2 }
|
|
|
|
aclAlertThrottleInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (1..3600)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If the number of acl alerts exceeds the amount configured
|
|
in aclAlertThrottleThreshold in aclAlertThrottleInterval
|
|
seconds, alerts will be throttled.
|
|
|
|
Units are in seconds.
|
|
|
|
Default: 120 seconds"
|
|
::= { aclLogAlertGrp 3 }
|
|
|
|
|
|
aclAlertThrottleAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable and disable acl alert
|
|
throttling.
|
|
|
|
Default: enable(1)"
|
|
::= { aclLogAlertGrp 4 }
|
|
|
|
aclAlertThrottleThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (1..25)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the number of alerts that
|
|
need to be sent before sensor starts to throttle the alerts.
|
|
For example if this value is 10, it will send the first 10
|
|
alerts with the following key: aclid/vidsid/srcip/destip.
|
|
This parameters will use the aclAlertThrottleInterval as the
|
|
interval.
|
|
|
|
Default: 5"
|
|
::= { aclLogAlertGrp 5 }
|
|
|
|
aclAlertDirectToSyslog OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
sendViaNSM (1),
|
|
sendDirect (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable sending acl logs directly to syslog viewer instead of sending it via NSM.
|
|
Default: sendViaNSM (1)"
|
|
::= { aclLogAlertGrp 6 }
|
|
|
|
--User authentication using TACACS+
|
|
|
|
tacacsPlusAuthGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 20 }
|
|
|
|
enableTacacsPlusAuth OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable or disable user authentication & accounting using TACACS+.
|
|
Default: disable (2)"
|
|
::= { tacacsPlusAuthGrp 1}
|
|
|
|
enableTacacsPlusTrafficEncr OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable or disable encryption of TACACS+ traffic.
|
|
Default: disable (2)"
|
|
::= { tacacsPlusAuthGrp 2}
|
|
|
|
tacacsPlusEncrSecret OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..64))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the secret to be used in generating the encrypted TACACS+ traffic"
|
|
::= { tacacsPlusAuthGrp 3}
|
|
|
|
|
|
tacacsPlusServerIPTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TacacsPlusServerIPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains entries that specifiy the IP addresses of the TACACS+ servers"
|
|
::= { tacacsPlusAuthGrp 4}
|
|
|
|
tacacsPlusServerIPEntry OBJECT-TYPE
|
|
SYNTAX TacacsPlusServerIPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table entry specifies the IP address of the TACACS+ server"
|
|
INDEX { tacIndex }
|
|
::= { tacacsPlusServerIPTable 1 }
|
|
|
|
|
|
TacacsPlusServerIPEntry ::= SEQUENCE {
|
|
tacIndex
|
|
INTEGER,
|
|
tacacsPlusServerIPAddr
|
|
IpAddress
|
|
}
|
|
|
|
tacIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Fixed index for the four TACACS+ Server entries. Valid values are [1,2,3,4] only."
|
|
::= { tacacsPlusServerIPEntry 1 }
|
|
|
|
tacacsPlusServerIPAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the IP Address of the TACACS+ server"
|
|
::= { tacacsPlusServerIPEntry 2 }
|
|
|
|
enableTacacsPlusAuthorization OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To enable TACACS Plus authorization"
|
|
::= { tacacsPlusAuthGrp 5 }
|
|
|
|
-- ipV6 support on sensor
|
|
|
|
ipV6ConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 21 }
|
|
|
|
ipV6TrafficHandling OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
dont-parse-block-inline (1),
|
|
dont-parse-allow-inline (2),
|
|
parse-and-detect-attacks (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to specify how the IPv6 traffic is handled on all ports of a sensor.
|
|
dont-parse-block-inline - Traffic will not be subjected to IPS/IDS. On Inline ports, traffic will be blocked.
|
|
dont-parse-allow-inline - Traffic will not be subjected to IPS/IDS. On Inline ports , traffic wll be allowed to go through the sensor.
|
|
parse-and-detect-attacks - Parse and detect attacks in IPv6 traffic and pass the traffic on inline ports
|
|
Default: dont-parse-allow-inline(2)"
|
|
::= { ipV6ConfigGrp 2}
|
|
|
|
-- Host Quarantine Config Group
|
|
--
|
|
hostQGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 22 }
|
|
|
|
--
|
|
-- Host Quarantine Config Table
|
|
--
|
|
-- This group conatins all MIB objects that specify the configuration for
|
|
-- reconfiguring the hostQ.
|
|
--
|
|
hostQConfigGrp OBJECT IDENTIFIER ::= { hostQGrp 1 }
|
|
|
|
hostQFilterTimeOut OBJECT-TYPE
|
|
SYNTAX INTEGER (5..60)
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The number of minutes for which this entry should be in
|
|
affect.
|
|
|
|
Default: 5 minutes"
|
|
::= { hostQConfigGrp 1 }
|
|
|
|
hostQDeleteAllFilters OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable(0),
|
|
true(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If set to not-applicable(0), applied filters are not
|
|
deleted. If set to true (1) all filters are deleted.
|
|
|
|
Default: not-applicable (0)"
|
|
::= { hostQConfigGrp 2 }
|
|
|
|
--
|
|
-- Host Quarantine Bulk IPV4 Filter table
|
|
--
|
|
-- This group defines filter entries that have been applied on the sensor in
|
|
-- Inline mode. This table only supports GET-NEXT operations. All entries are
|
|
-- read-only. The table will have a maximum of 1000 entries.
|
|
--
|
|
hostQBulkFilterV4Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HostQBulkFilterV4Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for filters that are applied on the \
|
|
sensor in Inline mode. This table supports only GET-NEXT operations"
|
|
::= { hostQGrp 2 }
|
|
|
|
hostQBulkFilterV4Entry OBJECT-TYPE
|
|
SYNTAX HostQBulkFilterV4Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by sequence number."
|
|
INDEX { hostQBulkFilterIndexV4 }
|
|
::= { hostQBulkFilterV4Table 1 }
|
|
|
|
HostQBulkFilterV4Entry ::= SEQUENCE {
|
|
hostQBulkFilterIndexV4
|
|
INTEGER,
|
|
hostQBulkFilterSrcIPAddrV4
|
|
IpAddress,
|
|
hostQBulkFilterVidsIdV4
|
|
INTEGER,
|
|
hostQBulkFilterAttackIdV4
|
|
INTEGER,
|
|
hostQBulkFilterEndTimeV4
|
|
Unsigned32,
|
|
hostQBulkFilterQRStatusV4
|
|
INTEGER,
|
|
hostQBulkFilterMPEReplyMsgV4
|
|
INTEGER,
|
|
hostQBulkFilterMonPortIdV4
|
|
TrellixPortLinearIndex,
|
|
hostQBulkFilterEZIdV4
|
|
INTEGER
|
|
}
|
|
|
|
hostQBulkFilterIndexV4 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Index which uniquely identifies the V4 filter rule"
|
|
::= { hostQBulkFilterV4Entry 1 }
|
|
|
|
hostQBulkFilterSrcIPAddrV4 OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPV4 Address."
|
|
::= { hostQBulkFilterV4Entry 2 }
|
|
|
|
hostQBulkFilterVidsIdV4 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the vids id for which this filter
|
|
was applied."
|
|
::= { hostQBulkFilterV4Entry 3 }
|
|
|
|
hostQBulkFilterAttackIdV4 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the attack id for which this filter
|
|
was applied."
|
|
::= { hostQBulkFilterV4Entry 4 }
|
|
|
|
hostQBulkFilterEndTimeV4 OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the filter expiry time in UTC format "
|
|
::= { hostQBulkFilterV4Entry 5 }
|
|
|
|
|
|
hostQBulkFilterQRStatusV4 OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
hostQuarantined-local(1),
|
|
hostUnderRemediation-local(2),
|
|
hostQuarantined-mpe(4),
|
|
hostQuarantined-both(5),
|
|
hostUnderRemediation-local-hostQuarantined-mpe(6),
|
|
hostUnderRemediation-mpe(8),
|
|
hostQuarantined-local-hostUnderRemediation-mpe(9),
|
|
hostUnderRemediation-both(10)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the host quarantine and remediation action status."
|
|
::= { hostQBulkFilterV4Entry 6 }
|
|
|
|
hostQBulkFilterMPEReplyMsgV4 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
notApplicable(0),
|
|
managedHost(1),
|
|
unmanagedHost(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the message returned by the MPE server."
|
|
::= { hostQBulkFilterV4Entry 7 }
|
|
|
|
hostQBulkFilterMonPortIdV4 OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the monitoring linear port index on which the attack was detected for
|
|
the quarantined host."
|
|
::= { hostQBulkFilterV4Entry 8 }
|
|
|
|
|
|
hostQBulkFilterEZIdV4 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the applied NAZ Id for the quarantined host."
|
|
::= { hostQBulkFilterV4Entry 9 }
|
|
|
|
--
|
|
-- Host Quarantine Bulk IPV6 Filter table
|
|
--
|
|
-- This group defines filter entries that have been applied on the sensor in
|
|
-- Inline mode. This table only supports GET-NEXT operations. All entries are
|
|
-- read-only. The table will have a maximum of 1000 entries.
|
|
--
|
|
|
|
hostQBulkFilterV6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HostQBulkFilterV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for IPv6 filters that are applied on the
|
|
sensor in Inline mode."
|
|
::= { hostQGrp 3 }
|
|
|
|
hostQBulkFilterV6Entry OBJECT-TYPE
|
|
SYNTAX HostQBulkFilterV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by sequence number."
|
|
INDEX { hostQBulkFilterIndexV6 }
|
|
::= { hostQBulkFilterV6Table 1 }
|
|
|
|
HostQBulkFilterV6Entry ::= SEQUENCE {
|
|
hostQBulkFilterIndexV6
|
|
INTEGER,
|
|
hostQBulkFilterSrcIPAddrV6
|
|
Ipv6Address,
|
|
hostQBulkFilterVidsIdV6
|
|
INTEGER,
|
|
hostQBulkFilterAttackIdV6
|
|
INTEGER,
|
|
hostQBulkFilterEndTimeV6
|
|
Unsigned32,
|
|
hostQBulkFilterQRStatusV6
|
|
INTEGER,
|
|
hostQBulkFilterMPEReplyMsgV6
|
|
INTEGER,
|
|
hostQBulkFilterMonPortIdV6
|
|
TrellixPortLinearIndex
|
|
}
|
|
|
|
hostQBulkFilterIndexV6 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Index which uniquely identifies the IPv6 filter rule."
|
|
::= { hostQBulkFilterV6Entry 1 }
|
|
|
|
hostQBulkFilterSrcIPAddrV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPV6 Address."
|
|
::= { hostQBulkFilterV6Entry 2 }
|
|
|
|
hostQBulkFilterVidsIdV6 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the vids id for which this filter
|
|
was applied."
|
|
::= { hostQBulkFilterV6Entry 3 }
|
|
|
|
hostQBulkFilterAttackIdV6 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the attack id for which this filter
|
|
was applied."
|
|
::= { hostQBulkFilterV6Entry 4 }
|
|
|
|
hostQBulkFilterEndTimeV6 OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the filter expiry time in UTC format."
|
|
::= { hostQBulkFilterV6Entry 5 }
|
|
|
|
hostQBulkFilterQRStatusV6 OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
hostQuarantined-local(1),
|
|
hostUnderRemediation-local(2),
|
|
hostQuarantined-mpe(4),
|
|
hostQuarantined-both(5),
|
|
hostUnderRemediation-local-hostQuarantined-mpe(6),
|
|
hostUnderRemediation-mpe(8),
|
|
hostQuarantined-local-hostUnderRemediation-mpe(9),
|
|
hostUnderRemediation-both(10)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the host quarantine and remediation action status."
|
|
::= { hostQBulkFilterV6Entry 6 }
|
|
|
|
hostQBulkFilterMPEReplyMsgV6 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
notApplicable(0),
|
|
managedHost(1),
|
|
unmanagedHost(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the message returned by the MPE server."
|
|
::= { hostQBulkFilterV6Entry 7 }
|
|
|
|
hostQBulkFilterMonPortIdV6 OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This objects returns the monitoring linear port index on which the attack was detected for
|
|
the quarantined Ipv6 host."
|
|
::= { hostQBulkFilterV6Entry 8 }
|
|
|
|
--
|
|
-- Host Quarantine Never Deny V4 Table
|
|
--
|
|
hostQNeverDenyV4Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HostQNeverDenyV4Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Table defines ipaddresses from which traffic is never
|
|
blocked. Typically user will add all the critical network
|
|
elements like routers, servers, etc."
|
|
::= { hostQGrp 4 }
|
|
|
|
hostQNeverDenyV4Entry OBJECT-TYPE
|
|
SYNTAX HostQNeverDenyV4Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Indexed by hostQNeverDenyIpAddress. Supports up to 100 entries."
|
|
INDEX {hostQNeverDenyIpAddressV4 }
|
|
::= { hostQNeverDenyV4Table 1 }
|
|
|
|
HostQNeverDenyV4Entry ::= SEQUENCE {
|
|
hostQNeverDenyIpAddressV4
|
|
IpAddress,
|
|
hostQNeverDenyActionV4
|
|
RowStatus
|
|
}
|
|
|
|
hostQNeverDenyIpAddressV4 OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The ipV4 address from which traffic will never be blocked."
|
|
::= { hostQNeverDenyV4Entry 1 }
|
|
|
|
hostQNeverDenyActionV4 OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"This object is to user to add and delete rows in to the
|
|
table."
|
|
::= { hostQNeverDenyV4Entry 2 }
|
|
|
|
--
|
|
-- Host Quarantine Never Deny V6 Table
|
|
--
|
|
hostQNeverDenyV6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HostQNeverDenyV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Table defines ipaddresses from which traffic is never
|
|
blocked. Typically user will add all the critical network
|
|
elements like routers, servers, etc."
|
|
::= { hostQGrp 5 }
|
|
|
|
hostQNeverDenyV6Entry OBJECT-TYPE
|
|
SYNTAX HostQNeverDenyV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Indexed by hostQNeverDenyIpAddress. Supports up to 100 entries."
|
|
INDEX {hostQNeverDenyIpAddressV6 }
|
|
::= { hostQNeverDenyV6Table 1 }
|
|
|
|
HostQNeverDenyV6Entry ::= SEQUENCE {
|
|
hostQNeverDenyIpAddressV6
|
|
Ipv6Address,
|
|
hostQNeverDenyActionV6
|
|
RowStatus
|
|
}
|
|
|
|
hostQNeverDenyIpAddressV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The ipV6 address from which traffic will never be blocked."
|
|
::= { hostQNeverDenyV6Entry 1 }
|
|
|
|
hostQNeverDenyActionV6 OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"This object is to user to add and delete rows in to the
|
|
table."
|
|
::= { hostQNeverDenyV6Entry 2 }
|
|
|
|
|
|
--
|
|
-- Host Quarantine User Define V4 Filter Table (does not support GET-NEXT operations)
|
|
--
|
|
|
|
hostQUserDefFilterV4Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HostQUserDefFilterV4Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table is used to add/delete/extend IPv4 filters on the sensor"
|
|
::= { hostQGrp 6 }
|
|
|
|
hostQUserDefFilterV4Entry OBJECT-TYPE
|
|
SYNTAX HostQUserDefFilterV4Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
INDEX { hostQUserDefFilterSrcIpV4, hostQUserDefFilterVidsIdV4, hostQUserDefFilterAttackIdV4 }
|
|
::= { hostQUserDefFilterV4Table 1 }
|
|
|
|
HostQUserDefFilterV4Entry ::= SEQUENCE {
|
|
hostQUserDefFilterSrcIpV4
|
|
IpAddress,
|
|
hostQUserDefFilterVidsIdV4
|
|
INTEGER,
|
|
hostQUserDefFilterAttackIdV4
|
|
INTEGER,
|
|
hostQUserDefFilterDurationV4
|
|
Unsigned32,
|
|
hostQUserDefFilterActionV4
|
|
INTEGER,
|
|
hostQUserDefFilterRemediationV4
|
|
TruthValue
|
|
}
|
|
|
|
hostQUserDefFilterSrcIpV4 OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPV4 address."
|
|
::= { hostQUserDefFilterV4Entry 1 }
|
|
|
|
hostQUserDefFilterVidsIdV4 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vids ID."
|
|
::= { hostQUserDefFilterV4Entry 2 }
|
|
|
|
hostQUserDefFilterAttackIdV4 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Attack ID."
|
|
::= { hostQUserDefFilterV4Entry 3 }
|
|
|
|
hostQUserDefFilterDurationV4 OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Filter duration"
|
|
::= { hostQUserDefFilterV4Entry 4 }
|
|
|
|
hostQUserDefFilterActionV4 OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable (0),
|
|
add (1),
|
|
delete (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this object to add(1) will add the entry."
|
|
::= { hostQUserDefFilterV4Entry 5 }
|
|
|
|
hostQUserDefFilterRemediationV4 OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this object to TRUE, will enable host rememdiation for the user defined quarantine rule.
|
|
Default : FALSE"
|
|
::= { hostQUserDefFilterV4Entry 6 }
|
|
|
|
--
|
|
-- Host Quarantine User Define V6 Filter Table
|
|
--
|
|
|
|
hostQUserDefFilterV6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HostQUserDefFilterV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table is used to add/delete/extend IPv6 filters on the sensor"
|
|
::= { hostQGrp 7 }
|
|
|
|
hostQUserDefFilterV6Entry OBJECT-TYPE
|
|
SYNTAX HostQUserDefFilterV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
INDEX {hostQUserDefFilterSrcIpV6, hostQUserDefFilterVidsIdV6, hostQUserDefFilterAttackIdV6 }
|
|
::= { hostQUserDefFilterV6Table 1 }
|
|
|
|
HostQUserDefFilterV6Entry ::= SEQUENCE {
|
|
hostQUserDefFilterSrcIpV6
|
|
Ipv6Address,
|
|
hostQUserDefFilterVidsIdV6
|
|
INTEGER,
|
|
hostQUserDefFilterAttackIdV6
|
|
INTEGER,
|
|
hostQUserDefFilterDurationV6
|
|
Unsigned32,
|
|
hostQUserDefFilterActionV6
|
|
INTEGER
|
|
}
|
|
|
|
hostQUserDefFilterSrcIpV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPV6 address."
|
|
::= { hostQUserDefFilterV6Entry 1 }
|
|
|
|
hostQUserDefFilterVidsIdV6 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vids ID."
|
|
::= { hostQUserDefFilterV6Entry 2 }
|
|
|
|
hostQUserDefFilterAttackIdV6 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Attack ID."
|
|
::= { hostQUserDefFilterV6Entry 3 }
|
|
|
|
hostQUserDefFilterDurationV6 OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Filter duration"
|
|
::= { hostQUserDefFilterV6Entry 4 }
|
|
|
|
hostQUserDefFilterActionV6 OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable (0),
|
|
add (1),
|
|
delete(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this object to add(1) will add the entry."
|
|
::= { hostQUserDefFilterV6Entry 5 }
|
|
|
|
--
|
|
-- nmsGrp
|
|
--
|
|
|
|
nmsGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 23 }
|
|
|
|
nmsUserGrp OBJECT IDENTIFIER ::= { nmsGrp 1 }
|
|
|
|
nmsUserTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF NMSUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { nmsUserGrp 1 }
|
|
|
|
nmsUserEntry OBJECT-TYPE
|
|
SYNTAX NMSUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <nmsUserIndex>.
|
|
Additonaly it contains the
|
|
"
|
|
INDEX { nmsUserName }
|
|
::= { nmsUserTable 1 }
|
|
|
|
NMSUserEntry ::= SEQUENCE {
|
|
nmsUserName
|
|
DisplayString,
|
|
nmsAuthKey
|
|
DisplayString,
|
|
nmsEncrKey
|
|
DisplayString,
|
|
nmsUserChangeAction
|
|
RowStatus
|
|
}
|
|
|
|
nmsUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(8..31))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"UserName nms (in this entry)."
|
|
::= { nmsUserEntry 1 }
|
|
|
|
nmsAuthKey OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(8..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"NMS Auth Key"
|
|
::= { nmsUserEntry 2 }
|
|
|
|
nmsEncrKey OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(8..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"NMS Encryption Key."
|
|
::= { nmsUserEntry 3 }
|
|
|
|
nmsUserChangeAction OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table"
|
|
::= { nmsUserEntry 4 }
|
|
|
|
nmsDeleteAllUsers OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
true(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This action object deletes all user entries in the nmsUserTable."
|
|
::= { nmsUserGrp 2 }
|
|
|
|
nmsCommitUserEntryChanges OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
true(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This action object commits all the changes made to the user entries in the nmsUserTable."
|
|
::= { nmsUserGrp 3 }
|
|
|
|
|
|
nmsIpGrp OBJECT IDENTIFIER ::= { nmsGrp 2 }
|
|
|
|
nmsIpTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF NMSIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { nmsIpGrp 1 }
|
|
|
|
nmsIpEntry OBJECT-TYPE
|
|
SYNTAX NMSIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <nmsIpIndex>.
|
|
Additonaly it contains the
|
|
"
|
|
INDEX { nmsIpAddress }
|
|
::= { nmsIpTable 1 }
|
|
|
|
NMSIpEntry ::= SEQUENCE {
|
|
nmsIpAddress
|
|
IpAddress,
|
|
nmsIpChangeAction
|
|
RowStatus
|
|
}
|
|
|
|
nmsIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"UserName nms (in this entry)."
|
|
::= { nmsIpEntry 1 }
|
|
|
|
nmsIpChangeAction OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table."
|
|
::= { nmsIpEntry 2 }
|
|
|
|
nmsIpv6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF NMSIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { nmsIpGrp 2 }
|
|
|
|
nmsIpv6Entry OBJECT-TYPE
|
|
SYNTAX NMSIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <nmsIpv6Index>.
|
|
"
|
|
INDEX { nmsIpv6Address }
|
|
::= { nmsIpv6Table 1 }
|
|
|
|
NMSIpv6Entry ::= SEQUENCE {
|
|
nmsIpv6Address
|
|
Ipv6Address,
|
|
nmsIpv6ChangeAction
|
|
RowStatus
|
|
}
|
|
|
|
nmsIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 address of the system having SNMP access to the sensor"
|
|
::= { nmsIpv6Entry 1 }
|
|
|
|
nmsIpv6ChangeAction OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table."
|
|
::= { nmsIpv6Entry 2 }
|
|
|
|
--
|
|
-- mpeGrp
|
|
--
|
|
|
|
mpeGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 24 }
|
|
|
|
mpeConfigGrp OBJECT IDENTIFIER ::= { mpeGrp 1 }
|
|
|
|
mpeQRScope OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
unmanaged-hosts(1),
|
|
all-hosts(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"This object describes about the MPE Quarantine and Remediation scope.
|
|
The value 'unmanaged-hosts', indicates that the MPE interface port based
|
|
quarantine and remediation action is applicable only to the MPE server's
|
|
unmanaged host and the value 'all-hosts' indicate that the MPE interface
|
|
port based qarantine and remediation action is applicable to all the hosts,
|
|
independent of MPE server.
|
|
Default: unmanaged-hosts(1)
|
|
"
|
|
::= { mpeConfigGrp 1 }
|
|
|
|
mpeThrottleTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (5..300)
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
" This depicts the MPE throttling timeout in seconds.
|
|
Default: 120"
|
|
::= { mpeConfigGrp 2 }
|
|
|
|
mpeInstallConfigGrp OBJECT IDENTIFIER ::= { mpeConfigGrp 3 }
|
|
|
|
mpeIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ipaddress of the MPE server"
|
|
::= { mpeInstallConfigGrp 1 }
|
|
|
|
mpeAnonymousPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Anonymous SSL port on MPE server
|
|
Default: 8443"
|
|
::= { mpeInstallConfigGrp 2 }
|
|
|
|
mpeTrustedSSLPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Trusted SSL port on MPE server
|
|
Default: 8444"
|
|
::= { mpeInstallConfigGrp 3 }
|
|
|
|
mpeePOCred OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(3..100))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ePO credentials in the form of username:password"
|
|
::= { mpeInstallConfigGrp 4 }
|
|
|
|
mpeAnonymousURI OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(10..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"URI of the MPE server which listens on Anonymous SSL port"
|
|
::= { mpeInstallConfigGrp 5 }
|
|
|
|
mpeTrustedURI OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(10..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"URI of the MPE server which listens on Trusted SSL port"
|
|
::= { mpeInstallConfigGrp 6 }
|
|
|
|
mpeInstallConfigAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
install(1),
|
|
deinstall(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object describes about the possible MPE Install configuration actions."
|
|
::= { mpeInstallConfigGrp 7 }
|
|
|
|
mpeInstallConfigStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
installInProgress (1),
|
|
installed (2),
|
|
deinstallInProgress (3),
|
|
deinstalled (4),
|
|
certReqFailure(5),
|
|
sSLError(6),
|
|
httpRespError(7),
|
|
mpeURIError(8),
|
|
ePOCredError(9),
|
|
mpeServerError(10),
|
|
mpeTimeoutError(11)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This describes the possible MPE install configuration states.
|
|
Default : deinstalled (4)"
|
|
::= { mpeInstallConfigGrp 8 }
|
|
|
|
mpeRootCertStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-found(0),
|
|
found(1)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object informs whether the MPE Root Certificate file is present on the sensor."
|
|
::= { mpeConfigGrp 4 }
|
|
|
|
mpeDeleteRootCert OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
delete(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to remove the MPE Root Certificate from the sensor. Deletion of the
|
|
MPE root certificate succeeds only when the MPE is not yet installed."
|
|
::= { mpeConfigGrp 5 }
|
|
|
|
mnacHealthLevelListenPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure/retrieve the trusted health level message listen port
|
|
on the sensor, on which MNAC communication happens asynchronously.
|
|
Default: 8445"
|
|
::= { mpeConfigGrp 6 }
|
|
|
|
mnacConnectivityFailureTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (30..120)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure/retrieve the MNAC connectivity failure in seconds.
|
|
Default: 32"
|
|
::= { mpeConfigGrp 7 }
|
|
|
|
mnacAgentGUIDPort OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure/retrieve the agent GUID request listen port on the
|
|
MNAC Agent, to which the intrushield sensor would send the agent GUID request.
|
|
Default: 8444"
|
|
::= { mpeConfigGrp 8 }
|
|
|
|
mpeExcludedMacTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF MPEExcludedMacEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { mpeGrp 2 }
|
|
|
|
mpeExcludedMacEntry OBJECT-TYPE
|
|
SYNTAX MPEExcludedMacEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by MAC Adress.
|
|
"
|
|
INDEX { mpeMacAddress }
|
|
::= { mpeExcludedMacTable 1 }
|
|
|
|
MPEExcludedMacEntry ::= SEQUENCE {
|
|
mpeMacAddress
|
|
MacAddress,
|
|
mpeMacChangeAction
|
|
RowStatus
|
|
}
|
|
|
|
mpeMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Mac address to be excluded from Mpe processing (Floater Mac)"
|
|
::= { mpeExcludedMacEntry 1 }
|
|
|
|
|
|
mpeMacChangeAction OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table."
|
|
::= { mpeExcludedMacEntry 2 }
|
|
|
|
--
|
|
-- remediationGrp
|
|
--
|
|
|
|
remediationGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 25 }
|
|
|
|
remediationConfigGrp OBJECT IDENTIFIER ::= { remediationGrp 1 }
|
|
|
|
remediationTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (15..60)
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Time in minutes for which the hosts needs to be quarantined so that it can be remediated.
|
|
Default: 30"
|
|
::= { remediationConfigGrp 2 }
|
|
|
|
-- ez (enforcement zone) Logging support on the Sensor
|
|
|
|
ezLogAlertGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 26 }
|
|
|
|
ezAlertLogging OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
g-enable-dropped (1),
|
|
g-enable-allowed (2),
|
|
g-enable-all (3),
|
|
enable-per-acl (4),
|
|
disable (5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies various ways to enable EZ(enforcement zone) alert logging or disable it altogether.
|
|
This is applicable on a sensor wide basis for all ports in inline mode.
|
|
Default: disable (5)"
|
|
::= { ezLogAlertGrp 1 }
|
|
|
|
ezAlertThrottleMaxIpPair OBJECT-TYPE
|
|
SYNTAX INTEGER (1..32)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Once this threshold is exceeded, sensor will only send one
|
|
summary ez alert for all addresses (srcip's and destip's) that
|
|
match the aclid/vidsid.
|
|
Default: 10"
|
|
::= { ezLogAlertGrp 2 }
|
|
|
|
ezAlertThrottleInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (1..3600)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the enforcement zone alert throttle interval.
|
|
Default: 120 seconds"
|
|
::= { ezLogAlertGrp 3 }
|
|
|
|
|
|
ezAlertThrottleAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable and disable ez alert throttling.
|
|
Default: enable(1)"
|
|
::= { ezLogAlertGrp 4 }
|
|
|
|
ezAlertThrottleThreshold OBJECT-TYPE
|
|
SYNTAX INTEGER (1..25)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the number of alerts that
|
|
need to be sent before sensor starts to throttle the ez alerts.
|
|
For example if this value is 10, it will send the first 10
|
|
ez alerts with the following key: aclid/vidsid/srcip/destip.
|
|
This parameters will use the ezAlertThrottleInterval as the
|
|
interval.
|
|
Default: 5"
|
|
::= { ezLogAlertGrp 5 }
|
|
|
|
ezAlertDirectToSyslog OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
sendViaNSM (1),
|
|
sendDirect (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object can be used to enable sending EZ logs directly to syslog viewer instead of sending it via NSM.
|
|
Default: sendViaNSM (1)"
|
|
::= { ezLogAlertGrp 6 }
|
|
|
|
nbadGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 27 }
|
|
|
|
nbadConfigGrp OBJECT IDENTIFIER ::= { nbadGrp 1 }
|
|
|
|
nbadSensorIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ipaddress of the NBAD server to which all the collected flowrecords would be sent."
|
|
::= { nbadConfigGrp 1 }
|
|
|
|
nbadSensorPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1024..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The port on which the NBAD server is listening for flow records."
|
|
::= { nbadConfigGrp 2 }
|
|
|
|
nbadIPSPriMonPortId OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the primary IPS monitoring linear port index to be used
|
|
to send flow records to the NBAD sensor."
|
|
::= { nbadConfigGrp 3 }
|
|
|
|
nbadIPSSecMonPortId OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the secondary IPS monitoring linear port index to be used
|
|
to send flow records to the NBAD sensor. This monitoring port would be used
|
|
only when the configured primary monitoring port cannot be utilised to send
|
|
the flow records to the NBAD sensor."
|
|
::= { nbadConfigGrp 4 }
|
|
|
|
nbadAppFingerPrintingEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that application finger printing is enabled.
|
|
Default: False"
|
|
::= { nbadConfigGrp 5 }
|
|
|
|
nbadOSFingerPrintingEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that OS finger printing is enabled.
|
|
Default: False"
|
|
::= { nbadConfigGrp 6 }
|
|
|
|
nbadSslFlowDataCaptureEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that ssl flow data capture is enabled.
|
|
Default: False"
|
|
::= { nbadConfigGrp 7 }
|
|
|
|
nbadFlowProtocolId OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
netflow (1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value set indicates the protocol type of the exported flow records.
|
|
Default: netflow (1)"
|
|
::= { nbadConfigGrp 8 }
|
|
|
|
nbadFlowProtocolVersion OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
netFlowVersion9 (1)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value set indicates the protocol version of the exported flow records.
|
|
Default: netFlowVersion9 (1)"
|
|
::= { nbadConfigGrp 9 }
|
|
|
|
nbadCaptureTCP OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value set indicates whether netflow capture for TCP flows is enabled or not.
|
|
Default: enable (1)"
|
|
::= { nbadConfigGrp 10 }
|
|
|
|
nbadCaptureUDP OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value set indicates whether netflow capture for UDP flows is enabled or not.
|
|
Default: enable (1)"
|
|
::= { nbadConfigGrp 11 }
|
|
|
|
nbadCaptureICMP OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value set indicates whether netflow capture for ICMP flows is enabled or not.
|
|
Default: disable (2)"
|
|
::= { nbadConfigGrp 12 }
|
|
|
|
hostDataGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 28 }
|
|
|
|
hostDataTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HostDataEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each discovered host. (indexed via hostDataIndex)
|
|
This table contains Trellix specific MIB objects.
|
|
"
|
|
::= { hostDataGrp 1 }
|
|
|
|
hostDataEntry OBJECT-TYPE
|
|
SYNTAX HostDataEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each discovered host.
|
|
Indexed by hostDataIndex"
|
|
INDEX { hostDataIndex }
|
|
::= { hostDataTable 1 }
|
|
|
|
HostDataEntry ::= SEQUENCE {
|
|
hostDataIndex
|
|
INTEGER,
|
|
hostIPAddress
|
|
IpAddress,
|
|
hostMacAddress
|
|
MacAddress,
|
|
hostDetectedDHCPMonPortId
|
|
TrellixPortLinearIndex,
|
|
hostName
|
|
DisplayString,
|
|
hostUpdatedTimeStamp
|
|
INTEGER,
|
|
hostAgentGuid
|
|
DisplayString,
|
|
hostNACStatus
|
|
INTEGER,
|
|
hostState
|
|
INTEGER,
|
|
hostDeploymentMode
|
|
INTEGER,
|
|
hostHealthLevel
|
|
INTEGER,
|
|
hostEZId
|
|
INTEGER,
|
|
hostUserName
|
|
DisplayString,
|
|
hostPolicyId
|
|
INTEGER,
|
|
hostDetectedTimeStamp
|
|
INTEGER,
|
|
hostOSInfo
|
|
DisplayString,
|
|
hostMNACAgentOSInfo
|
|
DisplayString,
|
|
hostActive
|
|
TruthValue,
|
|
hostDetectedStdMonPortId
|
|
TrellixPortLinearIndex,
|
|
hostDetectionType
|
|
INTEGER,
|
|
hostUserAuthProtocol
|
|
INTEGER,
|
|
hostSwitchId
|
|
INTEGER,
|
|
hostSwitchPortId
|
|
INTEGER,
|
|
hostSwitchPortGroupId
|
|
INTEGER,
|
|
hostQuarantineVlanId
|
|
INTEGER,
|
|
hostProductionVlanId
|
|
INTEGER,
|
|
nasIpAddress
|
|
IpAddress,
|
|
nasGroupObjectId
|
|
INTEGER,
|
|
userGroupObjectId
|
|
INTEGER,
|
|
deviceProfileString
|
|
DisplayString,
|
|
hostOperationalMode
|
|
INTEGER,
|
|
hostEnforcementAction
|
|
INTEGER,
|
|
flexiblePolicyRuleId
|
|
INTEGER
|
|
}
|
|
|
|
hostDataIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of the Host Data Entry"
|
|
::= { hostDataEntry 1 }
|
|
|
|
hostIPAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ipaddress of the detected host."
|
|
::= { hostDataEntry 2 }
|
|
|
|
hostMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC address of the detected host."
|
|
::= { hostDataEntry 3 }
|
|
|
|
hostDetectedDHCPMonPortId OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The monitoring interface linear port index over which the host was detected in DHCP mode."
|
|
::= { hostDataEntry 4 }
|
|
|
|
hostName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..16))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the detected host."
|
|
::= { hostDataEntry 5 }
|
|
|
|
hostUpdatedTimeStamp OBJECT-TYPE
|
|
SYNTAX INTEGER (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time of the host getting updated last. This would be zero intilially
|
|
at the time of host getting detected."
|
|
::= { hostDataEntry 6 }
|
|
|
|
hostAgentGuid OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..16))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The agent GUID of the detected host."
|
|
::= { hostDataEntry 7 }
|
|
|
|
hostNACStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
managed (1),
|
|
unmanaged (2),
|
|
unmanageable (3),
|
|
unknown (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The detected host NAC status."
|
|
::= { hostDataEntry 8 }
|
|
|
|
hostState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
preadmit-new (1),
|
|
preadmit-sgap (2),
|
|
preadmit-user-detect (3),
|
|
preadmit-host-detect (4),
|
|
preadmit-remediate (5),
|
|
postadmit (6),
|
|
postadmit-remediate (7),
|
|
post-boot (8),
|
|
ib-host-detect (9),
|
|
ib-auth-wait (10),
|
|
ib-host-sgap (11),
|
|
ib-user-detect (12),
|
|
ib-host-remediate (13),
|
|
ib-host-admit (14),
|
|
oob-host-admit (15),
|
|
ib-host-offline (16)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The state of the detected host entry."
|
|
::= { hostDataEntry 9 }
|
|
|
|
hostDeploymentMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
dhcp (1),
|
|
standard (2),
|
|
hybrid (3),
|
|
oob (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The deployment mode of the detected host."
|
|
::= { hostDataEntry 10 }
|
|
|
|
hostHealthLevel OBJECT-TYPE
|
|
SYNTAX INTEGER (1..6)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The health level of the detected host."
|
|
::= { hostDataEntry 11 }
|
|
|
|
hostEZId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The applied enforcement zone id for the detected host."
|
|
::= { hostDataEntry 12 }
|
|
|
|
hostUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IBAC username of the detected host."
|
|
::= { hostDataEntry 13 }
|
|
|
|
hostPolicyId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IBAC policy id of the detected host."
|
|
::= { hostDataEntry 14 }
|
|
|
|
hostDetectedTimeStamp OBJECT-TYPE
|
|
SYNTAX INTEGER (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time of the host getting detected."
|
|
::= { hostDataEntry 15 }
|
|
|
|
hostOSInfo OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Operation system information of the detected host."
|
|
::= { hostDataEntry 16 }
|
|
|
|
hostMNACAgentOSInfo OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..8))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The OS information of the detected host provided by the MNAC agent."
|
|
::= { hostDataEntry 17 }
|
|
|
|
hostActive OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether the host is Active or not. If set to true, it indicates the host is active"
|
|
::= { hostDataEntry 18 }
|
|
|
|
hostDetectedStdMonPortId OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The monitoring interface linear port index over which the host was detected in Standard mode."
|
|
::= { hostDataEntry 19 }
|
|
|
|
hostDetectionType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
l2 (1),
|
|
l3 (2),
|
|
vpn (3),
|
|
snmp (4),
|
|
radiusMac (5),
|
|
radius8021x (6),
|
|
l3-snmp(7),
|
|
l3-radiusMac(8),
|
|
l3-radius8021x(9)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The detection type of the detected host. For OOB cases, this includes the discovery mechanism as well."
|
|
::= { hostDataEntry 20 }
|
|
|
|
hostUserAuthProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
authGuest (0),
|
|
authRadius (1),
|
|
authAD (2),
|
|
authSelfReg (3),
|
|
authADSGAP (4),
|
|
auth8021xRadius (5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Authentication type of the logged in IBAC user."
|
|
::= { hostDataEntry 21 }
|
|
|
|
hostSwitchId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Switch instance ID on which host was detected in OOB mode."
|
|
::= { hostDataEntry 22 }
|
|
|
|
hostSwitchPortId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Switch port ID on which host was detected in OOB mode"
|
|
::= { hostDataEntry 23 }
|
|
|
|
hostSwitchPortGroupId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Switch port group ID on which host was detected in OOB mode"
|
|
::= { hostDataEntry 24 }
|
|
|
|
hostQuarantineVlanId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Quarantine VLAN Id corresponding to the host which was detected in OOB mode."
|
|
::= { hostDataEntry 25 }
|
|
|
|
hostProductionVlanId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Production VLAN Id corresponding to the host which was detected in OOB mode."
|
|
::= { hostDataEntry 26 }
|
|
|
|
nasIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Network Server Access Ipaddress of the switch where the host is connecting to."
|
|
::= { hostDataEntry 27 }
|
|
|
|
nasGroupObjectId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Flexible policy Network Server Access Group Object Id for the host."
|
|
::= { hostDataEntry 28 }
|
|
|
|
userGroupObjectId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Flexible policy User Group Object Id for the host."
|
|
::= { hostDataEntry 29 }
|
|
|
|
|
|
deviceProfileString OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The device profile string provided by the third party device profiling ldap server for the host."
|
|
::= { hostDataEntry 30 }
|
|
|
|
hostOperationalMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enforcement (1),
|
|
audit (2),
|
|
simulation (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the operational mode for the host."
|
|
::= { hostDataEntry 31 }
|
|
|
|
hostEnforcementAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
deny (1),
|
|
allow (2),
|
|
custom-enforce (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the kind of enforcement done for the host."
|
|
::= { hostDataEntry 32 }
|
|
|
|
flexiblePolicyRuleId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the flexible policy rule for the host."
|
|
::= { hostDataEntry 33 }
|
|
|
|
hostConfigGrp OBJECT IDENTIFIER ::= { hostDataGrp 2 }
|
|
|
|
hostEntryAttribute OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip (1),
|
|
mac (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Host entry attribute to be considered for config action."
|
|
::= { hostConfigGrp 1 }
|
|
|
|
hostEntryIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Host entry Ip address to be considered for config action."
|
|
::= { hostConfigGrp 2 }
|
|
|
|
hostEntryMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Host entry Mac address to be considered for config action."
|
|
::= { hostConfigGrp 3 }
|
|
|
|
hostEntryConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
delete-host (1),
|
|
modify-naz (2),
|
|
revert-naz (3),
|
|
host-oob-to-inline (4),
|
|
host-inline-to-oob (5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Host entry config action."
|
|
::= { hostConfigGrp 4 }
|
|
|
|
hostEntryEZId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"EZ-ID to be considered for modifying the NAZ of the given host entry."
|
|
::= { hostConfigGrp 5 }
|
|
|
|
hostDataAvailabilityStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the availability of the hostData through SNMP. This information
|
|
is useful immediately after the sensor reboot, as the Host Data even if
|
|
present on the sensor would be available through SNMP only after the
|
|
system health becomes GOOD, as the host data would be initialised only
|
|
during the initial sigfile processing.
|
|
True: Host Data available after the sensor initialisation or no persisted hostdata.
|
|
False: In other scenarios. "
|
|
::= { hostDataGrp 3 }
|
|
|
|
--This group contains MIB objects related to SGAP Configuration
|
|
|
|
sgapGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 29 }
|
|
|
|
sgapConfigGrp OBJECT IDENTIFIER ::= { sgapGrp 1 }
|
|
|
|
sgapAuthTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (10..600)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Authentication channel timeout in seconds.
|
|
Default: 30"
|
|
::= { sgapConfigGrp 1 }
|
|
|
|
sgapCSRConfigGrp OBJECT IDENTIFIER ::= { sgapConfigGrp 2 }
|
|
|
|
sgapCSRCountryName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Country name for generating the CSR. Use the two-letter code
|
|
without punctuation for country like US or CA."
|
|
::= { sgapCSRConfigGrp 1 }
|
|
|
|
sgapCSRStateProvince OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"State or Province name for generating the CSR. Spell out the
|
|
state completely."
|
|
::= { sgapCSRConfigGrp 2 }
|
|
|
|
sgapCSRLocality OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"City or town name for generating the CSR."
|
|
::= { sgapCSRConfigGrp 3 }
|
|
|
|
sgapCSRCompany OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Company name for generating the CSR. If the company name has
|
|
symbols, spell out the symbol or omit it to enroll."
|
|
::= { sgapCSRConfigGrp 4 }
|
|
|
|
sgapCSROrganizationalUnit OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The organizational unit is the name of the department or organization unit
|
|
making the request. This is an optional field"
|
|
::= { sgapCSRConfigGrp 5 }
|
|
|
|
sgapCSRCommonName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The common name is the host plus domain name. It looks like
|
|
www.company.com or company.com."
|
|
::= { sgapCSRConfigGrp 6 }
|
|
|
|
sgapCSRGenerateAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other(0),
|
|
generateCSR(1),
|
|
generateSelfSigned(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This action is used to generate the CSR/self signed certificate.
|
|
Default : other (0)"
|
|
::= { sgapCSRConfigGrp 7 }
|
|
|
|
sgapCSRGenerateStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
generationInProgress (1),
|
|
generationComplete (2),
|
|
generationFailed (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object describes the possible CSR generation states.
|
|
Default : other (0)"
|
|
::= { sgapCSRConfigGrp 8 }
|
|
|
|
sgapCertStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
certAbsent (1),
|
|
defaultCert (2),
|
|
selfsignedCert (3),
|
|
casignedCert (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the sgap cert status on the sensor.
|
|
Default: 0"
|
|
::= { sgapConfigGrp 3 }
|
|
|
|
--
|
|
-- This group contains MIB objects related to threshold alarm and historical trends related configuration
|
|
--
|
|
|
|
alarmAndTrendsGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 30 }
|
|
|
|
sensorPerfAlertGrp OBJECT IDENTIFIER ::= { alarmAndTrendsGrp 1 }
|
|
|
|
sensorPerfAlertEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable/disable generation of sensor performance alerts,
|
|
for the purpose of historical trends.
|
|
Default: false(2)"
|
|
::= { sensorPerfAlertGrp 1 }
|
|
|
|
sensorPerfAlertDuration OBJECT-TYPE
|
|
SYNTAX INTEGER (1..60)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the duration of sensor performance alerts in minutes,
|
|
for the purpose of historical trends.
|
|
Default: 5"
|
|
::= { sensorPerfAlertGrp 2 }
|
|
|
|
sensorPerfAlertParameters OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the parameters of sensor performance alerts,
|
|
for the purpose of historical trends. The parameter bit positions are as given below.
|
|
msb-bit(1) : cpu-utilization,
|
|
msb-bit(2) : tcpudp-flows,
|
|
msb-bit(3) : sensor-throughput,
|
|
msb-bit(4) : mon-port-data-rate,
|
|
msb-bit(5) : reserved
|
|
msb-bit(6) : reserved
|
|
msb-bit(7) : system-memory,
|
|
msb-bit(8) : packet-buffers,
|
|
msb-bit(9) : decrypted-ssl-flows"
|
|
::= { sensorPerfAlertGrp 3 }
|
|
|
|
alarmConfigGrp OBJECT IDENTIFIER ::= { alarmAndTrendsGrp 2 }
|
|
|
|
alarmStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable/disable generation of threshold based alarms.
|
|
Default: false(2)"
|
|
::= { alarmConfigGrp 1 }
|
|
|
|
alarmDeleteAllEntries OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
true(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to delete all alarm entries in a single operation."
|
|
::= { alarmConfigGrp 2 }
|
|
|
|
alarmDuration OBJECT-TYPE
|
|
SYNTAX INTEGER (1..60)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the duration in minutes, at which the sensor needs to perform
|
|
threshold checks and if required generate the specific alarm.
|
|
Default : 1"
|
|
::= { alarmConfigGrp 3 }
|
|
|
|
alarmTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AlarmEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for configured threshold based alarms. (indexed via alarmIndex)
|
|
This table contains Trellix specific MIB objects.
|
|
"
|
|
::= { alarmConfigGrp 4 }
|
|
|
|
alarmEntry OBJECT-TYPE
|
|
SYNTAX AlarmEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each threshold based alarm.
|
|
Indexed by alarmIndex"
|
|
INDEX { alarmIndex }
|
|
::= { alarmTable 1 }
|
|
|
|
AlarmEntry ::= SEQUENCE {
|
|
alarmIndex
|
|
INTEGER,
|
|
alarmSampleType
|
|
INTEGER,
|
|
alarmSampleTypeIndexBitmap
|
|
OCTET STRING,
|
|
alarmSampleTypeDesc
|
|
DisplayString,
|
|
alarmRaisingThreshold
|
|
Unsigned32,
|
|
alarmFallingThreshold
|
|
Unsigned32,
|
|
alarmStartupType
|
|
INTEGER,
|
|
alarmEntryStatus
|
|
RowStatus
|
|
}
|
|
|
|
alarmIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of the threshold based alarm entry"
|
|
::= { alarmEntry 1 }
|
|
|
|
alarmSampleType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
cpu-utilization-abs (0),
|
|
tcpudp-flows (1),
|
|
sensor-throughput-delta (2),
|
|
mon-port-throughput-delta (3),
|
|
sensor-l2-error-drop-delta (4),
|
|
sensor-l3-l4-error-drop-delta (5),
|
|
system-memory (6),
|
|
packet-buffers (7),
|
|
decrypted-ssl-flows (8)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the alarm sample type for which the sensor needs to generate alarms
|
|
based on alarm threshold settings. The threshold value range vary based on the sample types :
|
|
cpu-utilization-abs : 0 - 100,
|
|
tcpudp-flows : 0 - 100,
|
|
sensor-throughput-delta : 0 - 100,
|
|
mon-port-throughput-delta : 0 - 100,
|
|
l2-error-drop-delta : 0 - 4294967295,
|
|
l3-l4-error-drop-delta : 0 - 4294967295,
|
|
system-memory : 0 - 100,
|
|
packet-buffers : 0 - 100,
|
|
decrypted-ssl-flows : 0 - 100
|
|
"
|
|
::= { alarmEntry 2 }
|
|
|
|
alarmSampleTypeIndexBitmap OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object provides the index bit map for the alarm sample type id. The bit
|
|
setting would be similar to the BITS type and in network order. The bitmap would be as
|
|
given below :
|
|
cpu-utilization-abs - 0,
|
|
sensor-throughput-delta - 0,
|
|
mon-port-throughput-delta - Bit position indicates the <linear portIndex>
|
|
sensor-l2-error-drop-delta - 0,
|
|
sensor-l3-l4-error-drop-delta - 0
|
|
"
|
|
::= { alarmEntry 3 }
|
|
|
|
alarmSampleTypeDesc OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object provides the alarm sample type description such as 'lower-band', 'higher-band', etc."
|
|
::= { alarmEntry 4 }
|
|
|
|
alarmRaisingThreshold OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the raising threshold value. The sensor would generate raising
|
|
threshold alarm when the sample type counter exceeds this value."
|
|
::= { alarmEntry 5 }
|
|
|
|
alarmFallingThreshold OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the falling threshold value. The sensor would generate falling
|
|
threshold alarm when the sample type counter reduces below this value."
|
|
::= { alarmEntry 6 }
|
|
|
|
alarmStartupType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
raising (1),
|
|
falling (2),
|
|
both (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the first alarm type that the sensor must generate before
|
|
generating the other threshold based alarm. For eg; if the value is set to 'raising (1)',
|
|
then the sensor has to first raise an alarm based on raising threshold value and only
|
|
then based on falling threshold value.
|
|
Default : raising (1)"
|
|
::= { alarmEntry 7 }
|
|
|
|
alarmEntryStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to create a new threshold based alarm."
|
|
::= { alarmEntry 8 }
|
|
|
|
|
|
bwSavingStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable/disable bandwidth saving.
|
|
Default: false(2)"
|
|
::= { alarmConfigGrp 5 }
|
|
|
|
|
|
--
|
|
-- This group contains MIB objects applicable to NAC-only Appliances.
|
|
--
|
|
|
|
oobnacGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 31 }
|
|
-- Support for oobnacGrp is deprecated in V-series sensors(VmIPS).
|
|
-- This group consists of scalars for pre-discovery phase and swInstanceTable(based on switch ID).
|
|
oobnacSwDiscoveryGrp OBJECT IDENTIFIER ::= { oobnacGrp 1 }
|
|
|
|
-- This table creates an entry for the switch (indexed based on switch id ).
|
|
|
|
swInstanceTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SwInstanceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each switch instance(indexed via switch id)."
|
|
::= { oobnacSwDiscoveryGrp 1 }
|
|
|
|
swInstanceEntry OBJECT-TYPE
|
|
SYNTAX SwInstanceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the attributes that are specific to the switch instance. Indexed by swIdIndex"
|
|
INDEX { swIdIndex }
|
|
::= { swInstanceTable 1 }
|
|
|
|
SwInstanceEntry ::= SEQUENCE {
|
|
swIdIndex
|
|
INTEGER,
|
|
swDetDesc
|
|
DisplayString,
|
|
swProfileId
|
|
INTEGER,
|
|
swIPAddress
|
|
IpAddress,
|
|
swIPV6Address
|
|
Ipv6Address,
|
|
swName
|
|
DisplayString,
|
|
swDesc
|
|
DisplayString,
|
|
swEnable
|
|
TruthValue,
|
|
swSNMPsupport
|
|
TruthValue,
|
|
swSnmpVerSupport
|
|
INTEGER,
|
|
swREADCommunityStr
|
|
DisplayString,
|
|
swWRITECommunityStr
|
|
DisplayString,
|
|
swTRAPCommunityStr
|
|
DisplayString,
|
|
swSNMPPort
|
|
INTEGER,
|
|
swV3UserName
|
|
DisplayString,
|
|
swV3SecurityLevel
|
|
INTEGER,
|
|
swV3AuthProtocol
|
|
INTEGER,
|
|
swV3AuthKey
|
|
DisplayString,
|
|
swV3EncrProtocol
|
|
INTEGER,
|
|
swV3EncrKey
|
|
DisplayString,
|
|
swCLIsupport
|
|
TruthValue,
|
|
swCLINwProtocol
|
|
INTEGER,
|
|
swCLIUserName
|
|
DisplayString,
|
|
swCLIPwd
|
|
DisplayString,
|
|
swCLIEnablePwd
|
|
DisplayString,
|
|
swCLIAutoSaveConfig
|
|
TruthValue,
|
|
swRadiusSupport
|
|
TruthValue,
|
|
swRadiusSharedSecret
|
|
DisplayString,
|
|
swPlaceHolderVlan
|
|
DisplayString,
|
|
swUseDefaultQVlanPool
|
|
TruthValue,
|
|
swQVlanPoolRange
|
|
DisplayString,
|
|
swDiscoverAction
|
|
RowStatus,
|
|
swCLILoginType
|
|
INTEGER,
|
|
swAuthMacAddRadSrvOption
|
|
TruthValue,
|
|
swActionStatus
|
|
INTEGER,
|
|
swPortDefaultVlan
|
|
INTEGER,
|
|
swActionStatusTime
|
|
INTEGER
|
|
|
|
|
|
}
|
|
|
|
swIdIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index"
|
|
::= { swInstanceEntry 1 }
|
|
|
|
swDetDesc OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..256))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Description returned by the switch. "
|
|
::= { swInstanceEntry 2 }
|
|
|
|
swProfileId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"switch profile id returned by the switch."
|
|
::= { swInstanceEntry 3 }
|
|
|
|
swIPAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of the switch instance sent down from ISM when a new switch is being added."
|
|
::= { swInstanceEntry 4 }
|
|
|
|
swIPV6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPV6 address of the switch instance sent down from ISM when a new switch is being added."
|
|
::= { swInstanceEntry 5 }
|
|
|
|
swName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..256))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Switch name returned by the switch."
|
|
::= { swInstanceEntry 6 }
|
|
|
|
|
|
|
|
swDesc OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..256))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Switch name returned by the switch. This can be modified by ISM."
|
|
::= { swInstanceEntry 7 }
|
|
|
|
swEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to enable/disable the specific switch upon discovery. The default value is enable(1)."
|
|
::= { swInstanceEntry 8 }
|
|
|
|
swSNMPsupport OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Support for snmp communication between sensor and the switch.Currently the value always remains true."
|
|
::= { swInstanceEntry 9 }
|
|
|
|
swSnmpVerSupport OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
snmpv1(1),
|
|
snmpv2(2),
|
|
snmpv3(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"snmp version supported by the switch. The default will be version 2."
|
|
::= { swInstanceEntry 10 }
|
|
|
|
swREADCommunityStr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"String used for all read-only snmp data communication between sensor and the switch. The default string is public."
|
|
::= { swInstanceEntry 11 }
|
|
|
|
swWRITECommunityStr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"String used for all read-write snmp data communication between sensor and the switch."
|
|
::= { swInstanceEntry 12 }
|
|
|
|
swTRAPCommunityStr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"community string used for the all the traps received from the switch."
|
|
::= { swInstanceEntry 13 }
|
|
|
|
|
|
swSNMPPort OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"snmp port for snmp communication with the switch(161)."
|
|
::= { swInstanceEntry 14 }
|
|
|
|
|
|
swV3UserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..31))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"User name for snmp v3 communication."
|
|
::= { swInstanceEntry 15 }
|
|
|
|
swV3SecurityLevel OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noAuthNoPriv(1),
|
|
authNoPriv(2),
|
|
authPriv(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Level of security supported by the switch. The default value is authPriv(3)."
|
|
::= { swInstanceEntry 16 }
|
|
|
|
swV3AuthProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
mD5(1),
|
|
sHA(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"protocol for authentication of the user. The default value is Md5(1)."
|
|
::= { swInstanceEntry 17 }
|
|
|
|
swV3AuthKey OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Key for authentication of the user."
|
|
::= { swInstanceEntry 18 }
|
|
|
|
swV3EncrProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
dES(1),
|
|
aES(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"protocol for encryption of snmp communication messages. The default value is DES(1)."
|
|
::= { swInstanceEntry 19 }
|
|
swV3EncrKey OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"key for encryting messages."
|
|
::= { swInstanceEntry 20 }
|
|
|
|
swCLIsupport OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Support for CLI communication between sensor and the switch."
|
|
::= { swInstanceEntry 21 }
|
|
|
|
swCLINwProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
telnet(1),
|
|
ssh(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"support for a command line interfaces network protocol such as TELNET or ssh. Default value is telnet(1)."
|
|
::= { swInstanceEntry 22 }
|
|
|
|
swCLIUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"user name for CLI communication."
|
|
::= { swInstanceEntry 23 }
|
|
|
|
swCLIPwd OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"password to authenticate CLI user."
|
|
::= { swInstanceEntry 24 }
|
|
|
|
swCLIEnablePwd OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable password to authenticate CLI user."
|
|
::= { swInstanceEntry 25 }
|
|
|
|
swCLIAutoSaveConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this option is enabled then auto save CLI configuration changes to flash."
|
|
::= { swInstanceEntry 26 }
|
|
|
|
swRadiusSupport OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Support for radius communication between sensor and the switch. The default value is enable(1)."
|
|
::= { swInstanceEntry 27 }
|
|
|
|
swRadiusSharedSecret OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A case-sensitive text string used to validate communications between two radius devices."
|
|
::= { swInstanceEntry 28 }
|
|
|
|
swPlaceHolderVlan OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"special vlan value used for assigning qvlan value to an empty port."
|
|
::= { swInstanceEntry 29 }
|
|
|
|
swUseDefaultQVlanPool OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to use globally set qvlan pool range."
|
|
::= { swInstanceEntry 30 }
|
|
|
|
swQVlanPoolRange OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..30))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Qvlan pool range assigned for the switch instance."
|
|
::= { swInstanceEntry 31 }
|
|
|
|
swDiscoverAction OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This action data will add a switch entry in the table. Default action is createAndGo(4)."
|
|
::= { swInstanceEntry 32 }
|
|
|
|
|
|
swCLILoginType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
userPwd(1),
|
|
pwdEnable(2),
|
|
userPwdEnable(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Different login types supported for CLI. "
|
|
::= { swInstanceEntry 33 }
|
|
|
|
swAuthMacAddRadSrvOption OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Support for option to authenticate MAC addresses against radius server.Default option is to disabled(0)."
|
|
::= { swInstanceEntry 34 }
|
|
|
|
|
|
swActionStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
active(1),
|
|
inactive(2),
|
|
in-deletion-mode(3),
|
|
in-addition-mode(4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Variable to poll the status of the switch(in case sw goes down). "
|
|
::= { swInstanceEntry 35 }
|
|
|
|
|
|
swPortDefaultVlan OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Variable used for updating port default vlan for universal control point (UCP)switches. For non-ucp switches the value will default to zero."
|
|
::= { swInstanceEntry 36 }
|
|
|
|
|
|
swActionStatusTime OBJECT-TYPE
|
|
SYNTAX INTEGER (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time when swActionStatus variable was updated."
|
|
::= { swInstanceEntry 37 }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
--Scalar for the pre-discovery phase. No entry is created for the switch during this time.
|
|
-- Also scalars for switch snmp/cli test.
|
|
|
|
swIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of the switch instance sent down from ISM when a new switch is being added."
|
|
::= { oobnacSwDiscoveryGrp 2 }
|
|
|
|
swIpV6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPV6 address of the switch instance sent down from ISM when a new switch is being added."
|
|
::= { oobnacSwDiscoveryGrp 3 }
|
|
|
|
readCommunityString OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This string is used for all read-only snmp data communication between sensor and the switch. The default string is public."
|
|
::= { oobnacSwDiscoveryGrp 4 }
|
|
|
|
snmpPort OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default port on which snmp runs(161)."
|
|
::= { oobnacSwDiscoveryGrp 5 }
|
|
|
|
snmpVerSupport OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
snmpv1(1),
|
|
snmpv2(2),
|
|
snmpv3(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"snmp version supported by the switch. The default will be version 2."
|
|
::= { oobnacSwDiscoveryGrp 6 }
|
|
|
|
writeCommunityStr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"String used for all read-write snmp data communication between sensor and the switch."
|
|
::= { oobnacSwDiscoveryGrp 7 }
|
|
|
|
trapCommunityStr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"community string used for the all the traps received from the switch."
|
|
::= { oobnacSwDiscoveryGrp 8}
|
|
|
|
|
|
v3UserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..31))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"User name for snmp v3 communication."
|
|
::= { oobnacSwDiscoveryGrp 9 }
|
|
|
|
v3SecurityLevel OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noAuthNoPriv(1),
|
|
authNoPriv(2),
|
|
authPriv(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Level of security supported by the switch. The default value is authPriv(3)."
|
|
::= { oobnacSwDiscoveryGrp 10 }
|
|
|
|
v3AuthProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
mD5(1),
|
|
sHA(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"protocol for authentication of the user. The default value is Md5(1)."
|
|
::= { oobnacSwDiscoveryGrp 11 }
|
|
|
|
v3AuthKey OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Key for authentication of the user."
|
|
::= { oobnacSwDiscoveryGrp 12 }
|
|
|
|
v3EncrProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
dES(1),
|
|
aES(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"protocol for encryption of snmp communication messages. The default value is DES(1)."
|
|
::= { oobnacSwDiscoveryGrp 13 }
|
|
|
|
v3EncrKey OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"key for encryting messages."
|
|
::= { oobnacSwDiscoveryGrp 14 }
|
|
|
|
cliNwProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
telnet(1),
|
|
ssh(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"support for a command line interfaces network protocol such as TELNET or ssh. Default value is telnet(1)."
|
|
::= { oobnacSwDiscoveryGrp 15 }
|
|
|
|
cliUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"user name for CLI communication."
|
|
::= { oobnacSwDiscoveryGrp 16}
|
|
|
|
|
|
cliPwd OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"password to authenticate CLI user."
|
|
::= { oobnacSwDiscoveryGrp 17 }
|
|
|
|
cliEnablePwd OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable password to authenticate CLI user."
|
|
::= { oobnacSwDiscoveryGrp 18 }
|
|
|
|
swQueryAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
initialQuery(1),
|
|
testSnmp(2),
|
|
testCli(3),
|
|
deleteAllSwEntries(4),
|
|
reLearnSwitch(5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"action to get preliminary data (like sys uptime, sys description etc) from the switch. also to test cli and snmp."
|
|
::= { oobnacSwDiscoveryGrp 19}
|
|
|
|
|
|
cliLoginType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
userPwd(1),
|
|
pwdEnable(2),
|
|
userPwdEnable(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Different login types supported for CLI. "
|
|
::= { oobnacSwDiscoveryGrp 20 }
|
|
|
|
profileId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"switch profile id returned by the switch."
|
|
::= { oobnacSwDiscoveryGrp 21 }
|
|
|
|
switchId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sw global id used to re-learn the switch."
|
|
::= { oobnacSwDiscoveryGrp 22 }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-- This group consists of scalars applicable to all switches.
|
|
oobnacAllSwitchesGrp OBJECT IDENTIFIER ::= { oobnacGrp 2 }
|
|
|
|
|
|
oobnDefaultQvlanPool OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..30))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"default qvlan pool range assigned for the all switches using default qvlan pool."
|
|
|
|
::= { oobnacAllSwitchesGrp 1 }
|
|
|
|
|
|
oobnacRadNumRetries OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default number of retries(3) allowed for radius users."
|
|
::= { oobnacAllSwitchesGrp 2 }
|
|
|
|
|
|
oobnacRadRespTimeOut OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default timeout value(3 seconds) for radius response timeout."
|
|
::= { oobnacAllSwitchesGrp 3 }
|
|
|
|
|
|
|
|
--
|
|
-- OOB NAC Failover Group
|
|
--
|
|
--This group contains objects that identify the OOB NAC failover configuration information
|
|
--
|
|
|
|
oobnacFailoverGrp OBJECT IDENTIFIER ::= { oobnacGrp 3 }
|
|
|
|
oobnacFloatingIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Floating Management Port IP Address."
|
|
::= { oobnacFailoverGrp 1 }
|
|
|
|
oobnacFloatingIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Floating Management Port IPv6 Address."
|
|
::= { oobnacFailoverGrp 2 }
|
|
|
|
oobnacFloatingNetMask OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Floating Management Port Network mask as a IPAddress prefix."
|
|
::= { oobnacFailoverGrp 3 }
|
|
|
|
oobnacFloatingv6NetMask OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Floating Management Port IPv6 Network mask as a IPAddress prefix."
|
|
::= { oobnacFailoverGrp 4 }
|
|
|
|
oobnacFloatingGatewayIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Floating Management Port Gateway IP Address."
|
|
::= { oobnacFailoverGrp 5 }
|
|
|
|
oobnacFloatingGatewayIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Floating Management Port Gateway IP Address."
|
|
::= { oobnacFailoverGrp 6 }
|
|
|
|
oobnacPeerIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Failover Peer Management Port IP Address."
|
|
::= { oobnacFailoverGrp 7 }
|
|
|
|
oobnacPeerIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Failover Peer Management Port IPv6 Address."
|
|
::= { oobnacFailoverGrp 8 }
|
|
|
|
oobnacFailoverSensorStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
standalone (0),
|
|
standby (1),
|
|
active (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Status of the sensor in OOBNac failover."
|
|
::= { oobnacFailoverGrp 9 }
|
|
|
|
--
|
|
-- This group contains Malware related MIB objects. These are applicable to
|
|
-- all M-series except NAC-only appliances.
|
|
--
|
|
|
|
|
|
malwareGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 32 }
|
|
|
|
-- Support for malwarePriDNSServerIp is now deprecated in sensors using new MIB.
|
|
malwarePriDNSServerIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"IP address of the primary DNS server."
|
|
::= { malwareGrp 1 }
|
|
|
|
-- Support for malwareSecDNSServerIp is now deprecated in sensors using new MIB.
|
|
malwareSecDNSServerIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"IP address of the secondary DNS server."
|
|
::= { malwareGrp 2 }
|
|
|
|
-- Support for malwarePriDNSServerIpV6 is now deprecated in sensors using new MIB.
|
|
malwarePriDNSServerIpV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"IPV6 address of the primary DNS server."
|
|
::= { malwareGrp 3 }
|
|
|
|
-- Support for malwareSecDNSServerIpV6 is now deprecated in sensors using new MIB.
|
|
malwareSecDNSServerIpV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"IPV6 address of the secondary DNS server."
|
|
::= { malwareGrp 4 }
|
|
|
|
malwareRiskLevel OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
veryLow(1),
|
|
low(2),
|
|
medium(3),
|
|
high(4),
|
|
veryHigh(5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Malware risk level threshold value set by the user. The default level is Very Low."
|
|
::= { malwareGrp 5 }
|
|
|
|
-- Support for malwareArtemisDetectionMode is deprecated in sensors using new MIB.
|
|
malwareArtemisDetectionMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
alertOnly(1),
|
|
alertAndBlock(2),
|
|
alertBlockAndTCP-Reset(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"artemis configuration to do either of the settings
|
|
Alert only,
|
|
Alert and Block or
|
|
Alert, Block and TCP-Reset."
|
|
::= { malwareGrp 6 }
|
|
|
|
|
|
-- Support for malwareUDFDetectionMode is deprecated in sensors using new MIB.
|
|
malwareUDFDetectionMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
alertOnly(1),
|
|
alertAndBlock(2),
|
|
alertBlockAndTCP-Reset(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"user-defined configuration to do either of the settings
|
|
Alert only,
|
|
Alert and Block or
|
|
Alert, Block and TCP-Reset."
|
|
::= { malwareGrp 7 }
|
|
|
|
|
|
gamEngSensorCfgGrp OBJECT IDENTIFIER ::= { malwareGrp 8 }
|
|
|
|
gamEngSensorAutoUpdateConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable / disable the Sensor auto update config.
|
|
Default : True (Enable)"
|
|
::= { gamEngSensorCfgGrp 1}
|
|
|
|
gamEngSensorAutoUpdateInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (90..1440)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sets the Sensor auto update Interval in minutes.
|
|
Default : 90"
|
|
::= { gamEngSensorCfgGrp 2}
|
|
|
|
gamEngVer OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..63))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides the current gam engine version available on sensor."
|
|
::= { gamEngSensorCfgGrp 3}
|
|
|
|
gamDatVer OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..63))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides the current gam dat version available on sensor."
|
|
::= { gamEngSensorCfgGrp 4}
|
|
|
|
avEngVer OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..63))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides the current AV engine version available on sensor."
|
|
::= { gamEngSensorCfgGrp 5 }
|
|
|
|
avDatVer OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..63))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides the current AV dat version available on sensor."
|
|
::= { gamEngSensorCfgGrp 6}
|
|
|
|
gamEngUpdatedTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides the time in UTC format when sensor had updated GAM engine successfully."
|
|
::= { gamEngSensorCfgGrp 7}
|
|
|
|
gamManualFullUpdateFileUploadStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
readyForGAMUpdate (1),
|
|
gAMUpdateTransferInProgress (2),
|
|
gAMUpdateTransferError (3),
|
|
gAMUpdateQueued (4),
|
|
applyingGAMUpdate (5),
|
|
gAMUpdateCompleted (6),
|
|
gAMUpdateError (7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides the current file upload status."
|
|
::= { gamEngSensorCfgGrp 8}
|
|
|
|
--This group contains MIB objects related to Miscellaneous Configuration Group
|
|
miscCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 33 }
|
|
|
|
jumboframeParsingConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable jumboframe parsing.
|
|
The new setting would be effective only after a sensor reboot.
|
|
Default: disable"
|
|
::= {miscCfgGrp 1 }
|
|
|
|
currentJumboframeParsingStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current running jumboframe parsing status."
|
|
::= {miscCfgGrp 2 }
|
|
|
|
appIdStatsConfigStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that the appId stats collection is enabled for the sensor.
|
|
Default: False"
|
|
::= { miscCfgGrp 3 }
|
|
|
|
hitlessRebootStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
available (1),
|
|
notavailable (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Status option to read whether hitless reboot is possible or not at this time."
|
|
::= {miscCfgGrp 4 }
|
|
|
|
existingGeoDBFilename OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..256))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the name of geo database file present in sensor. NULL would be returned
|
|
when there is no geo DB file on the sensor."
|
|
::= {miscCfgGrp 5 }
|
|
|
|
nsmTrackUserLoggingStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable NSM audit logging.
|
|
Default: disable"
|
|
::= {miscCfgGrp 6 }
|
|
|
|
accelerateFTPInboundConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable accelerate ftp in inbound direction
|
|
Default: false (2)"
|
|
::= {miscCfgGrp 7 }
|
|
|
|
|
|
accelerateFTPOutboundConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable accelerate ftp in outbound direction.
|
|
Default: false (2)"
|
|
::= {miscCfgGrp 8 }
|
|
|
|
parseTunnellingConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable parsing of tunnelled packet.
|
|
Default: false (2)"
|
|
::= {miscCfgGrp 9 }
|
|
|
|
prev256ByteLoggingConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable prev 256 byte logging.
|
|
Default: false (2)"
|
|
::= {miscCfgGrp 10 }
|
|
|
|
cliAuditLoggingConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable cli audit logging through SNMP.
|
|
Default: false (2)"
|
|
::= {miscCfgGrp 11 }
|
|
|
|
snortRuleEngineConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
traditional (1),
|
|
nextGeneration (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to switch snort rule engine between traditional and next generation.
|
|
The new setting would be effective only after a sensor reboot.
|
|
Default: traditional"
|
|
::= {miscCfgGrp 12 }
|
|
|
|
currentSnortRuleEngineStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current running snort rule engine on sensor."
|
|
::= {miscCfgGrp 13 }
|
|
|
|
insightsTelemetryConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable usage of configured telemetry data for Insights"
|
|
::= {miscCfgGrp 14}
|
|
|
|
--
|
|
-- This group contains MIB objects applicable to Layer2 forwarding.
|
|
--
|
|
|
|
layer2FwdGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 34 }
|
|
|
|
-- This group consists of scalars for configuring layer2 fwd feature.
|
|
|
|
layer2FwdCfgGrp OBJECT IDENTIFIER ::= { layer2FwdGrp 1 }
|
|
|
|
|
|
layer2FwdType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
tcp (1),
|
|
udp (2),
|
|
vlan(3),
|
|
all (4),
|
|
ip (5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Different modes for using layer2 forward feature."
|
|
::= { layer2FwdCfgGrp 1 }
|
|
|
|
|
|
layer2IntfPort OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The intf linear port index of the sensor for the mode chosen."
|
|
::= { layer2FwdCfgGrp 2 }
|
|
|
|
|
|
layer2FwdAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2),
|
|
clearAll(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Action to take for the specified port(s)."
|
|
::= { layer2FwdCfgGrp 3 }
|
|
|
|
layer2FwdBeginId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Start port id(range 1-65535) for the mode selected(tcp/udp/vlan)."
|
|
::= { layer2FwdCfgGrp 4 }
|
|
|
|
|
|
layer2FwdEndId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" End port id(range 1-65535) for the mode selected(tcp/udp/vlan)."
|
|
::= { layer2FwdCfgGrp 5 }
|
|
|
|
layer2FwdConfig OBJECT-TYPE
|
|
SYNTAX INTEGER (0..7)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Layer2 forward configuration to enable or disable this feature. Each bit represents the
|
|
layer2 forward type. From the LSB the 1st bit for TCP, 2nd bit for UDP, 3rd bit for VLAN.
|
|
Default will be 7, indicating this feature is enable"
|
|
::= { layer2FwdCfgGrp 6 }
|
|
|
|
--
|
|
-- This table has entries for layer2Fwd TCP Table.
|
|
--
|
|
|
|
layer2FwdTCPTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Layer2FwdTCPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing TCP port ranges configured for L2 forwarding.(indexed via intf port number and entry number)."
|
|
::= { layer2FwdGrp 2 }
|
|
|
|
|
|
layer2FwdTCPEntry OBJECT-TYPE
|
|
SYNTAX Layer2FwdTCPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the attributes that are specific to the L2 fwd entry for TCP table. Indexed by intfPortLinearIndex and entry number."
|
|
INDEX { tcpIntfPortIndex,
|
|
tcpEntryIndex }
|
|
::= { layer2FwdTCPTable 1 }
|
|
|
|
Layer2FwdTCPEntry ::= SEQUENCE {
|
|
tcpIntfPortIndex
|
|
TrellixPortLinearIndex,
|
|
tcpEntryIndex
|
|
INTEGER,
|
|
tcpPortRange
|
|
DisplayString
|
|
}
|
|
|
|
tcpIntfPortIndex OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The intfPort linear index"
|
|
::= { layer2FwdTCPEntry 1 }
|
|
|
|
tcpEntryIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index"
|
|
::= { layer2FwdTCPEntry 2 }
|
|
|
|
tcpPortRange OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..20))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"range for which L2 forwarding feature is enabled. "
|
|
::= { layer2FwdTCPEntry 3 }
|
|
|
|
|
|
|
|
--
|
|
-- This table has entries for layer2Fwd UDP Table.
|
|
--
|
|
|
|
layer2FwdUDPTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Layer2FwdUDPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing UDP port ranges configured for L2 forwarding.(indexed via intfPortIndex and entry number)."
|
|
::= { layer2FwdGrp 3 }
|
|
|
|
|
|
layer2FwdUDPEntry OBJECT-TYPE
|
|
SYNTAX Layer2FwdUDPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the attributes that are specific to the L2 fwd entry for UDP table. Indexed by intfPortLinearIndex and entry number."
|
|
INDEX { udpIntfPortIndex,
|
|
udpEntryIndex }
|
|
::= { layer2FwdUDPTable 1 }
|
|
|
|
|
|
Layer2FwdUDPEntry ::= SEQUENCE {
|
|
udpIntfPortIndex
|
|
TrellixPortLinearIndex,
|
|
udpEntryIndex
|
|
INTEGER,
|
|
udpPortRange
|
|
DisplayString
|
|
}
|
|
udpIntfPortIndex OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The intfPort linear index"
|
|
::= { layer2FwdUDPEntry 1 }
|
|
|
|
udpEntryIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index"
|
|
::= { layer2FwdUDPEntry 2 }
|
|
|
|
udpPortRange OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..20))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"range for which L2 forwarding feature is enabled. "
|
|
::= { layer2FwdUDPEntry 3 }
|
|
|
|
|
|
--
|
|
-- This table has entries for layer2Fwd VLAN Table.
|
|
--
|
|
|
|
layer2FwdVLANTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Layer2FwdVLANEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing VLAN port ranges configured for L2 forwarding.(indexed via interface number and entry number)."
|
|
::= { layer2FwdGrp 4 }
|
|
|
|
|
|
layer2FwdVLANEntry OBJECT-TYPE
|
|
SYNTAX Layer2FwdVLANEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the attributes that are specific to the
|
|
L2 fwd entry for VLAN table(indexed via intfPortLinearIndex and entry number)."
|
|
INDEX { vlanIntfPortIndex,
|
|
vlanEntryIndex }
|
|
::= { layer2FwdVLANTable 1 }
|
|
|
|
|
|
Layer2FwdVLANEntry ::= SEQUENCE {
|
|
vlanIntfPortIndex
|
|
TrellixPortLinearIndex,
|
|
vlanEntryIndex
|
|
INTEGER,
|
|
vlanPortRange
|
|
DisplayString
|
|
}
|
|
|
|
vlanIntfPortIndex OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The intfPort linear index"
|
|
::= { layer2FwdVLANEntry 1 }
|
|
|
|
vlanEntryIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry index "
|
|
::= { layer2FwdVLANEntry 2 }
|
|
|
|
vlanPortRange OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..20))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"range for which L2 forwarding feature is enabled. Maximum vlan range supported on each interface is 4k. "
|
|
::= { layer2FwdVLANEntry 3 }
|
|
|
|
layer2FwdIPTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Layer2FwdIPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing IP protocol ranges configured for L2 forwarding.(indexed via intfPortIndex and entry number)."
|
|
::= { layer2FwdGrp 5 }
|
|
|
|
|
|
layer2FwdIPEntry OBJECT-TYPE
|
|
SYNTAX Layer2FwdIPEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the attributes that are specific to the L2 fwd. entry for IP table. Indexed by intfPortLinearIndex and entry number."
|
|
INDEX { ipIntfPortIndex,
|
|
ipEntryIndex }
|
|
::= { layer2FwdIPTable 1 }
|
|
|
|
|
|
Layer2FwdIPEntry ::= SEQUENCE {
|
|
ipIntfPortIndex
|
|
TrellixPortLinearIndex,
|
|
ipEntryIndex
|
|
INTEGER,
|
|
ipPortRange
|
|
DisplayString
|
|
}
|
|
ipIntfPortIndex OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The intfPort linear index"
|
|
::= { layer2FwdIPEntry 1 }
|
|
|
|
ipEntryIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index"
|
|
::= { layer2FwdIPEntry 2 }
|
|
|
|
ipPortRange OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..20))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"range for which L2 forwarding feature is enabled. "
|
|
::= { layer2FwdIPEntry 3 }
|
|
|
|
--This group contains MIB objects related to ARP Configuration
|
|
arpCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 103 }
|
|
|
|
arpSDEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to enable/disable ARP Spoof Detection.
|
|
Default: enable"
|
|
::= {arpCfgGrp 1 }
|
|
|
|
--This group contains MIB objects related to ARP Configuration
|
|
|
|
--This group contains MIB objects related to Packet Capture Configuration
|
|
|
|
pktCapCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 35 }
|
|
|
|
pktCapMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disable (1),
|
|
portModeEnable (2),
|
|
fileModeEnable (3)
|
|
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to select packet capture Mode.
|
|
File mode is not supported in 6.x release.
|
|
Default: disable"
|
|
::= {pktCapCfgGrp 1 }
|
|
|
|
pktCapDuration OBJECT-TYPE
|
|
SYNTAX INTEGER (0..315360000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The duration for which capture will be enabled..
|
|
Units are in seconds. Default: 120 seconds
|
|
duration value 0 indicate indefinite capture till the capture
|
|
is stopped.
|
|
Default: 120"
|
|
::= { pktCapCfgGrp 2 }
|
|
|
|
pktCapPmSpanPortForCapture OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Span linear port index for the capture:
|
|
ISM also needs to verify that port should be configured
|
|
as Span port.
|
|
Applicable only for port mode capture. Zero indicates no port assigned.
|
|
Default: 0"
|
|
::= { pktCapCfgGrp 3 }
|
|
|
|
|
|
pktCapFmLocation OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
manager (1),
|
|
tftpServer (2),
|
|
scpServer (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This will determine whether capture file is to be uploaded to manager, tftpServer or ScpServer.
|
|
Note :Applicable only for file mode capture
|
|
Default: manager"
|
|
::= {pktCapCfgGrp 4 }
|
|
|
|
pktCapFmMaxSize OBJECT-TYPE
|
|
SYNTAX INTEGER (1..100)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The size of the maximum capture file.
|
|
It will be configurable but to the maximum value
|
|
of sensor define limit.
|
|
Default: 100 MB for M8000, M6050, M4050, M3050
|
|
58 MB for N450, Wilson
|
|
40 MB for Eagle, Diablo
|
|
Note :Applicable only for file mode capture"
|
|
::= { pktCapCfgGrp 5 }
|
|
|
|
pktCapFmFUServerAddress OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(50))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"File Upload server IPv4 / IPv6 address.
|
|
Note :Applicable only for file mode capture"
|
|
::= { pktCapCfgGrp 6 }
|
|
|
|
|
|
pktCapFmFUFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the name of the file with the source path on the file upload server.
|
|
This is optional. If not set, the filename used will be of the format
|
|
'%DEVICE_NAME%-PacketCapture-%TimeStamp%.
|
|
Note :Applicable only for file mode capture"
|
|
::= { pktCapCfgGrp 7 }
|
|
|
|
pktCapFmFUSetting OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
manual (1),
|
|
automatic (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This option will determine whether user needs to
|
|
initiate the file upload or it will be done automatically.
|
|
Default: automatic
|
|
Note :Applicable only for file mode capture"
|
|
::= {pktCapCfgGrp 8 }
|
|
|
|
pktCapFilterFileName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet Capture Filter File Name send by NSM using secure TFTP channel"
|
|
::= {pktCapCfgGrp 9 }
|
|
|
|
|
|
pktCapFilterFileTimeStamp OBJECT-TYPE
|
|
SYNTAX INTEGER (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet Capture FilterFile creationTimeStamp"
|
|
::= {pktCapCfgGrp 10 }
|
|
|
|
pktCapFmSCPUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"SCP Server Username.
|
|
Note :Applicable only for file mode capture and upload method is SCP"
|
|
::= {pktCapCfgGrp 12 }
|
|
|
|
pktCapFmSCPPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"SCP Server Password.
|
|
Note :Applicable only for file mode capture and upload method is SCP"
|
|
::= {pktCapCfgGrp 13 }
|
|
|
|
|
|
pktCapCommandGrp OBJECT IDENTIFIER ::= { pktCapCfgGrp 11 }
|
|
|
|
pktCapCmd OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
start (1),
|
|
stop (2),
|
|
delete-filter-file(3),
|
|
cancel(4),
|
|
delete-pcap-file(5)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to start/stop packet capture feature and also
|
|
to delete filter file.
|
|
Default: stop"
|
|
::= {pktCapCommandGrp 1 }
|
|
|
|
pktCapStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
running (1),
|
|
not-running (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to access packet capture Status.
|
|
Default: idle"
|
|
::= {pktCapCommandGrp 2 }
|
|
|
|
packetCaptureFmFUControl OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
start (1),
|
|
stop (2),
|
|
upload-to-NSM (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to control manual upload of the file.
|
|
Note :Applicable only for file mode capture
|
|
Default: stop"
|
|
::= {pktCapCommandGrp 3 }
|
|
|
|
packetCaptureFmFileStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
fileUploadInProgress (1),
|
|
fileExistNotUploaded (2),
|
|
fileNotExist (3),
|
|
fileUploadFailed (4),
|
|
fileUploadDone (5),
|
|
fileUploadNotStarted (6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet Capture File status.
|
|
Note :Applicable only for file mode capture
|
|
Default : fileUploadNotStarted"
|
|
::= {pktCapCommandGrp 4 }
|
|
|
|
packetCaptureFmTest OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
start (1),
|
|
stop (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to test packet capture file upload function.
|
|
Note :Applicable only for file mode capture
|
|
Default: stop"
|
|
::= {pktCapCommandGrp 5 }
|
|
|
|
packetCaptureFmTestStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
success (1),
|
|
failure (2),
|
|
resultNotValid (3),
|
|
fileUploadServerConnectFailure (4),
|
|
fileUploadServerConnectTimeout (5),
|
|
fileUploadServerAuthenticationFailure (6),
|
|
fileUploadInProgress (7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet Capture File upload test status.
|
|
Note :Applicable only for file mode capture
|
|
Default : resultNotValid"
|
|
::= {pktCapCommandGrp 6 }
|
|
|
|
dnsCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 36 }
|
|
|
|
priDNSServerIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of the primary DNS server."
|
|
::= { dnsCfgGrp 1 }
|
|
|
|
secDNSServerIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of the secondary DNS server."
|
|
::= { dnsCfgGrp 2 }
|
|
|
|
priDNSServerIpV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPV6 address of the primary DNS server."
|
|
::= { dnsCfgGrp 3 }
|
|
|
|
secDNSServerIpV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPV6 address of the secondary DNS server."
|
|
::= { dnsCfgGrp 4 }
|
|
|
|
dnsSearchList OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..1024))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This specifies the space separated list of search suffix for DNS lookup"
|
|
::= { dnsCfgGrp 5 }
|
|
|
|
|
|
|
|
|
|
|
|
--
|
|
-- This table has entries for layer7DCap Table.
|
|
--
|
|
|
|
layer7DCapConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 37 }
|
|
|
|
layer7DCapPercentageOfFlows OBJECT-TYPE
|
|
SYNTAX INTEGER (1..100)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies percentage of flows allocated for L7 Dcap when
|
|
layer7 DCap feature is enabled."
|
|
::= { layer7DCapConfigGrp 1 }
|
|
|
|
layer7DCapBuffSize OBJECT-TYPE
|
|
SYNTAX INTEGER (128..1500)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the size of the buffer to be captured when L7 Dap feature is enabled .
|
|
. Default: 1500"
|
|
::= { layer7DCapConfigGrp 2 }
|
|
|
|
|
|
layer7DCapMaxSupportedFlows OBJECT-TYPE
|
|
SYNTAX INTEGER (1..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies maximum number of flows supported for L7 Dcap when L7 Dap feature is enabled ."
|
|
::= { layer7DCapConfigGrp 3 }
|
|
|
|
|
|
interfacePhysicalPortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 38 }
|
|
|
|
intfPhysicalPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IntfPhysicalPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each interface physical port (indexed via intfPhysicalPortIndex)
|
|
on each sensor card (indexed via appropriate slotIndex).
|
|
|
|
This table contains Trellix specific configuration objects.
|
|
Tables that contain MIB objects borrowed from MIB-II are in the
|
|
TRELLIX-SENSOR-PERF-MIB."
|
|
::= { interfacePhysicalPortGrp 1 }
|
|
|
|
intfPhysicalPortEntry OBJECT-TYPE
|
|
SYNTAX IntfPhysicalPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each interface physical port on each IntruShield sensor card.
|
|
Indexed by slotIndex/intfPhysicalPortIndex"
|
|
INDEX { slotIndex,
|
|
intfPhysicalPortIndex }
|
|
::= { intfPhysicalPortTable 1 }
|
|
|
|
IntfPhysicalPortEntry ::= SEQUENCE {
|
|
intfPhysicalPortIfDescr
|
|
DisplayString,
|
|
intfPhysicalPortIfType
|
|
TrellixIDSPortType,
|
|
intfPhysicalPortIfAdminStatus
|
|
INTEGER,
|
|
intfPhysicalPortIfOperStatus
|
|
INTEGER,
|
|
intfPhysicalPortEnableFullDuplex
|
|
TruthValue,
|
|
intfPhysicalPortSpeed
|
|
INTEGER,
|
|
intfPhysicalPortSpeedConfig
|
|
TrellixPortSpeed, -- was TrellixFEType, now deprecated
|
|
intfPhysicalPortIsMcafeeConnector
|
|
TruthValue,
|
|
intfPhysicalPortAllowAnyConnector
|
|
TruthValue,
|
|
intfPhysicalPortCageType
|
|
INTEGER,
|
|
intfPhysicalPortGetMediaType
|
|
INTEGER,
|
|
intfPhysicalPortSetMediaType
|
|
INTEGER,
|
|
intfPhysicalPortMonPortIpAddress
|
|
IpAddress,
|
|
intfPhysicalPortMonPortNetMask
|
|
IpAddress,
|
|
intfPhysicalPortGatewayIpAddress
|
|
IpAddress,
|
|
intfPhysicalPortNbadConfigStatus
|
|
TruthValue,
|
|
intfPhysicalPortVlanId
|
|
Integer32,
|
|
intfPhysicalPortLBSerialNumber
|
|
DisplayString,
|
|
intfPhysicalPortLBPortNumber
|
|
Integer32,
|
|
intfPhysicalPortConnectorType
|
|
INTEGER,
|
|
intfPhysicalPortLinearIndex
|
|
TrellixPortLinearIndex
|
|
}
|
|
intfPhysicalPortIfDescr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing information about the interface.
|
|
Returns the string that is printed on the box."
|
|
::= { intfPhysicalPortEntry 1 }
|
|
|
|
intfPhysicalPortIfType OBJECT-TYPE
|
|
SYNTAX TrellixIDSPortType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of interface, distinguished according to the
|
|
physical/link protocol(s) immediately 'below' the network
|
|
layer in the protocol stack.
|
|
|
|
For brevity, Trellix options are as specified by the TC,
|
|
TrellixIDSPortType.
|
|
|
|
However, the SNMP MIB-II - Interfaces MIB specifies many more
|
|
valid options. See comments section for details.
|
|
"
|
|
::= { intfPhysicalPortEntry 2 }
|
|
|
|
intfPhysicalPortIfAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The desired state of the interface.
|
|
The testing(3) state indicates that no operational packets
|
|
can be passed.
|
|
|
|
Default: down"
|
|
::= { intfPhysicalPortEntry 3 }
|
|
intfPhysicalPortIfOperStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current operational state of the interface.
|
|
The testing(3) state indicates that no operational packets
|
|
can be passed.
|
|
|
|
Default: down"
|
|
::= { intfPhysicalPortEntry 4 }
|
|
|
|
intfPhysicalPortEnableFullDuplex OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Sets interface port to work as a full-duplex one.
|
|
Otherwise as half-duplex.
|
|
|
|
Default: True"
|
|
::= { intfPhysicalPortEntry 5 }
|
|
|
|
intfPhysicalPortSpeed OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
ten-Mbps (1),
|
|
hundred-Mbps (2),
|
|
one-Gbps(3), -- renamed from gig-Mbps
|
|
ten-Gbps(4) -- support in M-series only
|
|
}
|
|
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Get current speed/negotiation on the interface."
|
|
::= { intfPhysicalPortEntry 6 }
|
|
intfPhysicalPortSpeedConfig OBJECT-TYPE
|
|
SYNTAX TrellixPortSpeed -- was TrellixFEType, now deprecated
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Set desired speed/negotiation on the interface.
|
|
Default values are as follows:
|
|
I-Series -
|
|
fixed-hundred-Mbps (infinity/hichborn/2x00(1a-3b)
|
|
auto-gig-Mbps on 3000/4010/4000/2x00(4a,4b)
|
|
M-Series -
|
|
auto-ten-gig-Mbps on palomar/pyramid(1a-4b),auto-gig-Mbps(5a-8b)
|
|
Default: see above"
|
|
::= { intfPhysicalPortEntry 7 }
|
|
|
|
-- intfPhysicalPortIsMcafeeConnector support in M-series sensor only
|
|
intfPhysicalPortIsMcafeeConnector OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: connector is not inserted.
|
|
True: connector is inserted in port and McAfee certified.
|
|
False: connector is inserted and not McAfee certified. "
|
|
::= { intfPhysicalPortEntry 8 }
|
|
|
|
-- intfPhysicalPortAllowAnyConnector support in M-series sensor only
|
|
intfPhysicalPortAllowAnyConnector OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Permit usage of any connector for port.
|
|
False: Restrict usage to McAfee certified connector only.
|
|
Default: False"
|
|
::= { intfPhysicalPortEntry 9 }
|
|
-- intfPhysicalPortCageType support in M-series sensor only
|
|
intfPhysicalPortCageType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
rJ-45 (1),
|
|
rJ-11 (2),
|
|
gBIC (3),
|
|
sFP (4),
|
|
xFP (5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Physical connector cage type on sensor chassis panel."
|
|
::= { intfPhysicalPortEntry 10 }
|
|
|
|
-- intfPhysicalPortGetMediaType support in M-series sensor only
|
|
intfPhysicalPortGetMediaType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none (0),
|
|
optical (1),
|
|
electrical (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Gets the media of the connector present in the port cage. None (0) if cage is empty."
|
|
::= { intfPhysicalPortEntry 11 }
|
|
|
|
-- intfPhysicalPortSetMediaType support in M-series sensor only
|
|
intfPhysicalPortSetMediaType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
optical(1),
|
|
electrical (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sets the media of the connector the user desired for the port.
|
|
Default: optical"
|
|
::= { intfPhysicalPortEntry 12 }
|
|
intfPhysicalPortMonPortIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve the IPv4 address of the monitoring port.
|
|
Default: 0.0.0.0"
|
|
::= { intfPhysicalPortEntry 13 }
|
|
|
|
intfPhysicalPortMonPortNetMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve netmask for the IPv4 address of the monitoring port.
|
|
Default: 0.0.0.0"
|
|
::= { intfPhysicalPortEntry 14 }
|
|
|
|
intfPhysicalPortGatewayIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve the IPv4 address of the gateway.
|
|
Default: 0.0.0.0"
|
|
::= { intfPhysicalPortEntry 15 }
|
|
|
|
intfPhysicalPortNbadConfigStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that flow record generation
|
|
to be sent to the NBAD server, is enabled over this monitoring port.
|
|
Default: False"
|
|
::= { intfPhysicalPortEntry 16 }
|
|
intfPhysicalPortVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2164326399)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object indicates the Vlan ID of the VLAN to which the monitoring
|
|
port is connected."
|
|
::= { intfPhysicalPortEntry 17 }
|
|
|
|
intfPhysicalPortLBSerialNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object indicates the manufacturer provided serial number of
|
|
the Load Balancer switch to which the sensor port is connected."
|
|
::= { intfPhysicalPortEntry 18 }
|
|
|
|
|
|
intfPhysicalPortLBPortNumber OBJECT-TYPE
|
|
SYNTAX Integer32 (1..16)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object returns the port number on the Load Balancer switch to
|
|
which the sensor port is connected."
|
|
::= { intfPhysicalPortEntry 19 }
|
|
|
|
-- intfPhysicalPortConnectorType support in R-series sensor only
|
|
intfPhysicalPortConnectorType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
qSFP (1),
|
|
sFP-plus (2),
|
|
sFP-fiber (3),
|
|
sFP-copper (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Physical connector type plugged into the port cage."
|
|
::= { intfPhysicalPortEntry 20 }
|
|
|
|
intfPhysicalPortLinearIndex OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object indicates the Linear Index of the monitoring port. This index is
|
|
generated by the sensor appliance using the pair of slot index and the port index values.
|
|
The other MIB tables would directly use this linear index, whereever applicable."
|
|
::= { intfPhysicalPortEntry 21 }
|
|
|
|
--
|
|
-- This group has entries for GTI configuration.
|
|
--
|
|
|
|
gtiConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 39 }
|
|
|
|
gtiProxyServerName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The proxy server name is the domain name of the HTTP proxy
|
|
server in front of the sensor. It looks like www.company.com.
|
|
It can also be the IP address of the HTTP proxy server.
|
|
0.0.0.0 is the default value"
|
|
::= { gtiConfigGrp 1 }
|
|
|
|
gtiProxyPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..10000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCP Port on which the HTTP proxy server is listening.
|
|
0 is the default value"
|
|
::= { gtiConfigGrp 2 }
|
|
|
|
gtiProxyUsername OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The username to be used to connect to the HTTP proxy server."
|
|
::= { gtiConfigGrp 3 }
|
|
|
|
gtiProxyPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The password to be used to connect to the HTTP proxy server."
|
|
::= { gtiConfigGrp 4 }
|
|
|
|
gtiConfigPrivateCloudGrp OBJECT IDENTIFIER ::= { gtiConfigGrp 5 }
|
|
|
|
gtiPrivateCloudServerIPAddressType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Identifies the type of GTI Private Cloud Server IP Address. If set to ip-v4, then the
|
|
gtiPrivateCloudServerIPv4Address object would be set else if this object is set to ip-v6, then
|
|
the gtiPrivateCloudServerIPv6Address object would be set. "
|
|
::= { gtiConfigPrivateCloudGrp 1 }
|
|
|
|
gtiPrivateCloudServerIPv4Address OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv4 address of the GTI Private Cloud server.
|
|
The gtiPrivateCloudServerIPv6Address would be zero if the current object is initialized."
|
|
::= { gtiConfigPrivateCloudGrp 2 }
|
|
|
|
gtiPrivateCloudServerIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv6 address of the GTI Private Cloud server.
|
|
The gtiPrivateCloudServerIPv4Address would be zero if the current object is initialized."
|
|
::= { gtiConfigPrivateCloudGrp 3 }
|
|
|
|
gtiPrivateCloudServerConnectionConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2),
|
|
reconnect (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable or disable or reconnect the Connection with
|
|
the GTI Private Cloud Server.
|
|
Default: 2, disable"
|
|
::= { gtiConfigPrivateCloudGrp 4 }
|
|
|
|
gtiPrivateCloudServerDeleteCertificate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
delete (1),
|
|
dont-delete (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to delete the GTI Private Cloud Server Certificate at the sensor.
|
|
For deleting this certificate, the gtiPrivateCloudServerConnectionConfig should be
|
|
disabled. DEFAULT: 2, dont-delete"
|
|
::= { gtiConfigPrivateCloudGrp 5 }
|
|
|
|
gtiPrivateCloudServerCertificateStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
present (1),
|
|
not-Present (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the GTI Private Cloud server
|
|
certificate status at the sensor"
|
|
::= { gtiConfigPrivateCloudGrp 6 }
|
|
|
|
gtiPrivateCloudChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
gtiPrivateCloud-TrustedSource-Channel-Down (0),
|
|
gtiPrivateCloud-TrustedSource-Channel-InProgress (1),
|
|
gtiPrivateCloud-TrustedSource-Channel-Established (2),
|
|
gtiPrivateCloud-TrustedSource-Channel-Status-Unknown (3),
|
|
gtiPrivateCloud-TrustedSource-Channel-Down-Error-In-Cert-ret(4),
|
|
gtiPrivateCloud-Network-Issue (5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the gtiPrivateCloud channel status at
|
|
the sensor"
|
|
::= { gtiConfigPrivateCloudGrp 7 }
|
|
|
|
gtiUnifiedConfigGrp OBJECT IDENTIFIER ::= { gtiConfigGrp 6 }
|
|
|
|
gtiFileRESTGTIType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
private-gti-server (1),
|
|
public-gti-server (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send type of GTI server to use for file reputation feature.
|
|
DEFAULT: 2, public-gti-server"
|
|
::= { gtiUnifiedConfigGrp 1 }
|
|
|
|
gtiFileRESTPublicGTIFQDN OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send Name Server or FQDN of File Rep GTI server.
|
|
Default value is NULL"
|
|
::= { gtiUnifiedConfigGrp 2 }
|
|
|
|
gtiFileRESTUsername OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send username for configured GTI server.
|
|
It should be sent in both cases, public server and private server.
|
|
Default value is NULL"
|
|
::= { gtiUnifiedConfigGrp 3 }
|
|
|
|
gtiFileRESTPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send password for configured GTI server.
|
|
It should be sent in both cases, public server and private server.
|
|
Default value is NULL"
|
|
::= { gtiUnifiedConfigGrp 4 }
|
|
|
|
gtiFileRESTConnectionConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
connect-private-gti-server (1),
|
|
connect-public-gti-server (2),
|
|
reconnect-private-gti-server (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send action to take with the recieved config.
|
|
Value 1 will be sent when config is changed to private GTI server first time.
|
|
Value 2 will be sent when config is changed to public GTI server.
|
|
Value 3 will be sent when private GTI server config is changed, given that
|
|
private GTI server is enabled already. Default value: 2"
|
|
::= { gtiUnifiedConfigGrp 5 }
|
|
|
|
gtiFileRESTPvtGTIIPType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
fqdn (1),
|
|
ipv4 (4),
|
|
ipv6 (6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send address type of configured GTI server.
|
|
Default value: 4, IPv4"
|
|
::= { gtiUnifiedConfigGrp 6 }
|
|
|
|
gtiFileRESTPvtGTIIPv4Address OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv4 address of the GTI File-Rep REST Cloud server.
|
|
The gtiFileRESTPvtGTIIPV6Address would be zero if the current object is initialized.
|
|
Default Value: NULL"
|
|
::= { gtiUnifiedConfigGrp 7 }
|
|
|
|
gtiFileRESTPvtGTIIPV6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv6 address of the GTI File-Rep REST Cloud server.
|
|
The gtiFileRESTPvtGTIIPv4Address would be zero if the current object is initialized.
|
|
Default Value: NULL"
|
|
::= { gtiUnifiedConfigGrp 8 }
|
|
|
|
ntpConfigGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 40 }
|
|
ntpConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF NtpConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each NTP(Network Time Protocol) server that is specified (indexed via ntpServerIndex).
|
|
A maximum of two entries will be supported. Valid ntpServerIndex values are 1 and 2."
|
|
::= { ntpConfigGrp 1 }
|
|
|
|
ntpConfigEntry OBJECT-TYPE
|
|
SYNTAX NtpConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry comprises the ntp client side configuration for each of the ntp servers specified."
|
|
INDEX { ntpServerIndex }
|
|
::= { ntpConfigTable 1 }
|
|
|
|
NtpConfigEntry ::= SEQUENCE {
|
|
ntpConfigServerIPv4
|
|
IpAddress,
|
|
ntpConfigServerIPv6
|
|
Ipv6Address,
|
|
ntpConfigPollInterval
|
|
INTEGER,
|
|
ntpConfigAuthenticationEnable
|
|
TruthValue,
|
|
ntpConfigKeyId
|
|
Integer32,
|
|
ntpConfigKeyType
|
|
INTEGER,
|
|
ntpConfigKeyValue
|
|
OCTET STRING
|
|
}
|
|
ntpConfigServerIPv4 OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to specify the IPv4 address of the remote NTP server.
|
|
Default: 0.0.0.0"
|
|
::= { ntpConfigEntry 1 }
|
|
|
|
ntpConfigServerIPv6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to specify the IPv6 address of the remote NTP server."
|
|
::= { ntpConfigEntry 2 }
|
|
|
|
ntpConfigPollInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (3..17)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the minimum poll interval.
|
|
The value which is received represents the exponent of 2. If the received value is
|
|
x then NTPD daemon process will calculate the min poll as 2^x seconds.
|
|
Default: 6"
|
|
|
|
::= { ntpConfigEntry 3 }
|
|
|
|
ntpConfigAuthenticationEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies if ntp server authentication is enabled or not for the specified
|
|
ntp server.
|
|
False : Authentication Disable
|
|
True : Authentication Enable
|
|
Default: False"
|
|
|
|
::= { ntpConfigEntry 4 }
|
|
|
|
ntpConfigKeyId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65534)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object specifies the key id for the corresponding association between an
|
|
ntp server and ntp client. This object is used only if ntp server authentication is enabled.
|
|
Default: 1"
|
|
::= { ntpConfigEntry 5 }
|
|
|
|
ntpConfigKeyType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
md5 (1),
|
|
sha (2),
|
|
sha1 (3),
|
|
not-supported (4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the key type for the corresponding key id. This object is used
|
|
only if ntp server authentication is enabled.
|
|
Default: MD5(1)"
|
|
::= { ntpConfigEntry 6 }
|
|
|
|
ntpConfigKeyValue OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the symmetric key value for the corresponding key id. This object
|
|
is used only if ntp server authentication is enabled."
|
|
::= { ntpConfigEntry 7 }
|
|
|
|
ntpConfigFileCreate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
stop-ntpd (0),
|
|
start-ntpd (1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to (create ntp.conf file and start)/(stop) ntpd process.
|
|
Default: stop-ntpd (0)"
|
|
::= { ntpConfigGrp 2 }
|
|
|
|
-- This group conatins all MIB objects that specify the configuration of
|
|
-- the IntruShield pluggable modules.
|
|
--
|
|
-- The object pluggableModuleTable within this group suggests that the MIB is
|
|
-- designed to support pluggable modules that can contain more than one interface
|
|
-- port.
|
|
--
|
|
-- Support for pluggableModuleGrp is deprecated in V-series sensors(VmIPS).
|
|
pluggableModuleGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 41 }
|
|
|
|
pluggableModuleTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PluggableModuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each pluggable Module (indexed via slotIndex)."
|
|
::= { pluggableModuleGrp 1 }
|
|
|
|
pluggableModuleEntry OBJECT-TYPE
|
|
SYNTAX PluggableModuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each pluggable module on each IntruShield sensor
|
|
card. Indexed by slotIndex"
|
|
INDEX { slotIndex }
|
|
::= { pluggableModuleTable 1 }
|
|
|
|
PluggableModuleEntry ::= SEQUENCE {
|
|
moduleSerialNumber
|
|
DisplayString,
|
|
moduleSysType
|
|
TrellixPluggableModuleType,
|
|
modulePresent
|
|
TruthValue,
|
|
moduleNumPorts
|
|
INTEGER,
|
|
moduleRebootRequired
|
|
TruthValue
|
|
}
|
|
|
|
moduleSerialNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object describes the Manufacturer-provided serial number
|
|
of the pluggable module."
|
|
::= { pluggableModuleEntry 1 }
|
|
|
|
moduleSysType OBJECT-TYPE
|
|
SYNTAX TrellixPluggableModuleType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object describes the type of the module plugged in."
|
|
::= { pluggableModuleEntry 2 }
|
|
|
|
modulePresent OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Indicates the module is present.
|
|
Otherwise not present.
|
|
Default: False"
|
|
::= { pluggableModuleEntry 3}
|
|
|
|
moduleNumPorts OBJECT-TYPE
|
|
SYNTAX INTEGER (0..12)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object returns the number of ports in this module."
|
|
::= { pluggableModuleEntry 4 }
|
|
|
|
moduleRebootRequired OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object returns whether a reboot is needed to apply the module.
|
|
Default: False"
|
|
::= { pluggableModuleEntry 5 }
|
|
|
|
|
|
--
|
|
-- insightixNetworkGrp
|
|
--
|
|
|
|
insightixNetworkGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 42 }
|
|
|
|
insightixCfgGrp OBJECT IDENTIFIER ::= { insightixNetworkGrp 1 }
|
|
|
|
ldapServerIPAddressType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Identifies the type of Insightix LDAP server IPAddress. If set to ip-v4, then the
|
|
ldapServerIpv4Address object would be set else if this object is set to ip-v6, then
|
|
the ldapServerIpv6Address object would be set. "
|
|
::= { insightixCfgGrp 1 }
|
|
|
|
ldapServerIPv4Address OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IPv4 address of the Insightix LDAP server"
|
|
::= { insightixCfgGrp 2 }
|
|
|
|
ldapServerIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 Address of the Insightix LDAP server."
|
|
::= { insightixCfgGrp 3 }
|
|
|
|
ldapServerPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ldap server listener port on the insightix server. If SSL is enabled, the standard portnum is 636,
|
|
else if ssl is disabled, the standard portnum is 389.
|
|
Default: 636"
|
|
::= { insightixCfgGrp 4 }
|
|
|
|
ldapServerSSLConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies if SSL is enabled for insightix ldap server.
|
|
Default: 1, enable"
|
|
::= { insightixCfgGrp 5 }
|
|
|
|
ldapServerBaseDN OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(3..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Base Distinguished Name to be used for retrieving device profile information from the Insightix ldap server.
|
|
Default : dc=insightix"
|
|
::= { insightixCfgGrp 6 }
|
|
|
|
ldapServerUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(3..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"UserName to be used for authenticating to the Insightix ldap server."
|
|
::= { insightixCfgGrp 7 }
|
|
|
|
ldapServerPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(3..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Password to be used for authenticating to the Insightix ldap server."
|
|
::= { insightixCfgGrp 8 }
|
|
|
|
ldapServerConfigAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object describes about the sensor's possible configuration actions with the insightix ldap server.
|
|
Default: 2, disable"
|
|
::= { insightixCfgGrp 9 }
|
|
|
|
ldapServerConfigStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disConnected (1),
|
|
inProgress (2),
|
|
connected (3),
|
|
sslError(4),
|
|
baseDNError(5),
|
|
credError(6),
|
|
ldapServerError(7),
|
|
ldapServerTimeoutError(8),
|
|
ldapServerConnectionError(9)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This describes the sensor's possible insightix ldap server configuration states.
|
|
Default : deinstalled (4)"
|
|
::= { insightixCfgGrp 10 }
|
|
|
|
--------------------------------------------------
|
|
|
|
--
|
|
-- ntbaChannelCfgGrp
|
|
--
|
|
|
|
ntbaChannelCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 43 }
|
|
|
|
ntbaServerIPAddressType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IP address type of the
|
|
mgmt port at the NTBA end"
|
|
::= { ntbaChannelCfgGrp 1 }
|
|
|
|
ntbaServerIPv4Address OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv4 address of the NTBA server.
|
|
The ntbaServerIPv6Address would be zero if the current object is initialized"
|
|
::= { ntbaChannelCfgGrp 2 }
|
|
|
|
ntbaServerIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv6 address of the NTBA server.
|
|
The ntbaServerIPv4Address would be zero if the current object is initialized"
|
|
::= { ntbaChannelCfgGrp 3 }
|
|
|
|
ntbaServerPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the NTBA Server Listening TCP port
|
|
Default: 8505"
|
|
::= { ntbaChannelCfgGrp 4 }
|
|
|
|
ntbaServerConnectionConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable or disable the TCP Connection with
|
|
the NTBA server
|
|
Default: 2, disable"
|
|
::= { ntbaChannelCfgGrp 5 }
|
|
|
|
ntbaServerDeleteCertificate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
delete (1),
|
|
dont-delete (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to delete the ntba Server Certificate at the sensor.
|
|
For deleting this certificate, the ntbaServerConnectionConfig should be
|
|
disabled. DEFAULT: 2, dont-delete"
|
|
::= { ntbaChannelCfgGrp 6 }
|
|
|
|
ntbaServerCertificateStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
present (1),
|
|
not-present (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the NTBA server certificate status at
|
|
the sensor"
|
|
::= { ntbaChannelCfgGrp 7 }
|
|
|
|
ntbaShdKeySHAValue OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the SHA1 hashed value of sensor name and sensormodel from NSM"
|
|
::= { ntbaChannelCfgGrp 8 }
|
|
|
|
ntbaChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ntba-Channel-Down (0),
|
|
ntba-Channel-InProgress (1),
|
|
ntba-Channel-Established (2),
|
|
ntba-Channel-Status-Unknown (3),
|
|
ntba-Cert-Mismatch (4),
|
|
ntba-Hash-Mismatch (5),
|
|
ntba-Network-Issue (6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the NTBA SSL channel status at
|
|
the sensor"
|
|
::= { ntbaChannelCfgGrp 9 }
|
|
|
|
--------------------------------------------------
|
|
|
|
--
|
|
-- validEdgeChannelCfgGrp
|
|
--
|
|
|
|
validEdgeChannelCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 44 }
|
|
|
|
validEdgeServerIPAddressType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IP address type of the
|
|
mgmt port at the validEdge end"
|
|
::= { validEdgeChannelCfgGrp 1 }
|
|
|
|
validEdgeServerIPv4Address OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv4 address of the validEdge server.
|
|
The validEdgeServerIPv6Address would be zero if the current object is initialized"
|
|
::= { validEdgeChannelCfgGrp 2 }
|
|
|
|
validEdgeServerIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv6 address of the validEdge server.
|
|
The validEdgeServerIPv4Address would be zero if the current object is initialized"
|
|
::= { validEdgeChannelCfgGrp 3 }
|
|
|
|
validEdgeServerPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the validEdge Server Listening TCP port
|
|
Default: 8505"
|
|
::= { validEdgeChannelCfgGrp 4 }
|
|
|
|
validEdgeServerConnectionConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable or disable the TCP Connection with
|
|
the validEdge server
|
|
Default: 2, disable"
|
|
::= { validEdgeChannelCfgGrp 5 }
|
|
|
|
validEdgeServerDeleteCertificate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
delete (1),
|
|
dont-delete (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to delete the validEdge Server Certificate at the sensor.
|
|
For deleting this certificate, the validEdgeServerConnectionConfig should be
|
|
disabled. DEFAULT: 2, dont-delete"
|
|
::= { validEdgeChannelCfgGrp 6 }
|
|
|
|
validEdgeServerCertificateStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
present (1),
|
|
not-present (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the validEdge server certificate status at
|
|
the sensor"
|
|
::= { validEdgeChannelCfgGrp 7 }
|
|
|
|
validEdgeShdKeySHAValue OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object contains the SHA1 hashed value of sensor name and sensormodel from NSM"
|
|
::= { validEdgeChannelCfgGrp 8 }
|
|
|
|
validEdgeChannelStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
validEdge-Channel-Down (0),
|
|
validEdge-Channel-InProgress (1),
|
|
validEdge-Channel-Established (2),
|
|
validEdge-Channel-Status-Unknown (3),
|
|
validEdge-Cert-Mismatch (4),
|
|
validEdge-Hash-Mismatch (5),
|
|
validEdge-Network-Issue (6),
|
|
validEdge-Channel-Down-Error-In-Cert-ret(7),
|
|
validEdge-Channel-Down-No-Config(8),
|
|
validEdge-Channel-Down-Wrong-Config(9),
|
|
validEdge-Channel-Down-Cert-Absent(10),
|
|
validEdge-Channel-SSL-HandShake-Fail(11),
|
|
validEdge-Channel-Down-Reason-Unknown(12),
|
|
validEdge-Channel-Down-Config-Disable(13),
|
|
validEdge-Channel-Down-Closed-By-NTBA(14),
|
|
validEdge-Channel-Down-Large-Pkt-From-NTBA(15),
|
|
validEdge-Channel-Down-Missed-KeepAlives(16),
|
|
validEdge-Channel-Up-No-Reason(17)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the validEdge SSL channel status at
|
|
the sensor"
|
|
::= { validEdgeChannelCfgGrp 9 }
|
|
|
|
validEdgeChannelGlobalUserId OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure global matd user id/profile id assigned to a sensor."
|
|
::= { validEdgeChannelCfgGrp 10 }
|
|
|
|
|
|
validEdgeChannelGlobalUserName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object is used to configure global matd user name/profile name assigned to a sensor."
|
|
::= { validEdgeChannelCfgGrp 11 }
|
|
|
|
|
|
--------------------------------------------------
|
|
|
|
--
|
|
-- dxlCfgGrp
|
|
--
|
|
|
|
dxlCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 45 }
|
|
|
|
dxlConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Option to enable(1) or dissable(2) the DXL on Sensor."
|
|
::= {dxlCfgGrp 1 }
|
|
|
|
epoCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 46 }
|
|
|
|
epoIPAddressType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Identifies the type of EPO IPAddress. If set to ip-v4, then the epoIPAddress object
|
|
would be set else if this object is set to ip-v6, then the epoIPv6Address object
|
|
would be set."
|
|
::= { epoCfgGrp 1 }
|
|
|
|
epoIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IPv4 Address of the EPO Server"
|
|
::= { epoCfgGrp 2 }
|
|
|
|
epoIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 Address of a EPO Server"
|
|
::= { epoCfgGrp 3 }
|
|
|
|
epoPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The EPO port through which MA connects to EPO Server Default: 8443"
|
|
::= { epoCfgGrp 4 }
|
|
|
|
epoCredUsername OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(3..100))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"EPO server :username"
|
|
::= { epoCfgGrp 5 }
|
|
|
|
epoCredPasswd OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(3..100))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"EPO server :Password"
|
|
::= { epoCfgGrp 6 }
|
|
|
|
epoAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
connect (1),
|
|
disconnect (2),
|
|
reconnect (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This config object indicates the epo action (1-Connect, 2-Disconnect, 3-Reconnect) to be taken
|
|
by all the dependent modules in the sensor."
|
|
::= { epoCfgGrp 7 }
|
|
|
|
--User authentication using RADIUS
|
|
|
|
radiusAuthGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 47 }
|
|
|
|
radiusAuthConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This action object can be used to enable/re-init or disable user authentication using RADIUS.
|
|
The value of 'True/Enable' would be interpreted as 're-init', when the configuration is already set to True/Enable.
|
|
Default: False (2)"
|
|
::= { radiusAuthGrp 1}
|
|
|
|
radiusPrimaryServerIPAddrType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Identifies the type of IPAddress of the Primary Radius Server. If set to ip-v4, then the radiusPrimaryServerIPAddr object
|
|
would be set else if this object is set to ip-v6, then the radiusPrimaryServerIPv6Addr object
|
|
would be set."
|
|
::= { radiusAuthGrp 2 }
|
|
|
|
radiusPrimaryServerIPAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the IPv4 Address of the Primary RADIUS server"
|
|
::= { radiusAuthGrp 3 }
|
|
|
|
radiusPrimaryServerIPv6Addr OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the IPv6 Address of the Primary RADIUS Server"
|
|
::= { radiusAuthGrp 4 }
|
|
|
|
|
|
radiusPrimaryServerEncrSecret OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..64))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the secret to be used in generating the encrypted RADIUS traffic between the client and Primary Radius Server"
|
|
::= { radiusAuthGrp 5}
|
|
|
|
radiusPriServerAuthPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the port on which Primary RADIUS Server is listening for authentication requests.
|
|
Default: 1812"
|
|
::= { radiusAuthGrp 6}
|
|
|
|
radiusPriServerAccConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies whether accounting has to be enabled on the Primary Radius Server or not.
|
|
Default: True (1)"
|
|
::= { radiusAuthGrp 7}
|
|
|
|
radiusPriServerAccPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the port on which Primary RADIUS Server is listening for accounting requests.
|
|
Default: 1813"
|
|
::= { radiusAuthGrp 8}
|
|
|
|
radiusPriServerConnTimeOut OBJECT-TYPE
|
|
SYNTAX INTEGER (1..60)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the time in seconds the client has to wait before it can contact the Backup RADIUS Server in case the Primary RADIUS Server fails.
|
|
Default: 6"
|
|
::= { radiusAuthGrp 9}
|
|
|
|
radiusBackupServerIPAddrType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the IP Address Type of the Backup RADIUS server"
|
|
::= { radiusAuthGrp 10 }
|
|
|
|
|
|
radiusBackupServerIPAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the IPv4 Address of the Backup RADIUS server"
|
|
::= { radiusAuthGrp 11 }
|
|
|
|
radiusBackupServerIPv6Addr OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the IPv6 Address of the Backup RADIUS Server"
|
|
::= { radiusAuthGrp 12 }
|
|
|
|
radiusBackupServerEncrSecret OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..256))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the secret to be used in generating the encrypted RADIUS traffic between the client and Backup Radius Server"
|
|
::= { radiusAuthGrp 13 }
|
|
|
|
radiusBackupServerAuthPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the port on which Backup RADIUS Server is listening for authentication requests.
|
|
Default: 1812"
|
|
::= { radiusAuthGrp 14}
|
|
|
|
radiusBackupServerAccConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies whether accounting has to be enabled on the Backup Radius Server or not.
|
|
Default: True (1)"
|
|
::= { radiusAuthGrp 15}
|
|
|
|
radiusBackupServerAccPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the port on which Backup RADIUS Server is listening for accounting requests.
|
|
Default: 1813"
|
|
::= { radiusAuthGrp 16}
|
|
|
|
radiusBackupServerConnTimeOut OBJECT-TYPE
|
|
SYNTAX INTEGER (1..60)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the time in seconds before which the the sensor decides that the Backup server is not responding.
|
|
Default: 6"
|
|
::= { radiusAuthGrp 17}
|
|
|
|
|
|
sshAccessGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 48 }
|
|
|
|
sshAccessCfgGrp OBJECT IDENTIFIER ::= { sshAccessGrp 1 }
|
|
|
|
sshAccessControlStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable ssh access control list for ipv4.
|
|
Default: false (2)"
|
|
::= {sshAccessCfgGrp 1 }
|
|
|
|
sshAccessControlResetIpv4 OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to to delete/reset the ssh access ipv4 contol list.
|
|
Default: false (2)"
|
|
::= {sshAccessCfgGrp 2 }
|
|
|
|
sshAccessLogSupport OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to enable/disable ssh access messages logging support.
|
|
Default: false (2)"
|
|
::= {sshAccessCfgGrp 3 }
|
|
|
|
sshAccessControlResetIpv6 OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to delete/reset ssh access control list for ipv6.
|
|
Default: false (2)"
|
|
::= {sshAccessCfgGrp 4 }
|
|
|
|
sshAccessNumIpv4Entries OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object ranges from 1 to 100, as only a maximum of 100 entries are supported."
|
|
::= { sshAccessGrp 2 }
|
|
|
|
|
|
sshAccessIpTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SSHAccessIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { sshAccessGrp 3 }
|
|
|
|
sshAccessIpEntry OBJECT-TYPE
|
|
SYNTAX SSHAccessIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <sshIpv4Index>. "
|
|
INDEX { sshIpv4Index }
|
|
::= { sshAccessIpTable 1 }
|
|
|
|
SSHAccessIpEntry ::= SEQUENCE {
|
|
sshIpv4Index
|
|
INTEGER,
|
|
sshIpAddress
|
|
IpAddress,
|
|
sshMaskIpv4
|
|
INTEGER,
|
|
sshAccessIpConfig
|
|
RowStatus
|
|
}
|
|
|
|
sshIpv4Index OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object sshIpv4Index ranges from 1 to 100, It support only 100 entries."
|
|
::= { sshAccessIpEntry 1 }
|
|
|
|
sshIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP Address of a SSH Access Control(ipv4)."
|
|
::= { sshAccessIpEntry 2 }
|
|
|
|
sshMaskIpv4 OBJECT-TYPE
|
|
SYNTAX INTEGER (1..32)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mask of a SSH Access Control(ipv4)."
|
|
::= { sshAccessIpEntry 3 }
|
|
|
|
sshAccessIpConfig OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table."
|
|
::= { sshAccessIpEntry 4 }
|
|
|
|
sshAccessNumIpv6Entries OBJECT-TYPE
|
|
SYNTAX INTEGER (0..100)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object ranges from 1 to 100, as only a maximum of 100 entries are supported."
|
|
::= { sshAccessGrp 4 }
|
|
|
|
sshAccessIpv6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SSHAccessIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { sshAccessGrp 5 }
|
|
|
|
sshAccessIpv6Entry OBJECT-TYPE
|
|
SYNTAX SSHAccessIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <sshIpv6Index>.
|
|
"
|
|
INDEX { sshIpv6Index }
|
|
::= { sshAccessIpv6Table 1}
|
|
|
|
SSHAccessIpv6Entry ::= SEQUENCE {
|
|
sshIpv6Index
|
|
INTEGER,
|
|
sshAccessIpv6Address
|
|
Ipv6Address,
|
|
sshAccessIpv6Mask
|
|
INTEGER,
|
|
sshAccessIpv6Config
|
|
RowStatus
|
|
}
|
|
|
|
sshIpv6Index OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object sshIpv6Index range from 1 to 100, It support max
|
|
100 entries"
|
|
::= { sshAccessIpv6Entry 1 }
|
|
|
|
|
|
sshAccessIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 address for the ssh access control list"
|
|
::= { sshAccessIpv6Entry 2 }
|
|
|
|
sshAccessIpv6Mask OBJECT-TYPE
|
|
SYNTAX INTEGER (1..128)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 Mask for the ssh access control list"
|
|
::= { sshAccessIpv6Entry 3 }
|
|
|
|
sshAccessIpv6Config OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table."
|
|
::= { sshAccessIpv6Entry 4 }
|
|
|
|
--------------------------------------------------
|
|
-- This group contains all MIB objects that specify the configuration of
|
|
-- pluggable modules for the VSS Switch Load Balancer to be used in conjunction with
|
|
-- existing MIB interfacePortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 11 } which will be used as virtual interface port group of VSS switch.
|
|
|
|
virtualPluggableModuleGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 49 }
|
|
|
|
moduleOneNumPorts OBJECT-TYPE
|
|
SYNTAX INTEGER (0..16)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object returns the number of ports in the first module of VSS Box.
|
|
To be used in conjunction with interfacePortGrp of { ivSensorConfigurationMIB 11 } to represent attributes of VSS switch virtual ports.
|
|
Default: 0 (If the module is not inserted)"
|
|
::= { virtualPluggableModuleGrp 1 }
|
|
|
|
moduleTwoNumPorts OBJECT-TYPE
|
|
SYNTAX INTEGER (0..16)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object returns the number of ports in the first module of VSS Box.
|
|
To be used in conjunction with interfacePortGrp of { ivSensorConfigurationMIB 11 } to represent attributes of VSS switch virtual ports.
|
|
Default: 0 (If the module is not inserted)"
|
|
::= { virtualPluggableModuleGrp 2 }
|
|
|
|
--------------------------------------------------
|
|
--
|
|
-- sslProbeAccessGrp
|
|
--
|
|
|
|
sslProbeAccessGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 51 }
|
|
|
|
sslProbeAccessCfgGrp OBJECT IDENTIFIER ::= { sslProbeAccessGrp 1 }
|
|
|
|
sslProbeAccessMaxAgentConn OBJECT-TYPE
|
|
SYNTAX INTEGER (1..1024)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configuration option to restrict the total number of connections
|
|
that the sensor can handle from the SSL Probes.
|
|
Default: 1024"
|
|
::= {sslProbeAccessCfgGrp 1 }
|
|
|
|
sslProbeAccessNumIpv4Entries OBJECT-TYPE
|
|
SYNTAX INTEGER (0..64)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object ranges from 1 to 64, as only a maximum of 64 entries are supported."
|
|
::= { sslProbeAccessGrp 2 }
|
|
|
|
|
|
sslProbeAccessIpTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SSLProbeAccessIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { sslProbeAccessGrp 3 }
|
|
|
|
sslProbeAccessIpEntry OBJECT-TYPE
|
|
SYNTAX SSLProbeAccessIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <sslProbeIpv4Index>. "
|
|
INDEX { sslProbeIpv4Index }
|
|
::= { sslProbeAccessIpTable 1 }
|
|
|
|
SSLProbeAccessIpEntry ::= SEQUENCE {
|
|
sslProbeIpAddress
|
|
IpAddress,
|
|
sslProbeMaskIpv4
|
|
INTEGER,
|
|
sslProbeAccessIpConfig
|
|
RowStatus
|
|
}
|
|
|
|
sslProbeIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP Address of a SSL Probe Access Control(ipv4)."
|
|
::= { sslProbeAccessIpEntry 1 }
|
|
|
|
sslProbeMaskIpv4 OBJECT-TYPE
|
|
SYNTAX INTEGER (1..32)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mask of a SSL Probe Access Control(ipv4)."
|
|
::= { sslProbeAccessIpEntry 2 }
|
|
|
|
sslProbeAccessIpConfig OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table."
|
|
::= { sslProbeAccessIpEntry 3 }
|
|
|
|
sslProbeAccessNumIpv6Entries OBJECT-TYPE
|
|
SYNTAX INTEGER (0..64)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object ranges from 1 to 64, as only a maximum of 64 entries are supported."
|
|
::= { sslProbeAccessGrp 4 }
|
|
|
|
sslProbeAccessIpv6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SSLProbeAccessIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
|
|
"
|
|
::= { sslProbeAccessGrp 5 }
|
|
|
|
sslProbeAccessIpv6Entry OBJECT-TYPE
|
|
SYNTAX SSLProbeAccessIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry specified is indexed by <sslProbeIpv6Index>.
|
|
"
|
|
INDEX { sslProbeIpv6Index }
|
|
::= { sslProbeAccessIpv6Table 1}
|
|
|
|
SSLProbeAccessIpv6Entry ::= SEQUENCE {
|
|
sslProbeAccessIpv6Address
|
|
Ipv6Address,
|
|
sslProbeAccessIpv6Mask
|
|
INTEGER,
|
|
sslProbeAccessIpv6Config
|
|
RowStatus
|
|
}
|
|
|
|
sslProbeAccessIpv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 address for the sslProbe access control list"
|
|
::= { sslProbeAccessIpv6Entry 1 }
|
|
|
|
sslProbeAccessIpv6Mask OBJECT-TYPE
|
|
SYNTAX INTEGER (1..128)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IPv6 Mask for the sslProbe access control list"
|
|
::= { sslProbeAccessIpv6Entry 2 }
|
|
|
|
sslProbeAccessIpv6Config OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object used for user to add and delete rows in to the table."
|
|
::= { sslProbeAccessIpv6Entry 3 }
|
|
|
|
--------------------------------------------------
|
|
|
|
--This group contains MIB objects related to Sensor Certificate Configuration
|
|
|
|
sensorCertificateGroup OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 52 }
|
|
|
|
sensorCertificateConfigGrp OBJECT IDENTIFIER ::= { sensorCertificateGroup 1 }
|
|
|
|
sensorCertificateCSRConfigGrp OBJECT IDENTIFIER ::= { sensorCertificateConfigGrp 1 }
|
|
|
|
sensorCertificateCSRCountryName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Country name for generating the CSR. Use the two-letter code
|
|
without punctuation for country like US or CA."
|
|
::= { sensorCertificateCSRConfigGrp 1 }
|
|
|
|
sensorCertificateCSRStateProvince OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"State or Province name for generating the CSR. Spell out the
|
|
state completely."
|
|
::= { sensorCertificateCSRConfigGrp 2 }
|
|
|
|
sensorCertificateCSRLocality OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"City or town name for generating the CSR."
|
|
::= { sensorCertificateCSRConfigGrp 3 }
|
|
|
|
sensorCertificateCSRCompany OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Company name for generating the CSR. If the company name has
|
|
symbols, spell out the symbol or omit it to enroll."
|
|
::= { sensorCertificateCSRConfigGrp 4 }
|
|
|
|
sensorCertificateCSROrganizationalUnit OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The organizational unit is the name of the department or organization unit
|
|
making the request. This is an optional field"
|
|
::= { sensorCertificateCSRConfigGrp 5 }
|
|
|
|
sensorCertificateCSRCommonName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..255))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The common name is the host plus domain name. It looks like
|
|
www.company.com or company.com."
|
|
::= { sensorCertificateCSRConfigGrp 6 }
|
|
|
|
sensorCertificateCSRGenerateAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other(0),
|
|
generateCSR(1),
|
|
generateSelfSigned(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This action is used to generate the CSR/self signed certificate.
|
|
Default : other (0)"
|
|
::= { sensorCertificateCSRConfigGrp 7 }
|
|
|
|
sensorCertificateCSRGenerateStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
generationInProgress (1),
|
|
generationComplete (2),
|
|
generationFailed (3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object describes the possible CSR generation states.
|
|
Default : other (0)"
|
|
::= { sensorCertificateCSRConfigGrp 8 }
|
|
|
|
sensorCertSubAltName OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To push sensorCert subject alternative name"
|
|
::= { sensorCertificateCSRConfigGrp 9 }
|
|
|
|
sensorCertificateStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
certAbsent (1),
|
|
defaultCert (2),
|
|
selfsignedCert (3),
|
|
casignedCert (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the cert status on the sensor.
|
|
Default: 0"
|
|
::= { sensorCertificateConfigGrp 2 }
|
|
|
|
sensorCertMigrateAction OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To push request for sensor cert migration"
|
|
::= { sensorCertificateConfigGrp 3 }
|
|
|
|
--------------------------------------------------
|
|
|
|
sensorStackGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 53 }
|
|
|
|
stackName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Stack Name"
|
|
::= { sensorStackGrp 1 }
|
|
|
|
stackNodeId OBJECT-TYPE
|
|
SYNTAX INTEGER (1..16)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ID of stackNode."
|
|
::= { sensorStackGrp 2 }
|
|
|
|
stackNodeLeftNeighbour OBJECT-TYPE
|
|
SYNTAX INTEGER (1..16)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Node id of Left Neighbour, configured in stack"
|
|
::= { sensorStackGrp 3 }
|
|
|
|
stackNodeRightNeighbour OBJECT-TYPE
|
|
SYNTAX INTEGER (1..16)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Node id of Right Neighbour, configured in stack"
|
|
::= { sensorStackGrp 4 }
|
|
|
|
|
|
interfaceVirtualPortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 54 }
|
|
|
|
intfVirtualPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IntfVirtualPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each interface port (indexed via intfPortIndex)
|
|
on each sensor card (indexed via appropriate slotIndex).
|
|
|
|
This table contains Trellix specific configuration objects.
|
|
Tables that contain MIB objects borrowed from MIB-II are in the
|
|
TRELLIX-SENSOR-PERF-MIB."
|
|
::= { interfaceVirtualPortGrp 1 }
|
|
|
|
intfVirtualPortEntry OBJECT-TYPE
|
|
SYNTAX IntfVirtualPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each interface port on each IntruShield sensor card.
|
|
Indexed by slotIndex/intfPortIndex"
|
|
INDEX { intfVirtualSlotIndex,
|
|
intfVirtualPortIndex }
|
|
::= { intfVirtualPortTable 1 }
|
|
|
|
IntfVirtualPortEntry ::= SEQUENCE {
|
|
intfVirtualPortIfDescr
|
|
DisplayString,
|
|
intfVirtualPortIfType
|
|
TrellixIDSPortType,
|
|
intfVirtualPortIfAdminStatus
|
|
INTEGER,
|
|
intfVirtualPortOperatingMode
|
|
TrellixIDSOperatingMode,
|
|
intfVirtualPortEnableFullDuplex
|
|
TruthValue,
|
|
intfVirtualPortSpeedConfig
|
|
TrellixPortSpeed,
|
|
intfVirtualPortEnableInternalTap
|
|
TruthValue,
|
|
intfVirtualPortInOutType
|
|
INTEGER,
|
|
intfVirtualFailOpenSwitchStatus
|
|
INTEGER,
|
|
intfVirtualFailOpenPortStatus
|
|
INTEGER,
|
|
intfVirtualPortEnableAntiSpoofing
|
|
INTEGER,
|
|
intfVirtualPortAllowAnyConnector
|
|
TruthValue,
|
|
intfVirtualPortCageType
|
|
INTEGER,
|
|
intfVirtualPortSetMediaType
|
|
INTEGER,
|
|
intfVirtualPortMonPortIpAddress
|
|
IpAddress,
|
|
intfVirtualPortMonPortNetMask
|
|
IpAddress,
|
|
intfVirtualPortGatewayIpAddress
|
|
IpAddress,
|
|
intfVirtualPortNbadConfigStatus
|
|
TruthValue,
|
|
intfVirtualPortVlanId
|
|
Integer32,
|
|
intfVirtualPortAppIdStatsConfigStatus
|
|
TruthValue,
|
|
intfVirtualPortLinearIndex
|
|
TrellixPortLinearIndex,
|
|
intfVirtualPortFECConfig
|
|
TruthValue
|
|
}
|
|
|
|
intfVirtualPortIfDescr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing information about the interface.
|
|
Returns the string that is printed on the box."
|
|
::= { intfVirtualPortEntry 1 }
|
|
|
|
intfVirtualPortIfType OBJECT-TYPE
|
|
SYNTAX TrellixIDSPortType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of interface, distinguished according to the
|
|
physical/link protocol(s) immediately 'below' the network
|
|
layer in the protocol stack.
|
|
|
|
For brevity, Trellix options are as specified by the TC,
|
|
TrellixIDSPortType.
|
|
|
|
However, the SNMP MIB-II - Interfaces MIB specifies many more
|
|
valid options. See comments section for details.
|
|
"
|
|
::= { intfVirtualPortEntry 2 }
|
|
|
|
intfVirtualPortIfAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The desired state of the interface.
|
|
The testing(3) state indicates that no operational packets
|
|
can be passed.
|
|
|
|
Default: down"
|
|
::= { intfVirtualPortEntry 3 }
|
|
|
|
intfVirtualPortOperatingMode OBJECT-TYPE
|
|
SYNTAX TrellixIDSOperatingMode
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ReadWrite parameter specifies the operating mode for the
|
|
Trellix IDS sensor to be used. Different modes supported are
|
|
inline-fo-passive(1), non-inline or tap(2), span(3) and
|
|
inlne-fc(4), inline-fo-active kit(5 - available on M-series only).
|
|
|
|
Default: non-inline"
|
|
::= { intfVirtualPortEntry 4 }
|
|
|
|
intfVirtualPortEnableFullDuplex OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Sets interface port to work as a full-duplex one.
|
|
Otherwise as half-duplex.
|
|
|
|
Default: True"
|
|
::= { intfVirtualPortEntry 5 }
|
|
|
|
intfVirtualPortSpeedConfig OBJECT-TYPE
|
|
SYNTAX TrellixPortSpeed -- was TrellixFEType, now deprecated
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Set desired speed/negotiation on the interface."
|
|
::= { intfVirtualPortEntry 6 }
|
|
|
|
intfVirtualPortEnableInternalTap OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Set to TRUE to enable feature. Applies to Fast Ethernet (FE)
|
|
ports only (see TrellixIDSPortType).
|
|
For non FE ports, set to 'FALSE' .
|
|
Setting this to 'TRUE' requires that
|
|
<intfPortCurrentOperatingMode> is already set to
|
|
'monitor-dual-intf'
|
|
Default: True"
|
|
|
|
::= { intfVirtualPortEntry 7 }
|
|
|
|
intfVirtualPortInOutType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
inside (1),
|
|
outside (2),
|
|
not-specified (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object reflects the Input or Output labeling
|
|
of this interface port. Used only when operating mode
|
|
is inline(1) or monitor-dual-intf(2).
|
|
|
|
Default: not-specified(3)"
|
|
::= { intfVirtualPortEntry 8 }
|
|
|
|
intfVirtualFailOpenSwitchStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable(1),
|
|
present(2),
|
|
not-present(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the status of the external optical bypass switch
|
|
status. For FE ports, this object will return
|
|
not-applicable(1). For GE ports, if external optical bypass
|
|
switch is connected to sensor ports, this will return
|
|
present(2). Otherwise, it will return not-present(3)."
|
|
::= { intfVirtualPortEntry 9 }
|
|
|
|
intfVirtualFailOpenPortStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
not-applicable(1),
|
|
inline-fail-open(2),
|
|
bypass(3),
|
|
tap (4),
|
|
absent (5),
|
|
unknown (6),
|
|
layer2-bypass (7)
|
|
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the packet forwarding status of the sensor ports connected to the optical bypass switch.
|
|
If status is inline-fail-open(2), sensor is doing the
|
|
forwarding. If status is bypass(3), the bypass switch is
|
|
doing the forwarding and sensor will not process any
|
|
traffic in this mode. Tap(4), absent(5) , unknown (6) and layer2-bypass(7)
|
|
are available only in M-series for non RJ45(captive) ports
|
|
when connected to active FO kit and sensor operating mode
|
|
is inline-fail-open-active-kit.
|
|
tap - operational status(up), kit(present), heart-beat(tap)
|
|
absent - operational status(up), kit(absent), hear-beat(none)
|
|
unknown - operational status(down), kit(absent), heart-beat(not available)."
|
|
::= { intfVirtualPortEntry 10 }
|
|
|
|
intfVirtualPortEnableAntiSpoofing OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disable-bothsides-spoof-detect (1),
|
|
enable-inside-spoof-detect (2),
|
|
enable-outside-spoof-detect (3),
|
|
enable-bothsides-spoof-detect (4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"spoofed packet detect rcvd on the both sides .
|
|
|
|
Default: 'disable-bothsides-spoof-detect' (0) "
|
|
::= { intfVirtualPortEntry 11 }
|
|
|
|
intfVirtualPortAllowAnyConnector OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Permit usage of any connector for port.
|
|
False: Restrict usage to McAfee certified connector only.
|
|
Default: False"
|
|
::= { intfVirtualPortEntry 12 }
|
|
|
|
intfVirtualPortCageType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other (0),
|
|
rJ-45 (1),
|
|
rJ-11 (2),
|
|
gBIC (3),
|
|
sFP (4),
|
|
xFP (5),
|
|
sFP-plus (6), -- support in R-series only
|
|
qSFP (7), -- support in R-series only
|
|
rJ-45-plus (8), -- support in R-series only
|
|
sFP-plus-BPFO (9) -- support in R-series only
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Physical connector cage type on sensor chassis panel."
|
|
::= { intfVirtualPortEntry 13 }
|
|
|
|
intfVirtualPortSetMediaType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
optical(1),
|
|
electrical (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sets the media of the connector the user desired for the port.
|
|
Default: optical"
|
|
::= { intfVirtualPortEntry 14 }
|
|
|
|
intfVirtualPortMonPortIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve the IPv4 address of the monitoring port.
|
|
Default: 0.0.0.0"
|
|
::= { intfVirtualPortEntry 15 }
|
|
|
|
intfVirtualPortMonPortNetMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve netmask for the IPv4 address of the monitoring port.
|
|
Default: 0.0.0.0"
|
|
::= { intfVirtualPortEntry 16 }
|
|
|
|
intfVirtualPortGatewayIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure / retrieve the IPv4 address of the gateway.
|
|
Default: 0.0.0.0"
|
|
::= { intfVirtualPortEntry 17 }
|
|
|
|
intfVirtualPortNbadConfigStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that flow record generation
|
|
to be sent to the NBAD server, is enabled over this monitoring port.
|
|
Default: False"
|
|
::= { intfVirtualPortEntry 18 }
|
|
|
|
intfVirtualPortVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2164326399)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object indicates the Vlan ID of the VLAN to which the monitoring
|
|
port is connected."
|
|
::= { intfVirtualPortEntry 19 }
|
|
|
|
intfVirtualPortAppIdStatsConfigStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that the appId stats collection is enabled
|
|
over this monitoring port.
|
|
Default: True"
|
|
::= { intfVirtualPortEntry 20 }
|
|
|
|
|
|
intfVirtualPortLinearIndex OBJECT-TYPE
|
|
SYNTAX TrellixPortLinearIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object indicates the Linear Index of the monitoring port. This index is
|
|
generated by the sensor appliance using the pair of slot index and the port index values.
|
|
The other MIB tables would directly use this linear index, whereever applicable."
|
|
::= { intfVirtualPortEntry 21 }
|
|
|
|
intfVirtualPortFECConfig OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object value if set to TRUE indicates that FEC is enabled, FALSE for FEC disbaled
|
|
Default: False"
|
|
::= { intfVirtualPortEntry 22 }
|
|
|
|
-- responseVirtualPortGrp 'ivSensorConfigurationMIB 55' is not supported currently, reserved for future use
|
|
responseVirtualPortGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 55 }
|
|
|
|
respVirtualPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RespVirtualPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each response port (indexed via respPortIndex)
|
|
on each sensor card (indexed via valid slotIndex).
|
|
|
|
This table contains Trellix specific MIB objects.
|
|
"
|
|
::= { responseVirtualPortGrp 1 }
|
|
|
|
respVirtualPortEntry OBJECT-TYPE
|
|
SYNTAX RespVirtualPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This MIB object contains all the columnar objects,
|
|
that describe the contents of each response port within the Trellix IDS sensor card.
|
|
Indexed by slotIndex/respPortIndex"
|
|
INDEX { slotIndex,
|
|
respPortIndex }
|
|
::= { respVirtualPortTable 1 }
|
|
|
|
RespVirtualPortEntry ::= SEQUENCE {
|
|
respVirtualPortDescr
|
|
DisplayString,
|
|
respVirtualPortType
|
|
TrellixIDSPortType,
|
|
respVirtualPortAdminStatus
|
|
INTEGER,
|
|
respVirtualPortOperStatus
|
|
INTEGER,
|
|
respVirtualPortEnableFullDuplex
|
|
TruthValue,
|
|
respVirtualPortSpeed
|
|
TrellixPortSpeed, -- was TrellixFEType,
|
|
respVirtualPortPktDestination
|
|
INTEGER,
|
|
respVirtualPortMacAddress
|
|
MacAddress,
|
|
respVirtualCUGEPortSpeed
|
|
TrellixCUGEType,
|
|
respVirtualAdditionalInfo
|
|
DisplayString
|
|
|
|
}
|
|
|
|
respVirtualPortDescr OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing information about the interface.
|
|
Returns the string that is printed on the box."
|
|
::= { respVirtualPortEntry 1 }
|
|
|
|
respVirtualPortType OBJECT-TYPE
|
|
SYNTAX TrellixIDSPortType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of interface, distinguished according to the
|
|
physical/link protocol(s) immediately 'below' the network
|
|
layer in the protocol stack.
|
|
See TrellixIDSPortType.
|
|
"
|
|
::= { respVirtualPortEntry 2 }
|
|
|
|
respVirtualPortAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The desired state of the interface.
|
|
Default: Up"
|
|
::= { respVirtualPortEntry 3 }
|
|
|
|
respVirtualPortOperStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
up (1),
|
|
down (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current operational state of the interface.
|
|
The testing(3) state indicates that no operational packets
|
|
can be passed."
|
|
::= { respVirtualPortEntry 4 }
|
|
|
|
respVirtualPortEnableFullDuplex OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"True: Sets response port to work as a full-duplex one.
|
|
otherwise as half-duplex.
|
|
If True, respPortFullDuplexPeer must be specified.
|
|
|
|
Default: False
|
|
"
|
|
::= { respVirtualPortEntry 5 }
|
|
|
|
-- Support for respPortSpeed is deprecated in V-series sensors(VmIPS).
|
|
respVirtualPortSpeed OBJECT-TYPE
|
|
SYNTAX TrellixPortSpeed
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"See TrellixPortSpeed
|
|
|
|
Default: fixed-hundred-Mbps (2)"
|
|
::= { respVirtualPortEntry 6 }
|
|
|
|
respVirtualPortPktDestination OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
switch (1),
|
|
router (2)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used when response ports are chosen for
|
|
sending response packets. When router mode is chosen,
|
|
packets will be sent to router with destination MAC as
|
|
defined in intfRespMacAddress.
|
|
|
|
Default value is switch (1)."
|
|
::= { respVirtualPortEntry 7 }
|
|
|
|
respVirtualPortMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the macaddress of the router to which the response
|
|
packets have to be sent to."
|
|
::= { respVirtualPortEntry 8 }
|
|
|
|
-- Support for respCUGEPortSpeed is deprecated in V-series sensors(VmIPS).
|
|
respVirtualCUGEPortSpeed OBJECT-TYPE
|
|
SYNTAX TrellixCUGEType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only applicable to copper-gigabit-ethernet ports, to specify whether
|
|
10mbps or 100mbps or 1-gbps or auto-neg. See TrellixCUGEType
|
|
|
|
Default: auto-negotiate"
|
|
::= { respVirtualPortEntry 9 }
|
|
|
|
respVirtualAdditionalInfo OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A textual string containing additional information about the response interface.
|
|
This mib object will be available only on V-series sensors."
|
|
::= { respVirtualPortEntry 11 }
|
|
|
|
|
|
--
|
|
-- Interface Virtual Response Table
|
|
--
|
|
intfVirtualRespTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IntfVirtualRespEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table containing entries for each interface port. The
|
|
table describes how responses have to be sent in monitoring
|
|
mode."
|
|
::= { responseVirtualPortGrp 2 }
|
|
|
|
intfVirtualRespEntry OBJECT-TYPE
|
|
SYNTAX IntfVirtualRespEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indexed by slotIndex/intfPortIndex"
|
|
INDEX { slotIndex, intfPortIndex }
|
|
::= { intfVirtualRespTable 1 }
|
|
|
|
IntfVirtualRespEntry ::= SEQUENCE {
|
|
intfVirtualRespType
|
|
INTEGER,
|
|
intfVirtualRespPortNo
|
|
INTEGER
|
|
}
|
|
|
|
intfVirtualRespType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
responsePort (1),
|
|
inline (2)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this object to responsePort (2) causes responses
|
|
to be sent via the response port. The response port no that
|
|
needs to be used is specified with intfRespPortNo object.
|
|
|
|
Setting this object to inline (3) causes responses to be
|
|
sent inline. Note that in monitoring mode, responses can
|
|
only be sent inline when the monitoring port is in
|
|
half-duplex mode.
|
|
|
|
Default action will be responsePort (1)."
|
|
::= { intfVirtualRespEntry 1 }
|
|
|
|
intfVirtualRespPortNo OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the response port number that needs to be used
|
|
for this monitoring port. The response ports are configured
|
|
by respPortTable."
|
|
::= { intfVirtualRespEntry 2 }
|
|
|
|
|
|
|
|
--------------------------------------------------
|
|
|
|
--
|
|
-- mvxCfgGrp
|
|
--
|
|
|
|
mvxCfgGrp OBJECT IDENTIFIER ::= { ivSensorConfigurationMIB 56 }
|
|
|
|
mvxConnectionConfig OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable or disable the MVX integration
|
|
Default: 2, disable"
|
|
::= { mvxCfgGrp 1 }
|
|
|
|
|
|
mvxIPAddressType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ip-v4 (4),
|
|
ip-v6 (6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IP address type of the
|
|
mgmt port at the MVX engine end"
|
|
::= { mvxCfgGrp 2 }
|
|
|
|
mvxBrokerIPv4Address OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv4 address of the MVX engine.
|
|
The mvxBrokerIPv4Address would be zero if the current object is initialized"
|
|
::= { mvxCfgGrp 3 }
|
|
|
|
mvxBrokerIPv6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to configure the IPv6 address of the MVX engine.
|
|
The mvxBrokerIPv6Address would be zero if the current object is initialized"
|
|
::= { mvxCfgGrp 4 }
|
|
|
|
mvxUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send username for configured MVX engine.
|
|
Default value is NULL"
|
|
::= { mvxCfgGrp 5 }
|
|
|
|
mvxPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(1..80))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to send password for configured MVX engine.
|
|
Default value is NULL"
|
|
::= { mvxCfgGrp 6 }
|
|
|
|
mvxCertificateValidation OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
disable (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the MVX server certificate flag at
|
|
the sensor"
|
|
::= { mvxCfgGrp 7 }
|
|
|
|
mvxAuthStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
down(2),
|
|
up (1)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the authentication status between
|
|
sensor and MVX engine "
|
|
::= { mvxCfgGrp 8 }
|
|
|
|
mvxUseProxy OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disable(2),
|
|
enable(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to indicate the configured proxy is used by the MVX engine or not "
|
|
::= { mvxCfgGrp 9 }
|
|
|
|
|
|
--------------------------------------------------
|
|
|
|
END
|