1652 lines
47 KiB
Plaintext
1652 lines
47 KiB
Plaintext
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Trend Micro, Inc.
|
|
-- Copyright information is in the DESCRIPTION section of the MODULE-IDENTITY.
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
TPT-POLICY-MIB
|
|
|
|
DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, OBJECT-IDENTITY,
|
|
Unsigned32, Counter32, Counter64, IpAddress, Integer32
|
|
FROM SNMPv2-SMI
|
|
|
|
TEXTUAL-CONVENTION
|
|
FROM SNMPv2-TC
|
|
|
|
Ipv6Address
|
|
FROM IPV6-TC
|
|
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB
|
|
|
|
tpt-tpa-objs, tpt-tpa-eventsV2, tpt-tpa-unkparams
|
|
FROM TPT-TPAMIBS-MIB
|
|
;
|
|
|
|
tpt-policy MODULE-IDENTITY
|
|
LAST-UPDATED "201605251854Z" -- May 25, 2016
|
|
ORGANIZATION "Trend Micro, Inc."
|
|
CONTACT-INFO "www.trendmicro.com"
|
|
DESCRIPTION
|
|
"TPA policy counters.
|
|
|
|
Copyright (C) 2016 Trend Micro Incorporated. All Rights Reserved.
|
|
|
|
Trend Micro makes no warranty of any kind with regard to this material,
|
|
including, but not limited to, the implied warranties of merchantability
|
|
and fitness for a particular purpose. Trend Micro shall not be liable for
|
|
errors contained herein or for incidental or consequential damages in
|
|
connection with the furnishing, performance, or use of this material. This
|
|
document contains proprietary information, which is protected by copyright. No
|
|
part of this document may be photocopied, reproduced, or translated into
|
|
another language without the prior written consent of Trend Micro. The
|
|
information is provided 'as is' without warranty of any kind and is subject to
|
|
change without notice. The only warranties for Trend Micro products and
|
|
services are set forth in the express warranty statements accompanying such
|
|
products and services. Nothing herein should be construed as constituting an
|
|
additional warranty. Trend Micro shall not be liable for technical or editorial
|
|
errors or omissions contained herein. TippingPoint(R), the TippingPoint logo, and
|
|
Digital Vaccine(R) are registered trademarks of Trend Micro. All other company
|
|
and product names may be trademarks of their respective holders. All rights
|
|
reserved. This document contains confidential information, trade secrets or
|
|
both, which are the property of Trend Micro. No part of this documentation may
|
|
be reproduced in any form or by any means or used to make any derivative work
|
|
(such as translation, transformation, or adaptation) without written permission
|
|
from Trend Micro or one of its subsidiaries. All other company and product
|
|
names may be trademarks of their respective holders.
|
|
"
|
|
|
|
REVISION "201605251854Z" -- May 25, 2016
|
|
DESCRIPTION "Updated copyright information. Minor MIB syntax fixes."
|
|
|
|
REVISION "201506191830Z" -- June 19, 2015
|
|
DESCRIPTION "Added SSL inspection notification."
|
|
|
|
REVISION "201505281330Z" -- May 28, 2015
|
|
DESCRIPTION "Added SSL inspected flag parameter to policy notifications."
|
|
|
|
REVISION "201412151142Z" -- December 15, 2014
|
|
DESCRIPTION "Updated table sequence entries to be SMI compliant."
|
|
|
|
::= { tpt-tpa-objs 1 }
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Variable definitions
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
|
|
-- Global (as opposed to per-policy) values
|
|
|
|
policyPacketsDropped OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets discarded due to network congestion."
|
|
::= { tpt-policy 1 }
|
|
|
|
policyPacketsBlocked OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The cumulative number of packets blocked because of policy actions."
|
|
::= { tpt-policy 2 }
|
|
|
|
policyPacketsIncoming OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of incoming packets."
|
|
::= { tpt-policy 3 }
|
|
|
|
policyPacketsOutgoing OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of outgoing packets."
|
|
::= { tpt-policy 4 }
|
|
|
|
policyPacketsInvalid OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets discarded because they were invalid."
|
|
::= { tpt-policy 6 }
|
|
|
|
policyPacketsPermitted OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The cumulative number of packets permitted because of policy actions."
|
|
::= { tpt-policy 7 }
|
|
|
|
policyPacketsDropped64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets discarded due to network congestion."
|
|
::= { tpt-policy 31 }
|
|
|
|
policyPacketsBlocked64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The cumulative number of packets blocked because of policy actions."
|
|
::= { tpt-policy 32 }
|
|
|
|
policyPacketsIncoming64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of incoming packets."
|
|
::= { tpt-policy 33 }
|
|
|
|
policyPacketsOutgoing64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of outgoing packets."
|
|
::= { tpt-policy 34 }
|
|
|
|
policyPacketsInvalid64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets discarded because they were invalid."
|
|
::= { tpt-policy 36 }
|
|
|
|
policyPacketsPermitted64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets permitted because of policy actions."
|
|
::= { tpt-policy 37 }
|
|
|
|
policyPacketsRateLimited64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total number of packets discarded by rate limiting filters."
|
|
::= { tpt-policy 38 }
|
|
|
|
policyPacketsTrusted64 OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The cumulative number of packets trusted because of policy actions."
|
|
::= { tpt-policy 39 }
|
|
|
|
|
|
-- Digital Vaccine information
|
|
|
|
policyDVObjs OBJECT-IDENTITY
|
|
STATUS current
|
|
DESCRIPTION "Sub-tree of Digital Vaccine information."
|
|
::= { tpt-policy 10 }
|
|
|
|
policyDVVersion OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The version number of the Digital Vaccine on this machine."
|
|
::= { policyDVObjs 1 }
|
|
|
|
|
|
-- Table of per-policy values
|
|
|
|
policyCounterTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PolicyCounterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Table of per-policy counter values."
|
|
::= { tpt-policy 5 }
|
|
|
|
policyCounterEntry OBJECT-TYPE
|
|
SYNTAX PolicyCounterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"An entry in the policy counter table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { policyGlobalID }
|
|
::= { policyCounterTable 1 }
|
|
|
|
PolicyCounterEntry ::= SEQUENCE {
|
|
policyGlobalID OCTET STRING,
|
|
policyDescriptiveName OCTET STRING,
|
|
policyCountBytes Counter64,
|
|
policyCountPackets Counter64,
|
|
policyCreationTime Unsigned32
|
|
}
|
|
|
|
policyGlobalID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The global identifier of a policy."
|
|
::= { policyCounterEntry 1 }
|
|
|
|
policyDescriptiveName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..80))
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The human-readable name of a policy."
|
|
::= { policyCounterEntry 2 }
|
|
|
|
policyCountBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The total number of bytes affected by the given policy."
|
|
::= { policyCounterEntry 3 }
|
|
|
|
policyCountPackets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The total number of packets affected by the given policy."
|
|
::= { policyCounterEntry 4 }
|
|
|
|
policyCreationTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The time the policy was pushed to NetPAL, in seconds since the epoch."
|
|
::= { policyCounterEntry 5 }
|
|
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Textual conventions for statistical reports
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
PolicyProtocol ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A selection from a set of networking protocols detected by a policy."
|
|
SYNTAX INTEGER { icmp(1), udp(2), tcp(3), other-ip(4),
|
|
arp(5), other-eth(6), icmpv6(7), other-ipv6(8) }
|
|
|
|
PolicyFrameSize ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A selection from a set of layer-2 frame size categories."
|
|
SYNTAX INTEGER { fs64B(1), fs65to127B(2),
|
|
fs128to255B(3), fs256to511B(4),
|
|
fs512to1023B(5), fs1024toMaxB(6),
|
|
fsMaxto4095B(7), fs4096to9216B(8),
|
|
fsUnder(9), fsOver(10),
|
|
fs9217to16383(11) }
|
|
|
|
PolicyFrameType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A selection from a set of layer-2 frame types based on addressing and
|
|
error status."
|
|
SYNTAX INTEGER { unicast(1), broadcast(2),
|
|
multicast(3), macControl(4),
|
|
fcsError(5), alignError(6),
|
|
symbolError(7) }
|
|
|
|
PolicySeverity ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A selection from a set of severity levels used by policies.
|
|
Used for both statistical reports and notifications."
|
|
SYNTAX INTEGER { warning(1), minor(2), major(3), critical(4)}
|
|
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Statistical reports
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
-- Table of top ten policies
|
|
|
|
topTenHitsByPolicyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TopTenHitsByPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of policies with the ten greatest hit counts."
|
|
::= { tpt-policy 11 }
|
|
|
|
topTenHitsByPolicyEntry OBJECT-TYPE
|
|
SYNTAX TopTenHitsByPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the top ten policies table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { topTenRank }
|
|
::= { topTenHitsByPolicyTable 1 }
|
|
|
|
TopTenHitsByPolicyEntry ::= SEQUENCE {
|
|
topTenRank Unsigned32,
|
|
policyHitCount Unsigned32,
|
|
policyName OCTET STRING,
|
|
policyUUID OCTET STRING
|
|
}
|
|
|
|
topTenRank OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..10)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The numerical ranking 1 through 10 of a policy."
|
|
::= { topTenHitsByPolicyEntry 1 }
|
|
|
|
policyHitCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of alerts generated by a policy."
|
|
::= { topTenHitsByPolicyEntry 2 }
|
|
|
|
policyName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..80))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The human-readable name of a policy."
|
|
::= { topTenHitsByPolicyEntry 3 }
|
|
|
|
policyUUID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The global identifier of a policy."
|
|
::= { topTenHitsByPolicyEntry 4 }
|
|
|
|
|
|
-- Table of alerts by severity
|
|
|
|
alertsBySeverityTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AlertsBySeverityEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of alert counts of all policies at each severity level."
|
|
::= { tpt-policy 12 }
|
|
|
|
alertsBySeverityEntry OBJECT-TYPE
|
|
SYNTAX AlertsBySeverityEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the alerts by severity table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { alertSeverity }
|
|
::= { alertsBySeverityTable 1 }
|
|
|
|
AlertsBySeverityEntry ::= SEQUENCE {
|
|
alertSeverity PolicySeverity,
|
|
severityAlertCount Unsigned32
|
|
}
|
|
|
|
alertSeverity OBJECT-TYPE
|
|
SYNTAX PolicySeverity
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The severity of a policy."
|
|
::= { alertsBySeverityEntry 1 }
|
|
|
|
severityAlertCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of alerts generated by all policies of a given severity."
|
|
::= { alertsBySeverityEntry 2 }
|
|
|
|
|
|
-- Table of alerts by protocol
|
|
|
|
alertsByProtocolTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AlertsByProtocolEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of alert counts of all policies at each protocol."
|
|
::= { tpt-policy 13 }
|
|
|
|
alertsByProtocolEntry OBJECT-TYPE
|
|
SYNTAX AlertsByProtocolEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the alerts by protocol table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { alertProtocol }
|
|
::= { alertsByProtocolTable 1 }
|
|
|
|
AlertsByProtocolEntry ::= SEQUENCE {
|
|
alertProtocol PolicyProtocol,
|
|
protocolAlertCount Unsigned32
|
|
}
|
|
|
|
alertProtocol OBJECT-TYPE
|
|
SYNTAX PolicyProtocol
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol of a policy."
|
|
::= { alertsByProtocolEntry 1 }
|
|
|
|
protocolAlertCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of alerts generated by all policies of a given protocol."
|
|
::= { alertsByProtocolEntry 2 }
|
|
|
|
|
|
-- Table of alerts by zone
|
|
|
|
alertsByZoneTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AlertsByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Table of alert counts of all policies for each zone."
|
|
::= { tpt-policy 14 }
|
|
|
|
alertsByZoneEntry OBJECT-TYPE
|
|
SYNTAX AlertsByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"An entry in the alerts by zone table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { alertSlot, alertPort }
|
|
::= { alertsByZoneTable 1 }
|
|
|
|
AlertsByZoneEntry ::= SEQUENCE {
|
|
alertSlot Unsigned32,
|
|
alertPort Unsigned32,
|
|
zoneAlertCount Unsigned32
|
|
}
|
|
|
|
alertSlot OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The slot portion identifying the zone affected by a policy."
|
|
::= { alertsByZoneEntry 1 }
|
|
|
|
alertPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The port portion identifying the zone affected by a policy."
|
|
::= { alertsByZoneEntry 2 }
|
|
|
|
zoneAlertCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The count of alerts generated by all policies of a given zone."
|
|
::= { alertsByZoneEntry 3 }
|
|
|
|
|
|
-- Table of permits by zone
|
|
|
|
permitsByZoneTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PermitsByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Table of permit counts of all policies for each zone."
|
|
::= { tpt-policy 15 }
|
|
|
|
permitsByZoneEntry OBJECT-TYPE
|
|
SYNTAX PermitsByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"An entry in the permits by zone table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { permitSlot, permitPort }
|
|
::= { permitsByZoneTable 1 }
|
|
|
|
PermitsByZoneEntry ::= SEQUENCE {
|
|
permitSlot Unsigned32,
|
|
permitPort Unsigned32,
|
|
zonePermitCount Unsigned32
|
|
}
|
|
|
|
permitSlot OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The slot portion identifying the zone affected by a policy."
|
|
::= { permitsByZoneEntry 1 }
|
|
|
|
permitPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The port portion identifying the zone affected by a policy."
|
|
::= { permitsByZoneEntry 2 }
|
|
|
|
zonePermitCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The count of permits generated by all policies of a given zone."
|
|
::= { permitsByZoneEntry 3 }
|
|
|
|
|
|
-- Table of blocks by zone
|
|
|
|
blocksByZoneTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BlocksByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Table of block counts of all policies for each zone."
|
|
::= { tpt-policy 16 }
|
|
|
|
blocksByZoneEntry OBJECT-TYPE
|
|
SYNTAX BlocksByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"An entry in the blocks by zone table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { blockSlot, blockPort }
|
|
::= { blocksByZoneTable 1 }
|
|
|
|
BlocksByZoneEntry ::= SEQUENCE {
|
|
blockSlot Unsigned32,
|
|
blockPort Unsigned32,
|
|
zoneBlockCount Unsigned32
|
|
}
|
|
|
|
blockSlot OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The slot portion identifying the zone affected by a policy."
|
|
::= { blocksByZoneEntry 1 }
|
|
|
|
blockPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The port portion identifying the zone affected by a policy."
|
|
::= { blocksByZoneEntry 2 }
|
|
|
|
zoneBlockCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The count of blocks generated by all policies of a given zone."
|
|
::= { blocksByZoneEntry 3 }
|
|
|
|
|
|
-- Table of p2ps by zone
|
|
|
|
p2psByZoneTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF P2psByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Table of p2p counts of all policies for each zone."
|
|
::= { tpt-policy 17 }
|
|
|
|
p2psByZoneEntry OBJECT-TYPE
|
|
SYNTAX P2psByZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"An entry in the p2ps by zone table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { p2pSlot, p2pPort }
|
|
::= { p2psByZoneTable 1 }
|
|
|
|
P2psByZoneEntry ::= SEQUENCE {
|
|
p2pSlot Unsigned32,
|
|
p2pPort Unsigned32,
|
|
zoneP2pCount Unsigned32
|
|
}
|
|
|
|
p2pSlot OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The slot portion identifying the zone affected by a policy."
|
|
::= { p2psByZoneEntry 1 }
|
|
|
|
p2pPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The port portion identifying the zone affected by a policy."
|
|
::= { p2psByZoneEntry 2 }
|
|
|
|
zoneP2pCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The count of p2ps generated by all policies of a given zone."
|
|
::= { p2psByZoneEntry 3 }
|
|
|
|
|
|
-- Table of frames by size
|
|
|
|
framesBySizeTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FramesBySizeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of frame counts received in each size category."
|
|
::= { tpt-policy 18 }
|
|
|
|
framesBySizeEntry OBJECT-TYPE
|
|
SYNTAX FramesBySizeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the frames by size table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { frameSize }
|
|
::= { framesBySizeTable 1 }
|
|
|
|
FramesBySizeEntry ::= SEQUENCE {
|
|
frameSize PolicyFrameSize,
|
|
sizeFrameCount Unsigned32
|
|
}
|
|
|
|
frameSize OBJECT-TYPE
|
|
SYNTAX PolicyFrameSize
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The size category of a frame."
|
|
::= { framesBySizeEntry 1 }
|
|
|
|
sizeFrameCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of frames received in a given size category."
|
|
::= { framesBySizeEntry 2 }
|
|
|
|
|
|
-- Table of frames by type
|
|
|
|
framesByTypeTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FramesByTypeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of frame counts received in each type classification."
|
|
::= { tpt-policy 19 }
|
|
|
|
framesByTypeEntry OBJECT-TYPE
|
|
SYNTAX FramesByTypeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the frames by type table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { frameType }
|
|
::= { framesByTypeTable 1 }
|
|
|
|
FramesByTypeEntry ::= SEQUENCE {
|
|
frameType PolicyFrameType,
|
|
typeFrameCount Unsigned32
|
|
}
|
|
|
|
frameType OBJECT-TYPE
|
|
SYNTAX PolicyFrameType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type classification (e.g., unicast, broadcast, FCS error) of a frame."
|
|
::= { framesByTypeEntry 1 }
|
|
|
|
typeFrameCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of frames received in a given type classification."
|
|
::= { framesByTypeEntry 2 }
|
|
|
|
|
|
-- Table of packets by protocol
|
|
|
|
packetsByProtocolTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PacketsByProtocolEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of packet counts received for each protocol."
|
|
::= { tpt-policy 20 }
|
|
|
|
packetsByProtocolEntry OBJECT-TYPE
|
|
SYNTAX PacketsByProtocolEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the packets by protocol table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { packetProtocol }
|
|
::= { packetsByProtocolTable 1 }
|
|
|
|
PacketsByProtocolEntry ::= SEQUENCE {
|
|
packetProtocol PolicyProtocol,
|
|
protocolPacketCount Unsigned32
|
|
}
|
|
|
|
packetProtocol OBJECT-TYPE
|
|
SYNTAX PolicyProtocol
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol of a policy."
|
|
::= { packetsByProtocolEntry 1 }
|
|
|
|
protocolPacketCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of packets received for a given protocol."
|
|
::= { packetsByProtocolEntry 2 }
|
|
|
|
|
|
|
|
-- Table of port statistics
|
|
|
|
portStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PortStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of statistics for each physical port."
|
|
::= { tpt-policy 23 }
|
|
|
|
portStatsEntry OBJECT-TYPE
|
|
SYNTAX PortStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the port statistics table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { portNumber }
|
|
::= { portStatsTable 1 }
|
|
|
|
PortStatsEntry ::= SEQUENCE {
|
|
portNumber Unsigned32,
|
|
portName OCTET STRING,
|
|
portVlanTranslations Counter64
|
|
}
|
|
|
|
portNumber OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The numeric index of a port."
|
|
::= { portStatsEntry 1 }
|
|
|
|
portName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..8))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of a port."
|
|
::= { portStatsEntry 2 }
|
|
|
|
portVlanTranslations OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of packets leaving this egress port whose VLAN IDs were translated."
|
|
::= { portStatsEntry 3 }
|
|
|
|
|
|
-- Table of names and descriptions by policy number
|
|
|
|
policyByNumberTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PolicyByNumberEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of packet counts received for each protocol."
|
|
::= { tpt-policy 21 }
|
|
|
|
policyByNumberEntry OBJECT-TYPE
|
|
SYNTAX PolicyByNumberEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the policy by number table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { policyNumber }
|
|
::= { policyByNumberTable 1 }
|
|
|
|
PolicyByNumberEntry ::= SEQUENCE {
|
|
policyNumber Unsigned32,
|
|
numberName OCTET STRING,
|
|
numberDesc OCTET STRING
|
|
}
|
|
|
|
policyNumber OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of a policy."
|
|
::= { policyByNumberEntry 1 }
|
|
|
|
numberName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..120))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of a policy."
|
|
::= { policyByNumberEntry 2 }
|
|
|
|
numberDesc OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..3000))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of a policy."
|
|
::= { policyByNumberEntry 3 }
|
|
|
|
|
|
-- Security zone pair information and statistics
|
|
|
|
securityZonePairTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SecurityZonePairEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of information and statistics for each security zone pair."
|
|
::= { tpt-policy 22 }
|
|
|
|
securityZonePairEntry OBJECT-TYPE
|
|
SYNTAX SecurityZonePairEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the security zone pair table.
|
|
Rows cannot be created or deleted.
|
|
"
|
|
INDEX { szpUUID }
|
|
::= { securityZonePairTable 1 }
|
|
|
|
SecurityZonePairEntry ::= SEQUENCE {
|
|
szpName OCTET STRING,
|
|
szpInZoneName OCTET STRING,
|
|
szpOutZoneName OCTET STRING,
|
|
szpUUID OCTET STRING,
|
|
szpInZoneUUID OCTET STRING,
|
|
szpOutZoneUUID OCTET STRING,
|
|
szpInPackets Counter64,
|
|
szpInOctets Counter64,
|
|
szpAlerts Counter64,
|
|
szpPermits Counter64,
|
|
szpBlocks Counter64,
|
|
szpPrecedence Unsigned32
|
|
}
|
|
|
|
szpName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of a security zone pair."
|
|
::= { securityZonePairEntry 1 }
|
|
|
|
szpInZoneName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the input security zone of a security zone pair."
|
|
::= { securityZonePairEntry 2 }
|
|
|
|
szpOutZoneName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the output security zone of a security zone pair."
|
|
::= { securityZonePairEntry 3 }
|
|
|
|
szpUUID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UUID of a security zone pair."
|
|
::= { securityZonePairEntry 4 }
|
|
|
|
szpInZoneUUID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UUID of the input security zone of a security zone pair."
|
|
::= { securityZonePairEntry 5 }
|
|
|
|
szpOutZoneUUID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UUID of the output security zone of a security zone pair."
|
|
::= { securityZonePairEntry 6 }
|
|
|
|
szpInPackets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets received on this security zone pair."
|
|
::= { securityZonePairEntry 7 }
|
|
|
|
szpInOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bytes received on this security zone pair."
|
|
::= { securityZonePairEntry 8 }
|
|
|
|
szpAlerts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of alerts (blocks + permits) on this security zone pair."
|
|
::= { securityZonePairEntry 9 }
|
|
|
|
szpBlocks OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of blocks generated on this security zone pair."
|
|
::= { securityZonePairEntry 10 }
|
|
|
|
szpPermits OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of permits generated on this security zone pair."
|
|
::= { securityZonePairEntry 11 }
|
|
|
|
szpPrecedence OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The precedence of security zone pair."
|
|
::= { securityZonePairEntry 12 }
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Textual conventions for policy notifications
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
PolicyAction ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A selection between three fundamental actions of a policy: blocking
|
|
the offending packets, detecting them but allowing them through, or rate-limiting them."
|
|
SYNTAX INTEGER { deny(1), allow(2), ratelimit(3) }
|
|
|
|
PolicyComponent ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A selection from among the components of a policy, corresponding to
|
|
which log file is used to track the associated information."
|
|
SYNTAX INTEGER { invalid(0), deny(1), allow(2),
|
|
alert(7), block(8), peer(9) }
|
|
|
|
SslInspectedFlag ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A flag indicating if an action was taken on an inspected SSL data stream."
|
|
SYNTAX INTEGER { yes(1), no(2) }
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Policy notifications
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
tptPolicyNotifyDeviceID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique identifier of the device sending this notification."
|
|
::= { tpt-tpa-unkparams 11 }
|
|
|
|
tptPolicyNotifyPolicyID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique identifier of the policy causing this notification."
|
|
::= { tpt-tpa-unkparams 12 }
|
|
|
|
tptPolicyNotifySignatureID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique identifier of the signature matching the incoming data stream."
|
|
::= { tpt-tpa-unkparams 13 }
|
|
|
|
tptPolicyNotifySegmentName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"A string of the format <slot>:<index> that uniquely identifies the
|
|
segment pertaining to this notification."
|
|
::= { tpt-tpa-unkparams 14 }
|
|
|
|
tptPolicyNotifySrcNetAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The network address of the source
|
|
of the packet(s) triggering the policy action."
|
|
::= { tpt-tpa-unkparams 15 }
|
|
|
|
tptPolicyNotifySrcNetAddrV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IPv6 network address of the source
|
|
of the packet(s) triggering the policy action."
|
|
::= { tpt-tpa-unkparams 128 }
|
|
|
|
tptPolicyNotifySrcNetPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The network port (if applicable) of the source
|
|
of the packet(s) triggering the policy action."
|
|
::= { tpt-tpa-unkparams 16 }
|
|
|
|
tptPolicyNotifyDestNetAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The network address of the destination
|
|
of the packet(s) triggering the policy action."
|
|
::= { tpt-tpa-unkparams 17 }
|
|
|
|
tptPolicyNotifyDestNetAddrV6 OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IPv6 network address of the destination
|
|
of the packet(s) triggering the policy action."
|
|
::= { tpt-tpa-unkparams 129 }
|
|
|
|
tptPolicyNotifyDestNetPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The network port (if applicable) of the destination
|
|
of the packet(s) triggering the policy action."
|
|
::= { tpt-tpa-unkparams 18 }
|
|
|
|
tptPolicyNotifyStartTimeSec OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time of the first policy hit, marking the start of the aggregation
|
|
period for this notification (in seconds since January 1, 1970)."
|
|
::= { tpt-tpa-unkparams 19 }
|
|
|
|
tptPolicyNotifyAlertAction OBJECT-TYPE
|
|
SYNTAX PolicyAction
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action associated with this notification: whether the affected
|
|
packets were actually blocked, allowed through, or rate-limited."
|
|
::= { tpt-tpa-unkparams 20 }
|
|
|
|
tptPolicyNotifyConfigAction OBJECT-TYPE
|
|
SYNTAX PolicyAction
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action configured for the policy, which in some cases may differ
|
|
from the action associated with this notification."
|
|
::= { tpt-tpa-unkparams 21 }
|
|
|
|
tptPolicyNotifyComponentID OBJECT-TYPE
|
|
SYNTAX PolicyComponent
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The component identifier of the policy causing this notification."
|
|
::= { tpt-tpa-unkparams 22 }
|
|
|
|
tptPolicyNotifyHitCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of policy hits occurring during the aggregation period for
|
|
this notification."
|
|
::= { tpt-tpa-unkparams 23 }
|
|
|
|
tptPolicyNotifyAggregationPeriod OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The duration (in minutes) of the aggregation period for this notification."
|
|
::= { tpt-tpa-unkparams 24 }
|
|
|
|
tptPolicyNotifySeverity OBJECT-TYPE
|
|
SYNTAX PolicySeverity
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The severity of the attack for this notification."
|
|
::= { tpt-tpa-unkparams 25 }
|
|
|
|
tptPolicyNotifyProtocol OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..20))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The network protocol of the packet(s) triggering the policy action."
|
|
::= { tpt-tpa-unkparams 26 }
|
|
|
|
tptPolicyNotifyAlertTimeSec OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time this alert was initiated, marking the end of the aggregation
|
|
period for this notification (in seconds since January 1, 1970)."
|
|
::= { tpt-tpa-unkparams 27 }
|
|
|
|
tptPolicyNotifyAlertTimeNano OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The nanoseconds portion of tptPolicyNotifyAlertTimeSec."
|
|
::= { tpt-tpa-unkparams 28 }
|
|
|
|
tptPolicyNotifyPacketTrace OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value 1 if a corresponding packet trace was logged; 0 if not."
|
|
::= { tpt-tpa-unkparams 29 }
|
|
|
|
tptPolicyNotifySequence OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The log file entry sequence number corresponding to this notification."
|
|
::= { tpt-tpa-unkparams 30 }
|
|
|
|
tptPolicyNotifyTraceBucket OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The bucket identifier for a packet trace."
|
|
::= { tpt-tpa-unkparams 36 }
|
|
|
|
tptPolicyNotifyTraceBegin OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The starting sequence number for a packet trace."
|
|
::= { tpt-tpa-unkparams 37 }
|
|
|
|
tptPolicyNotifyTraceEnd OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ending sequence number for a packet trace."
|
|
::= { tpt-tpa-unkparams 38 }
|
|
|
|
tptPolicyNotifyMessageParams OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A string containing parameters (separated by vertical bars) matching the
|
|
Message in the Digital Vaccine (the XML tag is Message)."
|
|
::= { tpt-tpa-unkparams 39 }
|
|
|
|
tptPolicyNotifyStartTimeNano OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The nanoseconds portion of tptPolicyNotifyStartTimeSec."
|
|
::= { tpt-tpa-unkparams 40 }
|
|
|
|
tptPolicyNotifyAlertType OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A bit field defined as follows:
|
|
0x0001 = Alert 0x0002 = Block 0x0020 = Peer-to-peer
|
|
0x0040 = Invalid 0x0080 = Threshold 0x0100 = Management."
|
|
::= { tpt-tpa-unkparams 41 }
|
|
|
|
tptPolicyNotifyInputMphy OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The physical input port of the triggering packet(s)."
|
|
::= { tpt-tpa-unkparams 57 }
|
|
|
|
tptPolicyNotifyVlanTag OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VLAN tag of the triggering packet(s)."
|
|
::= { tpt-tpa-unkparams 58 }
|
|
|
|
tptPolicyNotifyZonePair OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A string of the format <in zone UUID>:<out zone UUID> that identifies the
|
|
zone pair pertaining to this notification."
|
|
::= { tpt-tpa-unkparams 59 }
|
|
|
|
tptPolicyNotifyActionSetID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action set uuid associated with this notification."
|
|
::= { tpt-tpa-unkparams 130 }
|
|
|
|
tptPolicyNotifyRate OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rate-limit, in kbps, of the action set associated with this notification."
|
|
::= { tpt-tpa-unkparams 131 }
|
|
|
|
tptPolicyNotifyFlowControl OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action set flow control associated with this notification."
|
|
::= { tpt-tpa-unkparams 137 }
|
|
|
|
tptPolicyNotifyActionSetName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action set name associated with this notification."
|
|
::= { tpt-tpa-unkparams 138 }
|
|
|
|
tptPolicyNotifyClientip OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The client-ip associated with this notification."
|
|
::= { tpt-tpa-unkparams 139 }
|
|
|
|
tptPolicyNotifyMetadata OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The metadata associated with this notification."
|
|
::= { tpt-tpa-unkparams 140 }
|
|
|
|
tptPolicyNotifySslInspected OBJECT-TYPE
|
|
SYNTAX SslInspectedFlag
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A flag indicting if the notification is associated with an inspected SSL data stream. This flag is only present
|
|
on IPS and Quarantine events and doesn't apply to Reputation."
|
|
::= { tpt-tpa-unkparams 180 }
|
|
|
|
tptPolicyNotifyVirtualSegment OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..127))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "Virtual segment associated with this notification.
|
|
"
|
|
::= { tpt-tpa-unkparams 182 }
|
|
|
|
tptPolicyNotify NOTIFICATION-TYPE
|
|
OBJECTS { tptPolicyNotifyDeviceID, tptPolicyNotifyPolicyID,
|
|
tptPolicyNotifySignatureID, tptPolicyNotifyZonePair,
|
|
tptPolicyNotifyInputMphy, tptPolicyNotifyVlanTag,
|
|
tptPolicyNotifySrcNetAddr, tptPolicyNotifySrcNetPort,
|
|
tptPolicyNotifyDestNetAddr, tptPolicyNotifyDestNetPort,
|
|
tptPolicyNotifyProtocol, tptPolicyNotifyMessageParams,
|
|
tptPolicyNotifyHitCount, tptPolicyNotifyAggregationPeriod,
|
|
tptPolicyNotifyStartTimeSec, tptPolicyNotifyStartTimeNano,
|
|
tptPolicyNotifyAlertTimeSec, tptPolicyNotifyAlertTimeNano,
|
|
tptPolicyNotifyPacketTrace, tptPolicyNotifyTraceBucket,
|
|
tptPolicyNotifyTraceBegin, tptPolicyNotifyTraceEnd,
|
|
tptPolicyNotifyAlertAction, tptPolicyNotifyConfigAction,
|
|
tptPolicyNotifyComponentID, tptPolicyNotifyAlertType,
|
|
tptPolicyNotifySeverity, tptPolicyNotifySequence,
|
|
tptPolicyNotifySrcNetAddrV6, tptPolicyNotifyDestNetAddrV6,
|
|
tptPolicyNotifyActionSetID, tptPolicyNotifyRate,
|
|
tptPolicyNotifyFlowControl, tptPolicyNotifyActionSetName,
|
|
tptPolicyNotifyClientip, tptPolicyNotifyMetadata,
|
|
tptPolicyNotifySslInspected
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Notification: Used to inform the management station of a policy alert
|
|
action (either deny or allow) resulting from a signature match."
|
|
::= { tpt-tpa-eventsV2 8 }
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- SSL Inspection Policy Notifications
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
-- - - - - - - - - - - -
|
|
-- Textual Conventions
|
|
-- - - - - - - - - - - -
|
|
|
|
SslProtocol ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION "The SSL protocol version.
|
|
"
|
|
SYNTAX INTEGER { unknown(1), sslv3(2), tls10(3), tls11(4), tls12(5) }
|
|
|
|
SslInspEventType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION "The type of SSL connection, either inbound or outbound.
|
|
"
|
|
SYNTAX INTEGER { inbound(1), outbound(2) }
|
|
|
|
SslInspAction ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION "The action taken on an SSL connection.
|
|
"
|
|
SYNTAX INTEGER { decrypted(1), notDecrypted(2), blocked(3) }
|
|
|
|
-- - - - - - - - - - - - - - - - -
|
|
-- SSL Inspection Trap Parameters
|
|
-- - - - - - - - - - - - - - - - -
|
|
|
|
tptPolicyNotifySslInspEventType OBJECT-TYPE
|
|
SYNTAX SslInspEventType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The SSL connection type.
|
|
"
|
|
::= { tpt-tpa-unkparams 190 }
|
|
|
|
tptPolicyNotifySslInspAction OBJECT-TYPE
|
|
SYNTAX SslInspAction
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The SSL connection action taken.
|
|
"
|
|
::= { tpt-tpa-unkparams 191 }
|
|
|
|
tptPolicyNotifySslInspDetails OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "Free-form field that provides additional details for the action taken
|
|
on a SSL connection.
|
|
"
|
|
::= { tpt-tpa-unkparams 192 }
|
|
|
|
tptPolicyNotifySslInspPolicy OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..127))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The SSL inspection policy.
|
|
"
|
|
::= { tpt-tpa-unkparams 193 }
|
|
|
|
tptPolicyNotifySslInspCert OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..127))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The certificate used to decrypt SSL traffic.
|
|
"
|
|
::= { tpt-tpa-unkparams 194 }
|
|
|
|
tptPolicyNotifySslInspCltIF OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..40))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The client-side interface receiving SSL traffic.
|
|
"
|
|
::= { tpt-tpa-unkparams 195 }
|
|
|
|
tptPolicyNotifySslInspCltSslVer OBJECT-TYPE
|
|
SYNTAX SslProtocol
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The client-side SSL protocol version.
|
|
"
|
|
::= { tpt-tpa-unkparams 196 }
|
|
|
|
tptPolicyNotifySslInspCltCrypto OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..80))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The client-side SSL crypto-suite.
|
|
"
|
|
::= { tpt-tpa-unkparams 197 }
|
|
|
|
tptPolicyNotifySslInspSrvIF OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..40))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The server-side interface sending SSL traffic.
|
|
"
|
|
::= { tpt-tpa-unkparams 198 }
|
|
|
|
tptPolicyNotifySslInspSrvSslVer OBJECT-TYPE
|
|
SYNTAX SslProtocol
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The server-side SSL protocol version.
|
|
"
|
|
::= { tpt-tpa-unkparams 199 }
|
|
|
|
tptPolicyNotifySslInspSrvCrypto OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..80))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The server-side SSL crypto-suite.
|
|
"
|
|
::= { tpt-tpa-unkparams 200 }
|
|
|
|
tptPolicySslInspNotify NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tptPolicyNotifyDeviceID,
|
|
tptPolicyNotifyAlertTimeSec,
|
|
tptPolicyNotifyAlertTimeNano,
|
|
tptPolicyNotifySslInspEventType,
|
|
tptPolicyNotifySeverity,
|
|
tptPolicyNotifySslInspAction,
|
|
tptPolicyNotifySslInspDetails,
|
|
tptPolicyNotifyVirtualSegment,
|
|
tptPolicyNotifySslInspPolicy,
|
|
tptPolicyNotifySslInspCert,
|
|
tptPolicyNotifySslInspCltIF,
|
|
tptPolicyNotifySslInspCltSslVer,
|
|
tptPolicyNotifySslInspCltCrypto,
|
|
tptPolicyNotifySslInspSrvIF,
|
|
tptPolicyNotifySslInspSrvSslVer,
|
|
tptPolicyNotifySslInspSrvCrypto,
|
|
tptPolicyNotifySrcNetAddr,
|
|
tptPolicyNotifySrcNetPort,
|
|
tptPolicyNotifyDestNetAddr,
|
|
tptPolicyNotifyDestNetPort
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "A notification sent when an action is taken on a SSL connection.
|
|
"
|
|
::= { tpt-tpa-eventsV2 27 }
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Policy log notifications
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
tptPolicyLogNotifyDeviceID OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..40))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique identifier of the device sending this notification."
|
|
::= { tpt-tpa-unkparams 121 }
|
|
|
|
tptPolicyLogNotifyComponentID OBJECT-TYPE
|
|
SYNTAX PolicyComponent
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of log (alert, block, or peer) pertaining to this notification."
|
|
::= { tpt-tpa-unkparams 122 }
|
|
|
|
tptPolicyLogNotifyNumber OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of policy log entries since the last SMS log file retrieval."
|
|
::= { tpt-tpa-unkparams 123 }
|
|
|
|
tptPolicyLogNotifyTrigger OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of policy log entries needed to trigger this notification."
|
|
::= { tpt-tpa-unkparams 124 }
|
|
|
|
tptPolicyLogNotifySequence OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current log file entry sequence number."
|
|
::= { tpt-tpa-unkparams 125 }
|
|
|
|
tptPolicyLogNotify NOTIFICATION-TYPE
|
|
OBJECTS { tptPolicyLogNotifyDeviceID, tptPolicyLogNotifyComponentID,
|
|
tptPolicyLogNotifyNumber, tptPolicyLogNotifyTrigger,
|
|
tptPolicyLogNotifySequence }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Notification: Used to inform the management station that some number of
|
|
policy log entries of a particular type (alert, block, or peer) occurred
|
|
since the last time the management station retrieved the corresponding
|
|
log file."
|
|
::= { tpt-tpa-eventsV2 19 }
|
|
|
|
|
|
END
|
|
|