237 lines
7.8 KiB
Plaintext
237 lines
7.8 KiB
Plaintext
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -c
|
|
--
|
|
-- Trend Micro, Inc.
|
|
-- Copyright information is in the DESCRIPTION section of the MODULE-IDENTITY.
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
TPT-NGFW-USER-MIB
|
|
|
|
DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
InetAddress,
|
|
InetAddressType
|
|
FROM INET-ADDRESS-MIB
|
|
|
|
MODULE-COMPLIANCE,
|
|
NOTIFICATION-GROUP,
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
|
|
MODULE-IDENTITY,
|
|
NOTIFICATION-TYPE,
|
|
OBJECT-TYPE
|
|
FROM SNMPv2-SMI
|
|
|
|
DateAndTime
|
|
FROM SNMPv2-TC
|
|
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB
|
|
|
|
tptNgfwSystemSerial
|
|
FROM TPT-NGFW-SYSTEM-INFO-MIB
|
|
|
|
tpt-ngfw-compls,
|
|
tpt-ngfw-groups,
|
|
tpt-ngfw-objs,
|
|
tpt-ngfw-eventsV2,
|
|
tpt-ngfw-params,
|
|
tptNgfwNotifySeverity
|
|
FROM TPT-NGFW-REG-MIB
|
|
;
|
|
|
|
tptNgfwPolicy MODULE-IDENTITY
|
|
LAST-UPDATED "201605251854Z" -- May 25, 2016
|
|
ORGANIZATION "Trend Micro, Inc."
|
|
CONTACT-INFO "www.trendmicro.com"
|
|
DESCRIPTION
|
|
"
|
|
User information for TippingPoint Next-Generation Firewall products.
|
|
|
|
Copyright (C) 2016 Trend Micro Incorporated. All Rights Reserved.
|
|
|
|
Trend Micro makes no warranty of any kind with regard to this material,
|
|
including, but not limited to, the implied warranties of merchantability
|
|
and fitness for a particular purpose. Trend Micro shall not be liable for
|
|
errors contained herein or for incidental or consequential damages in
|
|
connection with the furnishing, performance, or use of this material. This
|
|
document contains proprietary information, which is protected by copyright. No
|
|
part of this document may be photocopied, reproduced, or translated into
|
|
another language without the prior written consent of Trend Micro. The
|
|
information is provided 'as is' without warranty of any kind and is subject to
|
|
change without notice. The only warranties for Trend Micro products and
|
|
services are set forth in the express warranty statements accompanying such
|
|
products and services. Nothing herein should be construed as constituting an
|
|
additional warranty. Trend Micro shall not be liable for technical or editorial
|
|
errors or omissions contained herein. TippingPoint(R), the TippingPoint logo, and
|
|
Digital Vaccine(R) are registered trademarks of Trend Micro. All other company
|
|
and product names may be trademarks of their respective holders. All rights
|
|
reserved. This document contains confidential information, trade secrets or
|
|
both, which are the property of Trend Micro. No part of this documentation may
|
|
be reproduced in any form or by any means or used to make any derivative work
|
|
(such as translation, transformation, or adaptation) without written permission
|
|
from Trend Micro or one of its subsidiaries. All other company and product
|
|
names may be trademarks of their respective holders.
|
|
"
|
|
|
|
REVISION "201605251854Z" -- May 25, 2016
|
|
DESCRIPTION "Updated copyright information. Minor MIB syntax fixes."
|
|
|
|
REVISION "201304031200Z"
|
|
DESCRIPTION "Initial version of NGFW User MIB."
|
|
|
|
::= { tpt-ngfw-objs 4 }
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- User Authentication & Account/IP Block Notifications
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
tptNgfwUserAuthFailNotify NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tptNgfwSystemSerial,
|
|
tptNgfwUserAuthName,
|
|
tptNgfwUserAuthFailNotifyReason,
|
|
tptNgfwUserAuthSrcIpAddrType,
|
|
tptNgfwUserAuthSrcIpAddr,
|
|
tptNgfwUserAuthNotifySource,
|
|
tptNgfwNotifySeverity
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "A notification sent when a user attempts to log into the device
|
|
but fails to authenticate.
|
|
"
|
|
::= { tpt-ngfw-eventsV2 18 }
|
|
|
|
tptNgfwUserAuthLockedAccountNotify NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tptNgfwSystemSerial,
|
|
tptNgfwUserAuthName,
|
|
tptNgfwUserAuthSrcIpAddrType,
|
|
tptNgfwUserAuthSrcIpAddr,
|
|
tptNgfwUserAuthLockedTime,
|
|
tptNgfwUserAuthNotifySource,
|
|
tptNgfwNotifySeverity
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "A notification sent when a user account is locked after exceeding the
|
|
allowed number of login attempts.
|
|
"
|
|
::= { tpt-ngfw-eventsV2 19 }
|
|
|
|
tptNgfwUserAuthLockedIpNotify NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tptNgfwSystemSerial,
|
|
tptNgfwUserAuthSrcIpAddrType,
|
|
tptNgfwUserAuthSrcIpAddr,
|
|
tptNgfwUserAuthLockedTime,
|
|
tptNgfwNotifySeverity
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "A notification sent when too many failed login attempts occur from
|
|
the same source IP address.
|
|
"
|
|
::= { tpt-ngfw-eventsV2 20 }
|
|
|
|
tptNgfwUserAuthName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..40))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The name of a user.
|
|
"
|
|
::= { tpt-ngfw-params 73 }
|
|
|
|
tptNgfwUserAuthFailNotifyReason OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..80))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The reason for the user authentication failure.
|
|
"
|
|
::= { tpt-ngfw-params 74 }
|
|
|
|
tptNgfwUserAuthSrcIpAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The type of IP address of the source IP address object.
|
|
"
|
|
::= { tpt-ngfw-params 75 }
|
|
|
|
tptNgfwUserAuthSrcIpAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The device IP from where the user attempted to authenticate.
|
|
"
|
|
::= { tpt-ngfw-params 76 }
|
|
|
|
tptNgfwUserAuthNotifySource OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..40))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The source or interface (SSH, LSM, SMS, Console) used to make
|
|
an authentication attempt.
|
|
"
|
|
::= { tpt-ngfw-params 77 }
|
|
|
|
tptNgfwUserAuthLockedTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION "The time a user account or IP address was locked.
|
|
"
|
|
::= { tpt-ngfw-params 78 }
|
|
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Groups
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
tptNgfwUserGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tptNgfwUserAuthName,
|
|
tptNgfwUserAuthFailNotifyReason,
|
|
tptNgfwUserAuthSrcIpAddrType,
|
|
tptNgfwUserAuthSrcIpAddr,
|
|
tptNgfwUserAuthNotifySource,
|
|
tptNgfwUserAuthLockedTime
|
|
}
|
|
|
|
STATUS current
|
|
DESCRIPTION "User group containing objects related to user stats.
|
|
"
|
|
::= { tpt-ngfw-groups 11 }
|
|
|
|
tptNgfwUserNotificationGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
tptNgfwUserAuthFailNotify,
|
|
tptNgfwUserAuthLockedAccountNotify,
|
|
tptNgfwUserAuthLockedIpNotify
|
|
}
|
|
|
|
STATUS current
|
|
DESCRIPTION "Group for all user notifications.
|
|
"
|
|
::= { tpt-ngfw-groups 12 }
|
|
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
--
|
|
-- Compliances
|
|
--
|
|
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
|
|
|
|
tptNgfwUserCompl MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION "Compliance group for user MIB.
|
|
"
|
|
MODULE
|
|
MANDATORY-GROUPS { tptNgfwUserGroup, tptNgfwUserNotificationGroup }
|
|
::= { tpt-ngfw-compls 5 }
|
|
|
|
END
|