CISCO-DOT11-SSID-SECURITY-MIB

This MIB module provides network management  
        support for Cisco IEEE 802.11 Wireless LAN
        devices association and authentication.
        
                  ACRONYMS 
        AES 
            Advanced Encryption Standard.
        
        AP   
            Access point.
        
        AID 
            Association IDentifier for wireless stations.  
        
        BSS
            IEEE 802.11 Basic Service Set.
        
        BSSID
            Basic SSID, a MAC address.
        
        CCKM
            Cisco Central Key Management.
        
        CCMP
            Code Mode/CBC Mac Protocol.
        
        CKIP        
            Cisco per packet key hashing.
        
        CMIC        
            Cisco MMH MIC.
        
        CRC 
            Cyclic Redundancy Check.  
        
        DTIM
            Data Traffic Indication Map
        
        EAP
            Extensible Authentication Protocol.  
        
        GRE
            Generic Routing Encapsulation
        
        IAPP
            Inter-Access-Point Protocol.  
        
        ICV
            Integrity Check Value.  
        
        MBSSID
            Multiple Basic SSID.
        
        MIC
            Message Integrity Check.  
        
        MMH
            Multi-Modal Hashing.
        
        MMIC  
            Michael MIC.
        
        RF
            Radio Frequency.
        
        SSID
            Radio Service Set Id.  
        
        SSIDL IE
            SSID List Information Element
        
        STA 
            IEEE 802.11 wireless station.
        
        TKIP    
            WPA Temporal Key encryption.
        
        VLAN 
            Virtual LAN.
        
        WEP
            Wired Equivalent Privacy.
        
        WPA 
            Wi-Fi Protected Access.
        
        WPS
            Wireless Provisioning System.
        
        
                  GLOSSARY 
        
        Access point    
            Transmitter/receiver (transceiver) device
            that commonly connects and transports data 
            between a wireless network and a wired network.
        
        Association
            The service used to establish access point
            or station mapping and enable STA invocation
            of the distribution system services.
            (Wireless clients attempt to connect to 
            access points.)
        
        Basic Service Set
            The IEEE 802.11 BSS of an AP comprises of the 
            stations directly associating with the AP.
        
        Backup VLAN
            Wireless clients found to be running outdated/
            unsupported virus software and not compliant to
            network admission control guidelines need to be 
            placed on different VLANs than the intended normal
            VLAN.  These VLANs on which the non-compliant
            clients are placed are termed as Backup VLANs.
            Backup VLANs are used to quarantine the 
            non-compliant clients running incorrect software
            till they upgrade their software to the correct
            version.
        
        Bridge    
            Device that connects two or more segments 
            and reduces traffic by analyzing the 
            destination address, filtering the frame,
            and forwarding the frame to all connected 
            segments.
        
        Bridge AP 
            It is an AP that functions as a transparent 
            bridge between 2 wired LAN segments.  
        
        Broadcast SSID 
            Clients can send out Broadcast SSID Probe 
            Requests to a nearby AP, and the AP will 
            broadcast its own SSID within its beacons
            to response to clients. Clients can use this 
            Broadcast SSID to associate and communicate 
            with the AP.  
        
        Extensible Authentication Protocol
            EAP acts as the interface between a wireless 
            client and an authentication server, such as a 
            RADIUS server, to which the access point 
            communicates over the wired network.
        
        IEEE 802.11    
            Standard to encourage interoperability among 
            wireless networking equipment.
        
        IEEE 802.11b    
            High-rate wireless LAN standard for wireless 
            data transfer at up to 11 Mbps.
        
        IEEE P802.11g 
            Higher Speed Physical Layer (PHY) Extension to 
            IEEE 802.11b, will boost wireless LAN speed to 54 
            Mbps by using OFDM (orthogonal frequency division 
            multiplexing).  The IEEE 802.11g specification is 
            backward compatible with the widely deployed IEEE 
            802.11b standard.
        
        Inter-Access-Point Protocol 
            The IEEE 802.11 standard does not define how 
            access points track moving users or how to 
            negotiate a handoff from one access point to the
            next, a process referred to as roaming.  IAPP is
            a Cisco proprietary protocol to support roaming.  
            However, IAPP does not address how the wireless 
            system tracks users moving from one subnet to 
            another.
        
        Independent network    
            Network that provides peer-to-peer connectivity 
            without relying on a complete network 
            infrastructure.
        
        Information Element 
            Optional wireless network management data element
            in the beacons and probe responses generated by
            wireless stations.  These elements identify the
            extended capabilities supported by the stations.
        
        Integrity Check Value
            The WEP ICV shall be a 32-bit value containing
            the 32-bit cyclic redundancy code designed for 
            verifying wireless data frame integrity.   
        
        Message Integrity Check 
            A MIC can, optionally, be added to WEP-encrypted 
            802.11 frames.  MIC prevents attacks on encrypted 
            packets.  MIC, implemented on both the access point 
            and all associated client devices, adds a few bytes
            to each packet to make the packets tamper-proof.  
        
        Multiple BSS-ID 
            An access point radio broadcasts and advertises
            multiple SSIDs in the beacons.  For clients'
            prospective, it is like there are multiple access
            points existing in the wireless network. 
        
        Native VLAN ID
            A switch port and/or AP can be configured with a 
            'native VLAN ID'.  Untagged or priority-tagged 
            frames are implicitly associated with the native 
            VLAN ID.  The default native VLAN ID is '1' if 
            VLAN tagging is enabled.  The native VLAN ID is '0' 
            or 'no VLAN ID' if VLAN tagging is not enabled.
        
        Non-Root Bridge 
            This wireless bridge does not connect to the main 
            wired LAN segment.  It connects to a remote wired 
            LAN segment and can associate with root bridges and 
            other non-root bridges that accept client 
            associations.  It also can accept associations from
            other non-root bridges, repeater access points, 
            and client devices.
        
        Primary LAN
            In an AP, if the destinations of inbound unicast 
            frames are unknown, the frames are sent toward 
            the primary LAN defined on the device.
        
        Repeater    
            Device that connects multiple segments, 
            listening to each and regenerating the signal
            on one to every other connected one; so that 
            the signal can travel further.
        
        Repeater or Non-root Access Point    
            The repeater access point is not connected 
            to the wired LAN.  The Repeater is a wireless 
            LAN transceiver that transfers data between 
            a client and another access point, another 
            repeater, or between two bridges.  The repeater 
            is placed within radio range of an access point 
            connected to the wired LAN, another repeater, or 
            an non-root bridge to extend the range of the 
            infrastructure.
        
        Radio Frequency 
            Radio wave and modulation process or operation.
        
        Root Access Point    
            This access point connects clients to the main 
            wired LAN.
        
        Root (Wireless) Bridge    
            This wireless bridge connects to the main wired 
            LAN.  It can communicate with non-root wireless 
            bridges, repeater access points, and client 
            devices but not with another wireless root 
            bridge.  Only one wireless bridge in a wireless 
            LAN can be set as the wireless root bridge.  
        
        Service Set ID
            SSID is a unique identifier that APs and clients 
            use to identify with each other.  SSID is a simple 
            means of access control and is not for security.  
            The SSID can be any alphanumeric entry up to 32 
            characters.
        
        Virtual LAN
            VLAN defined in the IEEE 802.1Q VLAN standard 
            supports logically segmenting of LAN 
            infrastructure into different subnets or 
            workgroups so that packets are switched only 
            between ports within the same VLAN.  
        
        VLAN ID
            Each VLAN is identified by a 12-bit 'VLAN ID'.   
            A VLAN ID of '0' is used to indicate 
            'no VLAN ID'.  Valid VLAN IDs range from '1' to 
            '4095'.  VLAN of ID '4095' is the default VLAN 
            for Cisco VoIP Phones.
        
        Wired Equivalent Privacy
            WEP is generally used to refer to 802.11 
            encryption.

Imported Objects

CDot11IfVlanIdOrZeroCISCO-DOT11-IF-MIB
ciscoMgmtCISCO-SMI
dot11AuthenticationAlgorithmsIndexIEEE802dot11-MIB
ifIndexIF-MIB
InetAddressType, InetAddressINET-ADDRESS-MIB
SnmpAdminStringSNMP-FRAMEWORK-MIB
MODULE-COMPLIANCE, OBJECT-GROUPSNMPv2-CONF
MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32SNMPv2-SMI
TEXTUAL-CONVENTION, MacAddress, RowStatus, TruthValueSNMPv2-TC
ciscoDot11SsidSecMIB .1.3.6.1.4.1.9.9.413
ciscoDot11SsidSecMIBObjects .1.3.6.1.4.1.9.9.413.1
cdot11SecSsidManagement .1.3.6.1.4.1.9.9.413.1.1
cdot11SecAuxSsidTable .1.3.6.1.4.1.9.9.413.1.1.1
cdot11SecAuxSsidEntry .1.3.6.1.4.1.9.9.413.1.1.1.1
cdot11SecAuxSsid .1.3.6.1.4.1.9.9.413.1.1.1.1.1
cdot11SecAuxSsidLoginPassword .1.3.6.1.4.1.9.9.413.1.1.1.1.10
cdot11SecAuxSsidAuthKeyMgmt .1.3.6.1.4.1.9.9.413.1.1.1.1.11
cdot11SecAuxSsidAuthKeyMgmtOpt .1.3.6.1.4.1.9.9.413.1.1.1.1.12
cdot11SecAuxSsidRowStatus .1.3.6.1.4.1.9.9.413.1.1.1.1.13
cdot11SecAuxSsidWirelessNetId .1.3.6.1.4.1.9.9.413.1.1.1.1.14
cdot11SecSsidRedirectAddrType .1.3.6.1.4.1.9.9.413.1.1.1.1.15
cdot11SecSsidRedirectDestAddr .1.3.6.1.4.1.9.9.413.1.1.1.1.16
cdot11SecSsidRedirectFilter .1.3.6.1.4.1.9.9.413.1.1.1.1.17
cdot11SecSsidInformationElement .1.3.6.1.4.1.9.9.413.1.1.1.1.18
cdot11SecAuxSsidVlanName .1.3.6.1.4.1.9.9.413.1.1.1.1.19
cdot11SecAuxSsidBroadcast .1.3.6.1.4.1.9.9.413.1.1.1.1.2
cdot11SecAuxSsidMbssidBroadcast .1.3.6.1.4.1.9.9.413.1.1.1.1.20
cdot11SecAuxSsidMbssidDtimPeriod .1.3.6.1.4.1.9.9.413.1.1.1.1.21
cdot11SecAuxSsidInfraStruct .1.3.6.1.4.1.9.9.413.1.1.1.1.3
cdot11SecAuxSsidProxyMobileIp .1.3.6.1.4.1.9.9.413.1.1.1.1.4
cdot11SecAuxSsidMaxStations .1.3.6.1.4.1.9.9.413.1.1.1.1.5
cdot11SecAuxSsidVlan .1.3.6.1.4.1.9.9.413.1.1.1.1.6
cdot11SecAuxSsidWpaPsk .1.3.6.1.4.1.9.9.413.1.1.1.1.7
cdot11SecAuxRadiusAccounting .1.3.6.1.4.1.9.9.413.1.1.1.1.8
cdot11SecAuxSsidLoginUsername .1.3.6.1.4.1.9.9.413.1.1.1.1.9
cdot11SecAuxSsidAuthTable .1.3.6.1.4.1.9.9.413.1.1.2
cdot11SecAuxSsidAuthEntry .1.3.6.1.4.1.9.9.413.1.1.2.1
cdot11SecAuxSsidAuthEnabled .1.3.6.1.4.1.9.9.413.1.1.2.1.1
cdot11SecAuxSsidAuthPlusEap .1.3.6.1.4.1.9.9.413.1.1.2.1.2
cdot11SecAuxSsidAuthPlusMac .1.3.6.1.4.1.9.9.413.1.1.2.1.3
cdot11SecAuxSsidAuthEapMethod .1.3.6.1.4.1.9.9.413.1.1.2.1.4
cdot11SecAuxSsidAuthMacMethod .1.3.6.1.4.1.9.9.413.1.1.2.1.5
cdot11SecAuxSsidAuthMacAlternate .1.3.6.1.4.1.9.9.413.1.1.2.1.6
cdot11SecInterfSsidTable .1.3.6.1.4.1.9.9.413.1.1.3
cdot11SecInterfSsidEntry .1.3.6.1.4.1.9.9.413.1.1.3.1
cdot11SecInterfSsidRowStatus .1.3.6.1.4.1.9.9.413.1.1.3.1.1
cdot11MbssidMacAddrSupportTable .1.3.6.1.4.1.9.9.413.1.1.4
cdot11MbssidMacAddrSupportEntry .1.3.6.1.4.1.9.9.413.1.1.4.1
cdot11MbssidMacAddrIndex .1.3.6.1.4.1.9.9.413.1.1.4.1.1
cdot11MbssidMacAddrSupported .1.3.6.1.4.1.9.9.413.1.1.4.1.2
cdot11MbssidInterfaceTable .1.3.6.1.4.1.9.9.413.1.1.5
cdot11MbssidInterfaceEntry .1.3.6.1.4.1.9.9.413.1.1.5.1
cdot11MbssidIfMacAddress .1.3.6.1.4.1.9.9.413.1.1.5.1.1
cdot11MbssidIfBroadcast .1.3.6.1.4.1.9.9.413.1.1.5.1.2
cdot11SecSsidMaxBackupVlans .1.3.6.1.4.1.9.9.413.1.1.6
cdot11SecSsidBackupVlanTable .1.3.6.1.4.1.9.9.413.1.1.7
cdot11SecSsidBackupVlanEntry .1.3.6.1.4.1.9.9.413.1.1.7.1
cdot11SecSsidBackupVlan .1.3.6.1.4.1.9.9.413.1.1.7.1.1
cdot11SecSsidBackupVlanRowStatus .1.3.6.1.4.1.9.9.413.1.1.7.1.2
cdot11SecAuthManagement .1.3.6.1.4.1.9.9.413.1.2
cdot11SecLocalAuthServerEnabled .1.3.6.1.4.1.9.9.413.1.2.1
cdot11SecStatistics .1.3.6.1.4.1.9.9.413.1.3
cdot11SecVlanManagement .1.3.6.1.4.1.9.9.413.1.4
cdot11SecVlanNameTable .1.3.6.1.4.1.9.9.413.1.4.1
cdot11SecVlanNameEntry .1.3.6.1.4.1.9.9.413.1.4.1.1
cdot11SecVlanName .1.3.6.1.4.1.9.9.413.1.4.1.1.1
cdot11SecVlanNameId .1.3.6.1.4.1.9.9.413.1.4.1.1.2
cdot11SecVlanNameRowStatus .1.3.6.1.4.1.9.9.413.1.4.1.1.3
ciscoDot11SsidSecMIBConformance .1.3.6.1.4.1.9.9.413.2
ciscoDot11SsidSecMIBCompliances .1.3.6.1.4.1.9.9.413.2.1
ciscoDot11SsidSecMIBGroups .1.3.6.1.4.1.9.9.413.2.2