CISCO-LWAPP-IDS-MIB

This MIB is intended to be implemented on all those
        devices operating as Central Controllers (CC) that
        terminate the Light Weight Access Point Protocol
        tunnel from Light-weight LWAPP Access Points.
        
        This MIB provides the information used to integrate
        the LWAPP controller with external IDS/IPS
        applications.  LWAPP controllers interact with
        these applications to protect the network against
        various threats that would compromise the overall
        security of the network.
        
        The arrangement of the IDS / IPS applications, 
        controller (referred to as CC in the diagram) and the
        LWAPP APs appear as follows.
        
         +.......+                 +.......+
         +       +                 +       +
         +  IDS  +                 +  IDS  +
         +  IPS  +                 +  IPS  +
         +.......+                 +.......+
            .                         .
         .    .                     .   .
        .         .                .        .
        .            .             .            .
        +......+     +......+     +......+           +......+
        +      +     +      +     +      +           +      +
        +  CC  +     +  CC  +     +  CC  +           +  CC  +
        +      +     +      +     +      +           +      +
        +......+     +......+     +......+           +......+
        ..            .             .                 .
        ..            .             .                 .
        .  .            .             .                 .
        .    .            .             .                 .
        .      .            .             .                 .
        .        .            .             .                 .
        +......+ +......+     +......+      +......+          +......+
        +      + +      +     +      +      +      +          +      +
        +  AP  + +  AP  +     +  AP  +      +  AP  +          +  AP  +
        +      + +      +     +      +      +      +          +      +
        +......+ +......+     +......+      +......+          +......+
        .              .             .                 .
        .  .              .             .                 .
        .    .              .             .                 .
        .      .              .             .                 .
        .        .              .             .                 .
        +......+ +......+     +......+      +......+          +......+
        +      + +      +     +      +      +      +          +      +
        +  MN  + +  MN  +     +  MN  +      +  MN  +          +  MN  +
        +      + +      +     +      +      +      +          +      +
        +......+ +......+     +......+      +......+          +......+
        
        
        The LWAPP tunnel exists between the controller and
        the APs.  The MNs communicate with the APs through
        the protocol defined by the 802.11 standard.  The
        controllers and the IDS systems exchange information
        through Cisco proprietary event exchange mechanisms.
        
        LWAPP APs, upon bootup, discover and join one of the
        controllers and the controller pushes the configuration,
        that includes the WLAN parameters, to the LWAPP APs.
        The APs then encapsulate all the 802.11 frames from
        wireless clients inside LWAPP frames and forward
        the LWAPP frames to the controller.
        
        One or more controllers hold logical connections to 
        an IDS / IPS and interact with it to enforce security
        on the network.
        
                           GLOSSARY
        
        Access Point ( AP )
        
        An entity that contains an 802.11 medium access
        control ( MAC ) and physical layer ( PHY ) interface
        and provides access to the distribution services via
        the wireless medium for associated clients.  
        
        LWAPP APs encapsulate all the 802.11 frames in
        LWAPP frames and sends them to the controller to which
        it is logically connected.
        
        Central Controller ( CC )
        
        The central entity that terminates the LWAPP protocol
        tunnel from the LWAPP APs.  Throughout this MIB,
        this entity is also referred to as 'controller'.
        
        HyperText Transfer Protocol Over Secure Socket Layer
        (HTTPS) 
        
        HTTPS is a Web based protocol that encrypts and
        decrypts user page requests as well as the pages
        that are returned by the Web server. HTTPS uses
        port 443 instead of HTTP port 80 in its
        interactions with the lower layer, TCP/IP. SSL
        uses a 40-bit key for the RC4 stream encryption
        algorithm, which is considered an adequate degree
        of encryption for commercial exchange.
        
        Intrusion Detection System ( IDS )
        
        An IDS performs activities like enforcing security
        related policies, identifying and reporting attacks 
        on the network etc., thereby helping to improve
        the overall security of the enterprise network.
        
        Intrusion Prevention System ( IPS )
        
        An IPS offers significant protection to the network
        against viruses, worms, signature attacks etc.  This
        system detects L3 - L7 attacks.  This system can also
        instruct other IPS clients through standards based
        protocols to allow/block network access for specific
        network entities.
        
        Light Weight Access Point Protocol ( LWAPP )
        
        This is a generic protocol that defines the
        communication between the Access Points and the
        controller.
        
        Light Weight Access Point Protocol ( LWAPP )
        
        This is a generic protocol that defines the
        communication between the Access Points and the
        Access Routers.  Through this MIB,  the Access Routers
        are referred to by the term 'LWAPP controller' or
        just 'controller'.
        
        Mobile Node ( MN )
        
        A roaming 802.11 wireless device in a wireless
        network associated with an access point.
        
        Network Management System ( NMS )
        
        The station from which the administrator manages the
        wired and wireless networks.
        
        Secure Hash Algorithm ( SHA )               
        
        The SHA, developed by NIST for use with the Digital
        Signature Standard (DSS) is specified within the
        Secure Hash Standard (SHS).  SHA is a cryptographic
        message digest algorithm similar to the MD4 family
        of hash functions developed by Rivest. It differs
        from the MD4 hash functions in that it adds an
        additional expansion operation, an extra round and
        the whole transformation was designed to
        accomodate the DSS block size for efficiency.
        
        REFERENCE
        
        [1] Wireless LAN Medium Access Control ( MAC ) and
        Physical Layer ( PHY ) Specifications.
        
        [2] Draft-obara-capwap-lwapp-00.txt, IETF Light 
        Weight Access Point Protocol

Imported Objects

ciscoMgmtCISCO-SMI
InetAddressType, InetAddressINET-ADDRESS-MIB
SnmpAdminStringSNMP-FRAMEWORK-MIB
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUPSNMPv2-CONF
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32SNMPv2-SMI
TruthValue, TimeInterval, RowStatusSNMPv2-TC
ciscoLwappIdsMIB .1.3.6.1.4.1.9.9.519
ciscoLwappIdsMIBNotifs .1.3.6.1.4.1.9.9.519.0
ciscoLwappIdsShunClientUpdate .1.3.6.1.4.1.9.9.519.0.1
ciscoLwappIdsMIBObjects .1.3.6.1.4.1.9.9.519.1
ciscoLwappIdsConfig .1.3.6.1.4.1.9.9.519.1.1
cLIdsIpsSensorConfigTable .1.3.6.1.4.1.9.9.519.1.1.1
cLIdsIpsSensorConfigEntry .1.3.6.1.4.1.9.9.519.1.1.1.1
cLIdsIpsSensorAddressType .1.3.6.1.4.1.9.9.519.1.1.1.1.1
cLIdsIpsSensorAddress .1.3.6.1.4.1.9.9.519.1.1.1.1.2
cLIdsIpsSensorUserName .1.3.6.1.4.1.9.9.519.1.1.1.1.3
cLIdsIpsSensorPassword .1.3.6.1.4.1.9.9.519.1.1.1.1.4
cLIdsIpsSensorQueryInterval .1.3.6.1.4.1.9.9.519.1.1.1.1.5
cLIdsIpsSensorEnabled .1.3.6.1.4.1.9.9.519.1.1.1.1.6
cLIdsIpsSensorFingerPrintHex .1.3.6.1.4.1.9.9.519.1.1.1.1.7
cLIdsIpsSensorPort .1.3.6.1.4.1.9.9.519.1.1.1.1.8
cLIdsIpsSensorRowStatus .1.3.6.1.4.1.9.9.519.1.1.1.1.9
ciscoLwappIdsStatus .1.3.6.1.4.1.9.9.519.1.2
cLIdsClientExclTable .1.3.6.1.4.1.9.9.519.1.2.1
cLIdsClientExclEntry .1.3.6.1.4.1.9.9.519.1.2.1.1
cLIdsClientAddressType .1.3.6.1.4.1.9.9.519.1.2.1.1.1
cLIdsClientAddress .1.3.6.1.4.1.9.9.519.1.2.1.1.2
cLIdsClientTimeRemaining .1.3.6.1.4.1.9.9.519.1.2.1.1.3
ciscoLwappIdsMIBConform .1.3.6.1.4.1.9.9.519.2
ciscoLwappIdsMIBCompliances .1.3.6.1.4.1.9.9.519.2.1
ciscoLwappIdsMIBGroups .1.3.6.1.4.1.9.9.519.2.2