CISCO-THREAT-MITIGATION-SERVICE-MIB

This MIB provides management information about the Threat 
        Mitigation Service(TMS) entity named 'Consumer'. TMS is part
        of Cisco's Network Infection Containment (NIC) security 
        framework. The MIB is expected to be implemented on all 
        entities that act as TMS consumers.
        
        The NIC framework deals with threat mitigation. The NIC
        architecture consists of controllers and one or more consumers
        registered with these controllers. The controller is 
        responsible for detecting threats  and conveying the 
        information about the same to one or more consumers that
        could be the potential targets of the detected threat.  
        Upon receiving the  information about the threat from 
        the controller, the consumer responds with appropriate 
        mitigation  actions according to the policies configured 
        on it and as indicated in the threat notification message.
        
        TMS protocol is used for distribution and management of threat
        related information from the controller to consumers. 
        TMS runs over TIDP layer which is used as distribution layer.
        TIDP layer provides a secured connection between  the 
        controller and the consumers. TIDP also  provides group
        management services.
        
        Each consumer needs to participate in a TIDP group in order
        to receive threat notification message from controller 
        in that TIDP group. To participate in a TIDP group consumer
        needs to register with the controller of that group,
        from which it intends to receive threat messages. 
        
        When the controller needs to distribute the information   
        about a threat to one or more target TIDP groups or to   
        one particular consumer in a TIDP group, it delivers   
        the information to the respective entities through   
        TMS protocol messages.  Upon receiving the threat   
        notification message, consumer determines the appropriate
        mitigation action to  be executed, with the corresponding
        action parameters, based on the configuration and information
        available in threat message. The respective action is then 
        executed. 
        
        The state of threat is set according to the result of 
        enforcement action, e.g., upon successful application of 
        enforcement action it is marked as Active. The consumer then 
        responds to the controller with the results of the 
        mitigation action carried out for the threat.
        
                             GLOSSARY
                             --------
        
        Active Threat : A threat is active on a consumer if mitigation 
        action corresponding to the threat has been enforced 
        successfully.
        
        Inactive Threat : A threat is inactive on a consumer if
        mitigation action corresponding to the threat has been 
        undone successfully.
        
        ACL : Access Control List is the list of rules which are 
        used to filter or classify packets based on protocol
        parameters.
        
        ACL drop : ACL drop action refers to the drop action taken 
        on packets matching any of the filters in the access list.
        
        DSCP :  Differentiated Service Code Point is same as 'Type of 
        Service' field in IP header, used in reference to quality 
        of service.
        
        FPM : Flexible Packet Matching is a framework which provides 
        packet filtering based on pattern at any offset in the packet.
        
        FPM drop : FPM drop action refers to the drop action taken on
        packet filtered by FPM.
        
        TCDF : Traffic Classification Definition File gives 
        the XML description of traffic class.
        
        TIDP : Threat Information Distribution Protocol is a 
        distribution protocol, which provides a secured connectivity 
        between network devices. It also provides a group management
        function.
        
        TIDP group : A closed group of network devices which share  
        authentication and encryption keys for message exchange.
        
        TMS  : TMS protocol provides information about threats and the
        mitigation action required for the threats in a TIDP network.
        
        TIDP network : TIDP network comprises of one or more 
        TIDP groups.

Imported Objects

ciscoMgmtCISCO-SMI
ifIndexIF-MIB
InetAddress, InetAddressTypeINET-ADDRESS-MIB
SnmpAdminStringSNMP-FRAMEWORK-MIB
MODULE-COMPLIANCE, NOTIFICATION-GROUP, OBJECT-GROUPSNMPv2-CONF
Unsigned32, MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPESNMPv2-SMI
StorageType, RowStatus, DateAndTime, TruthValue, TEXTUAL-CONVENTIONSNMPv2-TC
ciscoThreatMitigationServiceMIB .1.3.6.1.4.1.9.9.603
ciscoTmsMIBNotifs .1.3.6.1.4.1.9.9.603.0
ciscoTmsConsStateChange .1.3.6.1.4.1.9.9.603.0.1
ciscoTmsControllerUnreachable .1.3.6.1.4.1.9.9.603.0.2
ciscoTmsThreatStatusChange .1.3.6.1.4.1.9.9.603.0.3
ciscoTmsMitigationActionFailed .1.3.6.1.4.1.9.9.603.0.4
ciscoTmsMIBObjects .1.3.6.1.4.1.9.9.603.1
ciTmsConsumerGlobals .1.3.6.1.4.1.9.9.603.1.1
ciTmsActiveThreats .1.3.6.1.4.1.9.9.603.1.1.1
ciTmsInActiveThreats .1.3.6.1.4.1.9.9.603.1.1.2
ciTmsConsumerDeviceId .1.3.6.1.4.1.9.9.603.1.1.3
ciTmsGroupsMaxEntries .1.3.6.1.4.1.9.9.603.1.1.4
ciTmsThreatsMaxEntries .1.3.6.1.4.1.9.9.603.1.1.5
ciTmsThreatActionMaxEntries .1.3.6.1.4.1.9.9.603.1.1.6
ciTmsInterfaceMaxEntries .1.3.6.1.4.1.9.9.603.1.1.7
ciTmsConsumerState .1.3.6.1.4.1.9.9.603.1.1.8
ciTmsConsumerGroup .1.3.6.1.4.1.9.9.603.1.2
ciTmsGroupTable .1.3.6.1.4.1.9.9.603.1.2.1
ciTmsGroupEntry .1.3.6.1.4.1.9.9.603.1.2.1.1
ciTmsGroupId .1.3.6.1.4.1.9.9.603.1.2.1.1.1
ciTmsControllerIpType .1.3.6.1.4.1.9.9.603.1.2.1.1.2
ciTmsControllerIp .1.3.6.1.4.1.9.9.603.1.2.1.1.3
ciTmsGroupConsumerRegStatus .1.3.6.1.4.1.9.9.603.1.2.1.1.4
ciTmsGroupNotifEnable .1.3.6.1.4.1.9.9.603.1.2.1.1.5
ciTmsGroupStorageType .1.3.6.1.4.1.9.9.603.1.2.1.1.6
ciTmsGroupRowStatus .1.3.6.1.4.1.9.9.603.1.2.1.1.7
ciTmsConsumerThreat .1.3.6.1.4.1.9.9.603.1.3
ciTmsThreatTable .1.3.6.1.4.1.9.9.603.1.3.1
ciTmsThreatEntry .1.3.6.1.4.1.9.9.603.1.3.1.1
ciTmsThreatOwner .1.3.6.1.4.1.9.9.603.1.3.1.1.1
ciTmsThreatId .1.3.6.1.4.1.9.9.603.1.3.1.1.2
ciTmsThreatVer .1.3.6.1.4.1.9.9.603.1.3.1.1.3
ciTmsThreatStatus .1.3.6.1.4.1.9.9.603.1.3.1.1.4
ciTmsThreatClass .1.3.6.1.4.1.9.9.603.1.3.1.1.5
ciTmsThreatName .1.3.6.1.4.1.9.9.603.1.3.1.1.6
ciTmsThreatActiveTimeDuration .1.3.6.1.4.1.9.9.603.1.3.1.1.7
ciTmsThreatPriority .1.3.6.1.4.1.9.9.603.1.3.1.1.8
ciTmsThreatTcdf .1.3.6.1.4.1.9.9.603.1.3.1.1.9
ciTmsThreatActionTable .1.3.6.1.4.1.9.9.603.1.3.2
ciTmsThreatActionEntry .1.3.6.1.4.1.9.9.603.1.3.2.1
ciTmsThreatAction .1.3.6.1.4.1.9.9.603.1.3.2.1.1
ciTmsThreatActionParamId .1.3.6.1.4.1.9.9.603.1.3.2.1.2
ciTmsThreatActionParamType .1.3.6.1.4.1.9.9.603.1.3.2.1.3
ciTmsThreatActionParamLength .1.3.6.1.4.1.9.9.603.1.3.2.1.4
ciTmsThreatActionParamValue .1.3.6.1.4.1.9.9.603.1.3.2.1.5
ciTmsThreatActionFailReason .1.3.6.1.4.1.9.9.603.1.3.2.1.6
ciTmsThreatInterfaceTable .1.3.6.1.4.1.9.9.603.1.3.3
ciTmsThreatInterfaceEntry .1.3.6.1.4.1.9.9.603.1.3.3.1
ciThreatInterfaceMitigationApplied .1.3.6.1.4.1.9.9.603.1.3.3.1.1
ciTiTmsConsumerNotifs .1.3.6.1.4.1.9.9.603.1.4
ciTmsConsStateChangeNotifEnable .1.3.6.1.4.1.9.9.603.1.4.1
ciscoTmsMIBConform .1.3.6.1.4.1.9.9.603.2
ciscoTmsMIBCompliances .1.3.6.1.4.1.9.9.603.2.1
ciscoTmsMIBGroups .1.3.6.1.4.1.9.9.603.2.2