CISCO-TRUSTSEC-SXP-MIB
This MIB module is for the configuration and status query
of SGT Exchange Protocol over TCP (SXPoTCP) feature of the
device on the Cisco's Trusted Security (TrustSec) system.
Security Group Tag (SGT) identifying its source, assigned to a
packet on ingress to a TrustSec cloud, and used to determine
security and other policy to be applied to it along its path
through the cloud.
SXPoTCP protocol extends the original SGT Exchange Protocol
(SXP) protocol to enable a much wider array of deployment
scenarios. This MIB uses the term SXP to refer to SXPoTCP.
TrustSec secures a network fabric by authenticating and
authorizing each device connecting to the network, allowing
for the encryption, authentication and replay protection of data
traffic on a hop by hop basis. SXP allows the deployment
of RBACL, a key component of the TrustSec architecture, in the
absence of TrustSec capable hardware.
|
Imported Objects
| ciscoMgmt | CISCO-SMI |
| CiscoVrfName | CISCO-TC |
| CtsSxpConnectionStatus, CtsPassword, CtsPasswordEncryptionType, CtsSecurityGroupTag | CISCO-TRUSTSEC-TC-MIB |
| InterfaceIndexOrZero | IF-MIB |
| InetAddressPrefixLength, InetAddress, InetAddressType | INET-ADDRESS-MIB |
| SnmpAdminString | SNMP-FRAMEWORK-MIB |
| NOTIFICATION-GROUP, OBJECT-GROUP, MODULE-COMPLIANCE | SNMPv2-CONF |
| MODULE-IDENTITY, NOTIFICATION-TYPE, Gauge32, Unsigned32, OBJECT-TYPE | SNMPv2-SMI |
| TruthValue, StorageType, RowStatus | SNMPv2-TC |
Objects
  ciscoTrustSecSxpMIB  | .1.3.6.1.4.1.9.9.720 | |
| ciscoTrustSecSxpMIBNotifs | .1.3.6.1.4.1.9.9.720.0 | |
| ciscoTrustSecSxpMIBObjects | .1.3.6.1.4.1.9.9.720.1 | |
| ctsxSxpGlobalObjects | .1.3.6.1.4.1.9.9.720.1.1 | |
 ctsxSxpEnable | .1.3.6.1.4.1.9.9.720.1.1.1 | |
| ctsxSxpBindingChangesLogEnable | .1.3.6.1.4.1.9.9.720.1.1.10 | |
| ctsxSgtMapExpansionLimit | .1.3.6.1.4.1.9.9.720.1.1.11 | |
| ctsxSgtMapExpansionCount | .1.3.6.1.4.1.9.9.720.1.1.12 | |
| ctsxSxpAdminNodeId | .1.3.6.1.4.1.9.9.720.1.1.13 | |
| ctsxSxpNodeIdInterface | .1.3.6.1.4.1.9.9.720.1.1.14 | |
| ctsxSxpNodeIdIpAddrType | .1.3.6.1.4.1.9.9.720.1.1.15 | |
| ctsxSxpNodeIdIpAddr | .1.3.6.1.4.1.9.9.720.1.1.16 | |
| ctsxSxpOperNodeId | .1.3.6.1.4.1.9.9.720.1.1.17 | |
| ctsxSxpSpeakerMinHoldTime | .1.3.6.1.4.1.9.9.720.1.1.18 | |
| ctsxSxpListenerMinHoldTime | .1.3.6.1.4.1.9.9.720.1.1.19 | |
| ctsxSxpConfigDefaultPasswordType | .1.3.6.1.4.1.9.9.720.1.1.2 | |
| ctsxSxpListenerMaxHoldTime | .1.3.6.1.4.1.9.9.720.1.1.20 | |
| ctsxSxpVersionSupport | .1.3.6.1.4.1.9.9.720.1.1.21 | |
| ctsxSxpConfigDefaultPassword | .1.3.6.1.4.1.9.9.720.1.1.3 | |
| ctsxSxpViewDefaultPasswordType | .1.3.6.1.4.1.9.9.720.1.1.4 | |
| ctsxSxpViewDefaultPassword | .1.3.6.1.4.1.9.9.720.1.1.5 | |
| ctsxSxpDefaultSourceAddrType | .1.3.6.1.4.1.9.9.720.1.1.6 | |
| ctsxSxpDefaultSourceAddr | .1.3.6.1.4.1.9.9.720.1.1.7 | |
| ctsxSxpRetryPeriod | .1.3.6.1.4.1.9.9.720.1.1.8 | |
| ctsxSxpReconPeriod | .1.3.6.1.4.1.9.9.720.1.1.9 | |
| ctsxSxpConnectionObjects | .1.3.6.1.4.1.9.9.720.1.2 | |
 ctsxSxpConnectionTable | .1.3.6.1.4.1.9.9.720.1.2.1 | |
 ctsxSxpConnectionEntry | .1.3.6.1.4.1.9.9.720.1.2.1.1 | |
 ctsxSxpConnVrfName | .1.3.6.1.4.1.9.9.720.1.2.1.1.1 | |
| ctsxSxpConnConfigPassword | .1.3.6.1.4.1.9.9.720.1.2.1.1.10 | |
| ctsxSxpConnViewPasswordType | .1.3.6.1.4.1.9.9.720.1.2.1.1.11 | |
| ctsxSxpConnViewPassword | .1.3.6.1.4.1.9.9.720.1.2.1.1.12 | |
| ctsxSxpConnModeLocation | .1.3.6.1.4.1.9.9.720.1.2.1.1.13 | |
| ctsxSxpConnMode | .1.3.6.1.4.1.9.9.720.1.2.1.1.14 | |
| ctsxSxpConnInstance | .1.3.6.1.4.1.9.9.720.1.2.1.1.15 | |
| ctsxSxpConnStatusLastChange | .1.3.6.1.4.1.9.9.720.1.2.1.1.16 | |
| ctsxSxpConnStatus | .1.3.6.1.4.1.9.9.720.1.2.1.1.17 | |
| ctsxSxpVrfId | .1.3.6.1.4.1.9.9.720.1.2.1.1.18 | |
| ctsxSxpConnStorageType | .1.3.6.1.4.1.9.9.720.1.2.1.1.19 | |
| ctsxSxpConnPeerAddrType | .1.3.6.1.4.1.9.9.720.1.2.1.1.2 | |
| ctsxSxpConnRowStatus | .1.3.6.1.4.1.9.9.720.1.2.1.1.20 | |
| ctsxSxpConnVersion | .1.3.6.1.4.1.9.9.720.1.2.1.1.21 | |
| ctsxSxpConnSpeakerMinHoldTime | .1.3.6.1.4.1.9.9.720.1.2.1.1.22 | |
| ctsxSxpConnListenerMinHoldTime | .1.3.6.1.4.1.9.9.720.1.2.1.1.23 | |
| ctsxSxpConnListenerMaxHoldTime | .1.3.6.1.4.1.9.9.720.1.2.1.1.24 | |
| ctsxSxpConnHoldTime | .1.3.6.1.4.1.9.9.720.1.2.1.1.25 | |
| ctsxSxpConnCapability | .1.3.6.1.4.1.9.9.720.1.2.1.1.26 | |
| ctsxSxpConnBiDirListenerStatus | .1.3.6.1.4.1.9.9.720.1.2.1.1.27 | |
| ctsxSxpConnBiDirListenerHoldTime | .1.3.6.1.4.1.9.9.720.1.2.1.1.28 | |
| ctsxSxpConnPeerAddr | .1.3.6.1.4.1.9.9.720.1.2.1.1.3 | |
| ctsxSxpConnSourceAddrType | .1.3.6.1.4.1.9.9.720.1.2.1.1.4 | |
| ctsxSxpConnSourceAddr | .1.3.6.1.4.1.9.9.720.1.2.1.1.5 | |
| ctsxSxpConnOperSourceAddrType | .1.3.6.1.4.1.9.9.720.1.2.1.1.6 | |
| ctsxSxpConnOperSourceAddr | .1.3.6.1.4.1.9.9.720.1.2.1.1.7 | |
| ctsxSxpConnPasswordUsed | .1.3.6.1.4.1.9.9.720.1.2.1.1.8 | |
| ctsxSxpConnConfigPasswordType | .1.3.6.1.4.1.9.9.720.1.2.1.1.9 | |
| ctsxSxpSgtObjects | .1.3.6.1.4.1.9.9.720.1.3 | |
| ctsxIpSgtMappingTable | .1.3.6.1.4.1.9.9.720.1.3.1 | |
| ctsxIpSgtMappingEntry | .1.3.6.1.4.1.9.9.720.1.3.1.1 | |
| ctsxIpSgtMappingVrfId | .1.3.6.1.4.1.9.9.720.1.3.1.1.1 | |
| ctsxIpSgtMappingAddrType | .1.3.6.1.4.1.9.9.720.1.3.1.1.2 | |
| ctsxIpSgtMappingAddr | .1.3.6.1.4.1.9.9.720.1.3.1.1.3 | |
| ctsxIpSgtMappingPeerAddrType | .1.3.6.1.4.1.9.9.720.1.3.1.1.4 | |
| ctsxIpSgtMappingPeerAddr | .1.3.6.1.4.1.9.9.720.1.3.1.1.5 | |
| ctsxIpSgtMappingSgt | .1.3.6.1.4.1.9.9.720.1.3.1.1.6 | |
| ctsxIpSgtMappingInstance | .1.3.6.1.4.1.9.9.720.1.3.1.1.7 | |
| ctsxIpSgtMappingVrfName | .1.3.6.1.4.1.9.9.720.1.3.1.1.8 | |
| ctsxIpSgtMappingStatus | .1.3.6.1.4.1.9.9.720.1.3.1.1.9 | |
| ctsxSxpSgtMapTable | .1.3.6.1.4.1.9.9.720.1.3.2 | |
| ctsxSxpSgtMapEntry | .1.3.6.1.4.1.9.9.720.1.3.2.1 | |
| ctsxSxpSgtMapVrfId | .1.3.6.1.4.1.9.9.720.1.3.2.1.1 | |
| ctsxSxpSgtMapPeerSeq | .1.3.6.1.4.1.9.9.720.1.3.2.1.10 | |
| ctsxSxpSgtMapStatus | .1.3.6.1.4.1.9.9.720.1.3.2.1.11 | |
| ctsxSxpSgtMapAddrType | .1.3.6.1.4.1.9.9.720.1.3.2.1.2 | |
| ctsxSxpSgtMapAddr | .1.3.6.1.4.1.9.9.720.1.3.2.1.3 | |
| ctsxSxpSgtMapAddrPrefixLength | .1.3.6.1.4.1.9.9.720.1.3.2.1.4 | |
| ctsxSxpSgtMapPeerAddrType | .1.3.6.1.4.1.9.9.720.1.3.2.1.5 | |
| ctsxSxpSgtMapPeerAddr | .1.3.6.1.4.1.9.9.720.1.3.2.1.6 | |
| ctsxSxpSgtMapSgt | .1.3.6.1.4.1.9.9.720.1.3.2.1.7 | |
| ctsxSxpSgtMapInstance | .1.3.6.1.4.1.9.9.720.1.3.2.1.8 | |
| ctsxSxpSgtMapVrfName | .1.3.6.1.4.1.9.9.720.1.3.2.1.9 | |
| ciscoTrustSecSxpMIBNotifsControl | .1.3.6.1.4.1.9.9.720.1.4 | |
| ctsxSxpConnSourceAddrErrNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.1 | |
| ctsxSxpMsgParseErrNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.2 | |
| ctsxSxpConnConfigErrNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.3 | |
| ctsxSxpBindingErrNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.4 | |
| ctsxSxpConnUpNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.5 | |
| ctsxSxpConnDownNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.6 | |
| ctsxSxpExpansionFailNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.7 | |
| ctsxSxpOperNodeIdChangeNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.8 | |
| ctsxSxpBindingConflictNotifEnable | .1.3.6.1.4.1.9.9.720.1.4.9 | |
| ciscoTrustSecSxpMIBNotifsOnlyInfo | .1.3.6.1.4.1.9.9.720.1.5 | |
| ctsxSgtMapExpansionVrf | .1.3.6.1.4.1.9.9.720.1.5.1 | |
| ctsxSgtMapConflictingNewSgt | .1.3.6.1.4.1.9.9.720.1.5.10 | |
| ctsxSxpOldOperNodeId | .1.3.6.1.4.1.9.9.720.1.5.11 | |
| ctsxSgtMapExpansionAddrType | .1.3.6.1.4.1.9.9.720.1.5.2 | |
| ctsxSgtMapExpansionAddr | .1.3.6.1.4.1.9.9.720.1.5.3 | |
| ctsxSgtMapExpansionAddrPrefixLength | .1.3.6.1.4.1.9.9.720.1.5.4 | |
| ctsxSxpNotifErrMsg | .1.3.6.1.4.1.9.9.720.1.5.5 | |
| ctsxSgtMapConflictingVrfName | .1.3.6.1.4.1.9.9.720.1.5.6 | |
| ctsxSgtMapConflictingAddrType | .1.3.6.1.4.1.9.9.720.1.5.7 | |
| ctsxSgtMapConflictingAddr | .1.3.6.1.4.1.9.9.720.1.5.8 | |
| ctsxSgtMapConflictingOldSgt | .1.3.6.1.4.1.9.9.720.1.5.9 | |
| ciscoTrustSecSxpMIBConform | .1.3.6.1.4.1.9.9.720.2 | |
| ciscoTrustSecSxpMIBCompliances | .1.3.6.1.4.1.9.9.720.2.1 | |
| ciscoTrustSecSxpMIBGroups | .1.3.6.1.4.1.9.9.720.2.2 |
Notifications/Traps
| Name | OID | Description |
|---|---|---|
 ctsxSxpConnSourceAddrErrNotif | .1.3.6.1.4.1.9.9.720.0.1 | onnSourceAddrErrNotif is generated if the system is not able to establish SXP connection using ctsxSxpConnOperSourceAddr. |
| ctsxSxpMsgParseErrNotif | .1.3.6.1.4.1.9.9.720.0.2 | sgParseErrNotif is generated if the system is not able to parse a received SXP message. |
| ctsxSxpConnConfigErrNotif | .1.3.6.1.4.1.9.9.720.0.3 | onnConfigErrNotif is generated if the system detects a configuration error for an SXP connection. |
| ctsxSxpBindingErrNotif | .1.3.6.1.4.1.9.9.720.0.4 | indingErrNotif is generated if the address in the SGT mapping is not found in routing and forwarding table of the system. |
| ctsxSxpConnUpNotif | .1.3.6.1.4.1.9.9.720.0.5 | onnUpNotif is generated if the ctsxSxpConnStatus for an SXP connection transitioned into 'on' state. |
| ctsxSxpConnDownNotif | .1.3.6.1.4.1.9.9.720.0.6 | onnDownNotif is generated if ctsxSxpConnStatus for an SXP connection left the 'on' state and transitioned into some other state. |
| ctsxSxpExpansionFailNotif | .1.3.6.1.4.1.9.9.720.0.7 | xpansionFailNotif is generated if the number of expanded SGT maps reaches the configured limit and the received SGT mapping can not be expanded. |
| ctsxSxpOperNodeIdChangeNotif | .1.3.6.1.4.1.9.9.720.0.8 | perNodeIdChangeNotif is generated if the value of ctsxSxpOperNodeId changes. |
| ctsxSxpBindingConflictNotif | .1.3.6.1.4.1.9.9.720.0.9 | indingConflictNotif is generated if the device receives conflicting SGT mapping information. |