Overview of Cisco Firewall MIB
        This MIB Module models status and performance
        statistics pertaining to the common features supported
        by Cisco firewall implementations. For each firewall 
        feature, capability (if applicable) and statistics are
        defined. Supporting the configuration of firewall 
        features is outside the scope of this MIB.
        Following are the major firewall features:
        1) 'Stateful Packet Filtering'
             Creating and maintaining the state of authorized 
             traffic flows dynamically to permit only
             flows authorized by the policy is a mandatory 
             function of a firewall.  
             This MIB instruments the activity and memory
             usage by this function.
        2) 'Application Inspection'
             This refers to the function of inspecting the
             headers of layer 3 and layer 4 protocols and
             creating dynamic entries in the connection
             table for traffic flows spawned by an already
             established traffic flow.
             This MIB reflects the protocols that are being 
        3) 'URL Filtering'
             This refers to the function of facilitating
             or restricting URL access requests through
             the firewall by consulting either local policy
             or that configured on a dedicated URL filtering
             This MIB instruments the URL filtering activity,
             the status and activity of distinct URL filtering
             servers configured on the firewall and the
             impact of the performance of the URL filtering
             servers on the latency and throughput of the
        4) 'Proxy Authentication'
             This refers to the function of authenticating
             and/or authorizing users on behalf of servers
             on the secure side of the firewall. This operation
             could affect the throughput of the firewall.
             The MIB objects pertaining to Proxy Authentication
             will be defined in a subsequent revision of this
        5) 'Transparent Mode Operation'
             A firewall could operate as a bridge and yet
             filter traffic based on layer 3-layer 7 control
             and payload information. Operating in this mode
             makes it easy to implement a firewall without
             fragmenting existing subnets. Another advantage
             of this mode of operation is enhanced security.
             This MIB instruments the status, activity, 
             and performance of the firewall in this mode.
             Please note that to fully manage a firewall
             operating in this mode, the firewall must also
             support the bridge MIB (BRIDGE-MIB).
        6) 'Advanced Application Inspection and Control'
             This function is also termed 'Application
             Firewall' and pertains to inspecting payload and
             headers of application traffic to make sure the
             traffic flows conform to the configured security
             Monitoring this function entails identifying the
             security alerts generated by this function and 
             measuring the impact on firewall performance by
             this task. Application Firewall will be 
             instrumented in a separate MIB dedicated for the
        7) 'Failover' or 'Redundancy'
             Redundancy configuration is essential for business
             critical firewalls.
             Instrumenting this function entails reflecting
             the configuration of redundancy and identifying
             failover events.
             The MIB objects pertaining to Proxy Authentication
             will be defined in a subsequent revision of this
        The management information for each firewall feature
        is defined in a distinct module compliance unit. The 
        compliance units corresponding to basic features of 
        firewalls are defined as mandatory.
        Following are definitions of some terms used in this
        module. Please refer to the module conformance for a
        glossary of feature-specific terms.
            A firewall is a set of related programs, 
            implemented on a host or a network device, that
            protects the resources of a private network from
            users from other networks. Common firewalling
            functions include stateful packet filtering,
            proxy authentication of users on behalf of 
            applications on the secure side of the firewall,
            URL access control, inspection of payload of 
            traffic streams to determine security threats.
         `Layer2 Firewall' or 'Transparent Firewall'
            A firewall device that operates as a bridge
            while performing firewalling function.
            The record in the firewall of a traffic strean
            that has been authorized to flow through the 
         `Half Open Connection'
            For a connection oriented protocol: a connection
            that has not reached the established on both the
            sides of the connection.
            For a connection-less protocol: the connection
            corresponding to a traffic stream where traffic
            flow has occurred (since the establishment of the
            connection entry) only on one direction.
         `Embryonic Connection'
            The connection entry corresponding to an 
            application layer protocol in which the signaling
            channel has been established while the setup of
            the data channel is underway.
            An element of firewall configuration that
            identifies the access rights to a resource by a
            traffic source. An example of a policy is an 
            Access Control Rule.
         `Policy Target'
            An entity to which a policy is applied so that 
            the action corresponding to the policy is taken
            only on traffic streams associated with the
            entity. An example of a policy target is an 
         `URL Filtering Server'
            A server which is employed by the firewall to 
            enforce URL access policies.
         `Protocol Data Unit' or PDU
            An instance of the unit of information using which
            a protocol operates is called the Protocol Data
            Unit or the PDU of the protocol.
         `Deep Packet Inspection'
            The task of examining the contents of the payloads
            of one or more layer 7 application protocols 
            with a view to enforcing the local security
            policies termed 'Deep Packet Inspection'.
         `Advanced Application Inspection and Control'
            An entity that performs deep packet inspection
            of layer 7 application protocol data units is
            termed an 'Application Firewall'.

Imported Objects

dot1dTpFdbPort, dot1dTpFdbStatusBRIDGE-MIB
Hardware, HardwareStatusCISCO-FIREWALL-MIB
CFWNetworkProtocol, CFWApplicationProtocol, CFWPolicy, CFWPolicyTarget, CFWPolicyTargetType, CFWUrlfVendorId, CFWUrlServerStatusCISCO-FIREWALL-TC
InetAddressType, InetAddress, InetPortNumberINET-ADDRESS-MIB
TruthValue, TimeStamp, DateAndTime, DisplayString, TEXTUAL-CONVENTIONSNMPv2-TC
ciscoUnifiedFirewallMIB .
ciscoUnifiedFirewallMIBNotifs .
ciscoUFwUrlfServerStateChange .
ciscoUFwL2StaticMacAddressMoved .
ciscoUnifiedFirewallMIBObjects .
cuFwConnectionGrp .
cuFwConnectionGlobals .
cufwConnGlobalNumAttempted .
cufwConnGlobalConnSetupRate1 .
cufwConnGlobalConnSetupRate5 .
cufwConnGlobalNumRemoteAccess .
cufwConnGlobalNumSetupsAborted .
cufwConnGlobalNumPolicyDeclined .
cufwConnGlobalNumResDeclined .
cufwConnGlobalNumHalfOpen .
cufwConnGlobalNumActive .
cufwConnGlobalNumExpired .
cufwConnGlobalNumAborted .
cufwConnGlobalNumEmbryonic .
cuFwConnectionResources .
cufwConnResMemoryUsage .
cufwConnResActiveConnMemoryUsage .
cufwConnResHOConnMemoryUsage .
cufwConnResEmbrConnMemoryUsage .
cuFwConnectionReportSettings .
cufwConnReptAppStats .
cufwConnReptAppStatsLastChanged .
cuFwConnectionSummaryTables .
cufwConnSummaryTable .
cufwConnSummaryEntry .
cufwConnProtocol .
cufwConnSetupRate5 .
cufwConnNumAttempted .
cufwConnNumSetupsAborted .
cufwConnNumPolicyDeclined .
cufwConnNumResDeclined .
cufwConnNumHalfOpen .
cufwConnNumActive .
cufwConnNumAborted .
cufwConnSetupRate1 .
cufwAppConnSummaryTable .
cufwAppConnSummaryEntry .
cufwAppConnProtocol .
cufwAppConnSetupRate5 .
cufwAppConnNumAttempted .
cufwAppConnNumSetupsAborted .
cufwAppConnNumPolicyDeclined .
cufwAppConnNumResDeclined .
cufwAppConnNumHalfOpen .
cufwAppConnNumActive .
cufwAppConnNumAborted .
cufwAppConnSetupRate1 .
cufwPolicyConnSummaryTable .
cufwPolicyConnSummaryEntry .
cufwPolConnPolicy .
cufwPolConnNumActive .
cufwPolConnNumAborted .
cufwPolConnPolicyTargetType .
cufwPolConnPolicyTarget .
cufwPolConnProtocol .
cufwPolConnNumAttempted .
cufwPolConnNumSetupsAborted .
cufwPolConnNumPolicyDeclined .
cufwPolConnNumResDeclined .
cufwPolConnNumHalfOpen .
cufwPolicyAppConnSummaryTable .
cufwPolicyAppConnSummaryEntry .
cufwPolAppConnPolicy .
cufwPolAppConnNumActive .
cufwPolAppConnNumAborted .
cufwPolAppConnPolicyTargetType .
cufwPolAppConnPolicyTarget .
cufwPolAppConnProtocol .
cufwPolAppConnNumAttempted .
cufwPolAppConnNumSetupsAborted .
cufwPolAppConnNumPolicyDeclined .
cufwPolAppConnNumResDeclined .
cufwPolAppConnNumHalfOpen .
cuFwApplInspectionGrp .
cufwAIAuditTrailEnabled .
cufwAIAlertEnabled .
cufwInspectionTable .
cufwInspectionEntry .
cufwInspectionPolicyName .
cufwInspectionProtocol .
cufwInspectionStatus .
cuFwUrlFilterGrp .
cufwUrlFilterGlobals .
cufwUrlfFunctionEnabled .
cufwUrlfRequestsNumCacheDenied .
cufwUrlfAllowModeReqNumAllowed .
cufwUrlfAllowModeReqNumDenied .
cufwUrlfRequestsNumResDropped .
cufwUrlfRequestsResDropRate1 .
cufwUrlfRequestsResDropRate5 .
cufwUrlfNumServerTimeouts .
cufwUrlfNumServerRetries .
cufwUrlfResponsesNumLate .
cufwUrlfUrlAccRespsNumResDropped .
cufwUrlfRequestsNumProcessed .
cufwUrlfRequestsProcRate1 .
cufwUrlfRequestsProcRate5 .
cufwUrlfRequestsNumAllowed .
cufwUrlfRequestsNumDenied .
cufwUrlfRequestsDeniedRate1 .
cufwUrlfRequestsDeniedRate5 .
cufwUrlfRequestsNumCacheAllowed .
cufwUrlFilterResourceUsage .
cufwUrlfResTotalRequestCacheSize .
cufwUrlfResTotalRespCacheSize .
cufwUrlFilterServers .
cufwUrlfServerTable .
cufwUrlfServerEntry .
cufwUrlfServerAddrType .
cufwUrlfServerNumRetries .
cufwUrlfServerRespsNumReceived .
cufwUrlfServerRespsNumLate .
cufwUrlfServerAvgRespTime1 .
cufwUrlfServerAvgRespTime5 .
cufwUrlfServerAddress .
cufwUrlfServerPort .
cufwUrlfServerVendor .
cufwUrlfServerStatus .
cufwUrlfServerReqsNumProcessed .
cufwUrlfServerReqsNumAllowed .
cufwUrlfServerReqsNumDenied .
cufwUrlfServerNumTimeouts .
cuFwFailoverGrp .
cuFwFailoverGlobals .
cufwFOEnabled .
cufwFOSwVersionMate .
cufwFOUnitPolltime .
cufwFOUnitHoldtime .
cufwFOUnitBfdEnabled .
cufwFOLinkStatePolltime .
cufwFOInterfacePolicy .
cufwFOMonitoredInterfaces .
cufwFOInterfacePolltime .
cufwFOInterfaceHoldtime .
cufwFOReplicationHttp .
cufwFOUnitDesignation .
cufwFOReplicationRate .
cufwFOLink .
cufwFOStateLink .
cufwFOStdbyConfigLocked .
cufwFOEncryption .
cufwFOSerialNumOurs .
cufwFOSerialNumMate .
cufwFOSwVersionOurs .
cuFwFailoverStatus .
cufwFOGrpStatusTable .
cufwFOGrpStatusEntry .
cufwFOGroupIndex .
cufwFOGrpLastFailoverAt .
cufwFOGrpHAstate .
cufwFOGrpUpTime .
cufwFOGrpContextCount .
cufwFOInterfaceTable .
cufwFOInterfaceEntry .
cufwFOGrpId .
cufwContextId .
cufwContextifIndex .
cufwFOInterfaceMonitoring .
cufwFOInterfaceStatus .
cuFwFailoverStatistics .
cufwFOStatefulUpdateEnabled .
cufwFOLogicalUpdatesTable .
cufwFOLogicalUpdateEntry .
cufwFOGroupIdx .
cufwFOCLientId .
cufwFOCLientName .
cufwFOLUTransmitCount .
cufwFOLUTransmitErrors .
cufwFOLUReceiveCount .
cufwFOLUReceiveErrors .
cuFwFailoverHistory .
cuFwFOMaxStateEvents .
cufwFOHistoryEvTable .
cufwFOHistoryEvEntry .
cufwFOGrpIndex .
cufwFOHistoryIndex .
cufwFOGrpHAFromState .
cufwFOGrpHAToState .
cufwFOGrpTransitionAt .
cufwFOGrpTransitionReason .
cuFwAaicGrp .
cufwAaicGlobals .
cufwAaicGlobalNumBadProtocolOps .
cufwAaicGlobalNumBadPDUSize .
cufwAaicGlobalNumBadPortRange .
cufwAaicProtocolStats .
cufwAaicHttpProtocolStats .
cufwAaicHttpNumBadProtocolOps .
cufwAaicHttpNumBadPDUSize .
cufwAaicHttpNumTunneledConns .
cufwAaicHttpNumLargeURIs .
cufwAaicHttpNumBadContent .
cufwAaicHttpNumMismatchContent .
cufwAaicHttpNumDoubleEncodedPkts .
cufwAaicEngineStats .
cufwAaicLinaSnortStats .
cufwAaicPassedSnortCount .
cufwAaicDeniedFlowEvCount .
cufwAaicFwdbeforeDropCount .
cufwAaicInjDropCount .
cufwAaicBlockedSnortCount .
cufwAaicInjbySnortCount .
cufwAaicBypassSnortDownCount .
cufwAaicBypassSnortBusyCount .
cufwAaicFastfwdFlowsCount .
cufwAaicBlacklistedFlowsCount .
cufwAaicStartofFlowEvCount .
cufwAaicEndofFlowEvCount .
cuFwL2FwGrp .
cufwL2FwGlobals .
cufwL2GlobalEnableStealthMode .
cufwL2GlobalNumBadArpResponses .
cufwL2GlobalNumSpoofedArpResps .
cufwL2GlobalArpCacheSize .
cufwL2GlobalEnableArpInspection .
cufwL2GlobalNumArpRequests .
cufwL2GlobalNumIcmpRequests .
cufwL2GlobalNumFloods .
cufwL2GlobalNumDrops .
cufwL2GlobalArpOverflowRate5 .
cuFwNotifCntlGrp .
cufwCntlUrlfServerStatusChange .
cufwCntlL2StaticMacAddressMoved .
cufwCntlFOstateChange .
cufwCntlCluStateChange .
cuFwClusterGrp .
cuFwClusterGlobals .
cufwCluEnabled .
cufwCluSerialNum .
cufwCCLipAddr .
cufwCCLmacAddr .
cufwCluSwVersion .
cufwCluUnitHoldtime .
cufwCluLastJoinAt .
cufwCluLastLeaveAt .
cufwCluInterfaceMode .
cufwCluUnitState .
cufwCCLink .
cufwCluGroupName .
cufwCluUnitName .
cufwCluConsoleReplicate .
cufwCluSiteID .
cufwCluPriority .
cuFwClusterStatus .
cuFwCluUnitHealth .
cufwCluOverallHealth .
cufwCluInterfaceTable .
cufwCluInterfaceEntry .
cuCluIfcIndex .
cufwCluHealthStatus .
cufwCluHealthCheck .
cuFwClusterHistory .
cuFwCluMaxStateEvents .
cufwCluHistEvTable .
cufwCluHistEvEntry .
cufwCluHistIndex .
cufwCluFromState .
cufwCluToState .
cufwCluTransitionAt .
cufwCluTransitionReason .
ciscoUnifiedFirewallMIBConform .
ciscoUniFirewallMIBCompliances .
ciscoUniFirewallMIBGroups .