EXTREME-IP-SECURITY-MIB

        Extreme IP Security MIB

Imported Objects

extremeAgent	EXTREME-BASE-MIB
InetAddressType, InetAddress, InetPortNumber	INET-ADDRESS-MIB
MODULE-IDENTITY, OBJECT-TYPE, IpAddress, Counter64, Integer32	SNMPv2-SMI
TEXTUAL-CONVENTION, DisplayString, MacAddress, RowStatus	SNMPv2-TC

Type Definitions (6)

Name	Base Type	Values/Constraints
HexOctet	OctetString	range: 2
IcmpAnomalyReason	Enumeration	unknown(0), icmpOverSize(1), icmpFragmented(2)
IpProtocol	Enumeration	unknown(0), icmp(1), tcp(6), udp(17)
TcpFlagAnomalyReason	Enumeration	unknown(0), flagSynAndSrcPort(1), flagAndSeq(2), flagFinAndUrgAandPshandSeq(3), flagSynAndFin(4)
TcpFragmentAnomalyReason	Enumeration	unknown(0), tcpHdrLessSize(1), tcpFragmented(2)
VlanTag	Integer32	range: 0..4095

Objects

extremeIpSecurity		.1.3.6.1.4.1.1916.1.34
extremeIpSecurityTraps		.1.3.6.1.4.1.1916.1.34.1
extremeIpSecurityTrapsPrefix		.1.3.6.1.4.1.1916.1.34.1.0
extremeIpSecurityVlanIfIndex	Integer32	.1.3.6.1.4.1.1916.1.34.1.1
extremeIpSecurityVlanDescr	OctetString	.1.3.6.1.4.1.1916.1.34.1.2
extremeIpSecurityPortIfIndex	Integer32	.1.3.6.1.4.1.1916.1.34.1.3
extremeIpSecurityIpAddr	SNMPv2-SMIIpAddress	.1.3.6.1.4.1.1916.1.34.1.4
extremeIpSecurityMacAddress	SNMPv2-TCMacAddress	.1.3.6.1.4.1.1916.1.34.1.5
extremeIpSecurityViolationType	Enumeration	.1.3.6.1.4.1.1916.1.34.1.6
extremeIpSecurityAnomalyTraps		.1.3.6.1.4.1.1916.1.34.2
extremeIpSecurityAnomalyTrapsPrefix		.1.3.6.1.4.1.1916.1.34.2.0
esAnomalyPortIfIndex	Integer32	.1.3.6.1.4.1.1916.1.34.2.1
esAnomalyIpProto	IpProtocol	.1.3.6.1.4.1.1916.1.34.2.10
esAnomalySrcL4Port	INET-ADDRESS-MIBInetPortNumber	.1.3.6.1.4.1.1916.1.34.2.11
esAnomalyDestL4Port	INET-ADDRESS-MIBInetPortNumber	.1.3.6.1.4.1.1916.1.34.2.12
esAnomalyTcpFlag	HexOctet	.1.3.6.1.4.1.1916.1.34.2.13
esAnomalyTcpSeq	Integer32	.1.3.6.1.4.1.1916.1.34.2.14
esAnomalyTcpHdrSize	Integer32	.1.3.6.1.4.1.1916.1.34.2.15
esAnomalyTcpFlagReason	TcpFlagAnomalyReason	.1.3.6.1.4.1.1916.1.34.2.16
esAnomalyIcmpReason	IcmpAnomalyReason	.1.3.6.1.4.1.1916.1.34.2.17
esAnomalyVlanTag	VlanTag	.1.3.6.1.4.1.1916.1.34.2.18
esAnomalyTcpFragmentReason	TcpFragmentAnomalyReason	.1.3.6.1.4.1.1916.1.34.2.19
esAnomalyVlanIfIndex	Integer32	.1.3.6.1.4.1.1916.1.34.2.2
esAnomalyVlanDescr	OctetString	.1.3.6.1.4.1.1916.1.34.2.3
esAnomalySrcMacAddress	SNMPv2-TCMacAddress	.1.3.6.1.4.1.1916.1.34.2.4
esAnomalyDestMacAddress	SNMPv2-TCMacAddress	.1.3.6.1.4.1.1916.1.34.2.5
esAnomalySrcIpAddrType	INET-ADDRESS-MIBInetAddressType	.1.3.6.1.4.1.1916.1.34.2.6
esAnomalySrcIpAddr	INET-ADDRESS-MIBInetAddress	.1.3.6.1.4.1.1916.1.34.2.7
esAnomalyDestIpAddrType	INET-ADDRESS-MIBInetAddressType	.1.3.6.1.4.1.1916.1.34.2.8
esAnomalyDestIpAddr	INET-ADDRESS-MIBInetAddress	.1.3.6.1.4.1.1916.1.34.2.9

Notifications/Traps

Name	OID	Description
extremeIpSecurityViolation	.1.3.6.1.4.1.1916.1.34.1.0.1	For vlans/ports on which one or more of the IP Security features have been enabled, this trap will be generated when a packet received on that vlan/port is in violation of the configured IP Security protections
extremeIpSecurityAnomalyIpViolation	.1.3.6.1.4.1.1916.1.34.2.0.1	For ports on which the protocol anomaly protection IP features has been enabled, this trap will be generated when a packet received on that port if the packet's source IP == destination IP
extremeIpSecurityAnomalyL4PortViolation	.1.3.6.1.4.1.1916.1.34.2.0.2	For ports on which the protocol anomaly protection L4port features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP or UDP packetr. AND 2) its source L4 port == destination port
extremeIpSecurityAnomalyTcpFlagViolation	.1.3.6.1.4.1.1916.1.34.2.0.3	For ports on which the protocol anomaly protection TCP flags features has been enabled, this trap will be generated when a TCP packet received on that port if 1) (TCP flag SYN is set) and (its TCP source port < 1024). OR 2) (TCP flag == 0) and (TCP seq # == 0). OR 3) (TCP flag FIN/URG/PSH bits sre set) and (TCP seq # == 0). OR 4) Both TCP iflag SYN and FIN are set
extremeIpSecurityAnomalyTcpFragmentViolation	.1.3.6.1.4.1.1916.1.34.2.0.4	For ports on which the protocol anomaly protection TCP fragment features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP, and its size of the TCP header is less than pre-configured value; or 2) the packet is a TCP and it is a IP fragmented packet (IP offset != 0)
extremeIpSecurityAnomalyIcmpViolation	.1.3.6.1.4.1.1916.1.34.2.0.5	For ports on which the protocol anomaly protection ICMP features has been enabled, this trap will be generated when an ICMP packet received on that port if 1) the size of ICMP (IP payload) is large thant pre-configured value; or 2) it is a fragmented IP/ICMP packet (IP offset != 0)