EXTREME-IP-SECURITY-MIB

        Extreme IP Security MIB
    

Imported Objects

extremeAgentEXTREME-BASE-MIB
InetAddressType, InetAddress, InetPortNumberINET-ADDRESS-MIB
MODULE-IDENTITY, OBJECT-TYPE, IpAddress, Counter64, Integer32SNMPv2-SMI
TEXTUAL-CONVENTION, DisplayString, MacAddress, RowStatusSNMPv2-TC

Type Definitions (6)

Name Base Type Values/Constraints
HexOctetrange: 2
IcmpAnomalyReasonunknown(0), icmpOverSize(1), icmpFragmented(2)
IpProtocolunknown(0), icmp(1), tcp(6), udp(17)
TcpFlagAnomalyReasonunknown(0), flagSynAndSrcPort(1), flagAndSeq(2), flagFinAndUrgAandPshandSeq(3), flagSynAndFin(4)
TcpFragmentAnomalyReasonunknown(0), tcpHdrLessSize(1), tcpFragmented(2)
VlanTagrange: 0..4095

Objects

extremeIpSecurity .1.3.6.1.4.1.1916.1.34
extremeIpSecurityTraps .1.3.6.1.4.1.1916.1.34.1
extremeIpSecurityTrapsPrefix .1.3.6.1.4.1.1916.1.34.1.0
extremeIpSecurityVlanIfIndex .1.3.6.1.4.1.1916.1.34.1.1
extremeIpSecurityVlanDescr .1.3.6.1.4.1.1916.1.34.1.2
extremeIpSecurityPortIfIndex .1.3.6.1.4.1.1916.1.34.1.3
extremeIpSecurityIpAddr
.1.3.6.1.4.1.1916.1.34.1.4
extremeIpSecurityMacAddress
.1.3.6.1.4.1.1916.1.34.1.5
extremeIpSecurityViolationType .1.3.6.1.4.1.1916.1.34.1.6
extremeIpSecurityAnomalyTraps .1.3.6.1.4.1.1916.1.34.2
extremeIpSecurityAnomalyTrapsPrefix .1.3.6.1.4.1.1916.1.34.2.0
esAnomalyPortIfIndex .1.3.6.1.4.1.1916.1.34.2.1
esAnomalyIpProto .1.3.6.1.4.1.1916.1.34.2.10
esAnomalySrcL4Port
.1.3.6.1.4.1.1916.1.34.2.11
esAnomalyDestL4Port
.1.3.6.1.4.1.1916.1.34.2.12
esAnomalyTcpFlag .1.3.6.1.4.1.1916.1.34.2.13
esAnomalyTcpSeq .1.3.6.1.4.1.1916.1.34.2.14
esAnomalyTcpHdrSize .1.3.6.1.4.1.1916.1.34.2.15
esAnomalyTcpFlagReason .1.3.6.1.4.1.1916.1.34.2.16
esAnomalyIcmpReason .1.3.6.1.4.1.1916.1.34.2.17
esAnomalyVlanTag .1.3.6.1.4.1.1916.1.34.2.18
esAnomalyTcpFragmentReason .1.3.6.1.4.1.1916.1.34.2.19
esAnomalyVlanIfIndex .1.3.6.1.4.1.1916.1.34.2.2
esAnomalyVlanDescr .1.3.6.1.4.1.1916.1.34.2.3
esAnomalySrcMacAddress
.1.3.6.1.4.1.1916.1.34.2.4
esAnomalyDestMacAddress
.1.3.6.1.4.1.1916.1.34.2.5
esAnomalySrcIpAddrType
.1.3.6.1.4.1.1916.1.34.2.6
esAnomalySrcIpAddr
.1.3.6.1.4.1.1916.1.34.2.7
esAnomalyDestIpAddrType
.1.3.6.1.4.1.1916.1.34.2.8
esAnomalyDestIpAddr
.1.3.6.1.4.1.1916.1.34.2.9

Notifications/Traps

NameOIDDescription
extremeIpSecurityViolation.1.3.6.1.4.1.1916.1.34.1.0.1
For vlans/ports on which one or more of the IP Security 
features have been enabled, this trap will be generated when a packet 
received on that vlan/port is in violation of the configured IP 
Security protections
extremeIpSecurityAnomalyIpViolation.1.3.6.1.4.1.1916.1.34.2.0.1
For ports on which the protocol anomaly protection IP 
features has been enabled, this trap will be generated when a packet 
received on that port if the packet's source IP == destination IP
extremeIpSecurityAnomalyL4PortViolation.1.3.6.1.4.1.1916.1.34.2.0.2
For ports on which the protocol anomaly protection L4port 
features has been enabled, this trap will be generated when a packet 
received on that port if 
1) the packet is a TCP or UDP packetr.  AND 
2) its source L4 port == destination port
extremeIpSecurityAnomalyTcpFlagViolation.1.3.6.1.4.1.1916.1.34.2.0.3
For ports on which the protocol anomaly protection TCP flags 
features has been enabled, this trap will be generated when a TCP 
packet received on that port if 
1) (TCP flag SYN is set) and (its TCP source port < 1024). OR   
2) (TCP flag == 0) and (TCP seq # == 0). OR   
3) (TCP flag FIN/URG/PSH bits sre set) and (TCP seq # == 0). OR   
4) Both TCP iflag SYN and FIN are set
extremeIpSecurityAnomalyTcpFragmentViolation.1.3.6.1.4.1.1916.1.34.2.0.4
For ports on which the protocol anomaly protection TCP fragment 
features has been enabled, this trap will be generated when a packet 
received on that port if 
1) the packet is a TCP, and its size of the TCP header is less than pre-configured value; or
2) the packet is a TCP and it is a IP fragmented packet (IP offset != 0)
extremeIpSecurityAnomalyIcmpViolation.1.3.6.1.4.1.1916.1.34.2.0.5
For ports on which the protocol anomaly protection ICMP 
features has been enabled, this trap will be generated when an ICMP 
packet received on that port if 
1) the size of ICMP (IP payload) is large thant pre-configured value; or   
2) it is a fragmented IP/ICMP packet (IP offset != 0)