NETSCREEN-POLICY-MIB Table View

Table-centric layout grouping table, row, and column objects.

Standard view Table view

Tables

Rows

Columns

nsPlyTable

table

.1.3.6.1.4.1.3224.10.1 · 1 row entry · 25 columns

Open in standard view

A firewall provides a network boundary with a single point of
entry and exit-a choke point.You can screen and direct all that
traffic through the implementation of a set of access policies.
Access policies allow you to permit, deny, encrypt,
authenticate, prioritize, schedule, and monitor the traffic
attemption to cross your firewall. This table collects all the
policy configuration information existing in NetScreen
Device.

nsPlyEntry entry .1.3.6.1.4.1.3224.10.1.1

Each entry in the nsPlyTable holds a set of configuration
parameters associatied with an instance of policy.

Indexes

nsPlyVsys nsPlyId

Column Syntax OID

nsPlyId

Each policy is identified by a unique policy ID.

Integer32

Constraints:
range: 0-2147483647

.1.3.6.1.4.1.3224.10.1.1.1

nsPlyVsys

Vitural system's name this polic entry belongs to.

Integer32

Constraints:
range: 0-2147483647

.1.3.6.1.4.1.3224.10.1.1.2

nsPlySrcZone

Traffic through a firewall means that traffic flows from one
security zone to another. This object describes the source zone
name traffic flow passes.

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.3

nsPlyDstZone

Traffic through a firewall means that traffic flows from one
security zone to another. This object describes the destination
zone name traffic flow passes.

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.4

nsPlySrcAddr

Addresses are objects that identify network devices such as
hosts and networks by their location in relation to the
firwall on which security zone.To create an access policy for
specific addresses, you must first creat…

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.5

nsPlyDstAddr

Addresses are objects that identify network devices such as
hosts and networks by their location in relation to the
firwall-on which security zone.To create an access policy for
specific addresses, you must first creat…

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.6

nsPlyService

Sevices are objects that identify application protocols using
layer 4 information such as standard and accepted TCP and UDP
port numbers for application services like Telnet, FTP, SMTP
and HTTP. This object indicates a…

Enumeration

Enumerated Values:

0	any
1	aol
2	bgp
3	dpcp-relay
4	dns
5	finger
6	ftp
7	ftp-get
8	ftp-put
9	gopher
10	h323
11	http
12	https
13	icmp-info
14	icmp-timestamp
15	ike
16	imap
17	internet-locator-service
18	irc
19	l2tp
20	ldap
21	mail
22	netmeeting
23	nfs
24	nntp
25	ns-global
26	ns-global-pro
27	ntp
28	ospf
29	pc-anywhere
30	ping
31	pop3
32	pptp
33	real-media
34	rip
35	rlogin
36	snmp
37	ssh
38	syslog
39	talk
40	tcp-any
41	telnet
42	tftp
43	traceroute
44	udp-any
45	uucp
46	vdo-live
47	wais
48	winframe
49	x-windows
50	other

.1.3.6.1.4.1.3224.10.1.1.7

nsPlyAction

Actions objects that describe what the firewall does to the
traffic it receives. Permit allows the packet to pass the
firewall. Deny blocks the packet from traversing the firewall.
Tunnel encapsulates outgoing IP packet…

Enumeration

Enumerated Values:

0	deny
1	permit
2	tunnel

.1.3.6.1.4.1.3224.10.1.1.8

nsPlyNat

You can apply NAT at the interface level or at the policy
level. With policy-based NAT, you can translate the source
address on either incoming or outging network and VPN traffic.
This object indicates if this is a pol…

Enumeration

Enumerated Values:

0	disable
1	enabled

.1.3.6.1.4.1.3224.10.1.1.9

nsPlyFixPort

When in policy-based NAT, the new secure address can come from
either a Dynamic IP or from a Mapped IP. This object indicates
if poliy-based NAT uses fix port when working on NAT mode.

Enumeration

Enumerated Values:

0	no
1	yes

.1.3.6.1.4.1.3224.10.1.1.10

nsPlyDipId

This object indicates the Dynamic ID chosen for NAT policy.

SNMPv2-SMIInteger32

Textual Convention: SNMPv2-SMIInteger32 Integer32

Type Constraints:
range: -2147483648..2147483647

.1.3.6.1.4.1.3224.10.1.1.11

nsPlyVpnTunnel

VPN tunnel this access policy applies to.

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.12

nsPlyL2tpTunnel

L2TP tunnel this access policy applies to.

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.13

nsPlyAuth

This object indicates the selecting this option requires the
user at the source address to authenticate his/her identiry by
supplying a user name and password before traffic is allowed to
graverw the firewall or enter …

Enumeration

Enumerated Values:

0	disable
1	enabled

.1.3.6.1.4.1.3224.10.1.1.14

nsPlyLogEnable

When you enable logging in an access policy, the NetScreen
device logs all connections to which that paticular access
policy applies.

Enumeration

Enumerated Values:

0	disable
1	enabled

.1.3.6.1.4.1.3224.10.1.1.15

nsPlyCountEnable

When you enable counting in an access plicy, the NetScreen
device counts the total number of bytes of traffic to which
this access policy applies and records the informaiton in
historical graphs.

Enumeration

Enumerated Values:

0	disable
1	enabled

.1.3.6.1.4.1.3224.10.1.1.16

nsPlyAlarmBPS

User can set a threshold that triggers an alarm when the
traffic permitted by the access policy exceeds a specified
number of bytes per second.

SNMPv2-SMIInteger32

Textual Convention: SNMPv2-SMIInteger32 Integer32

Type Constraints:
range: -2147483648..2147483647

.1.3.6.1.4.1.3224.10.1.1.17

nsPlyAlarmBPM

User can set a threshold that triggers an alarm when the
traffic permitted by the access policy exceeds a specified
number of bytes per Minute.

SNMPv2-SMIInteger32

Textual Convention: SNMPv2-SMIInteger32 Integer32

Type Constraints:
range: -2147483648..2147483647

.1.3.6.1.4.1.3224.10.1.1.18

nsPlySchedule

By associating a schedule to an access policy, you can
determine when the access policy is in effect.

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.19

nsPlyTrafficShapeEnable

User can set parameters for the control and shaping of traffic
for each access policy.

Enumeration

Enumerated Values:

0	off
1	on

.1.3.6.1.4.1.3224.10.1.1.20

nsPlyTrafficPriority

Traffic priority for this policy.

Enumeration

Enumerated Values:

0	high
1	priority2nd
2	priority3rd
3	priority4th
4	priority5th
5	priority6th
6	priority7th
7	priorityLow

.1.3.6.1.4.1.3224.10.1.1.21

nsPlyDSEnable

Differentiated Services is a system for tagging traffic at a
position within a hierarchy of priority.

Enumeration

Enumerated Values:

0	disable
1	enabled

.1.3.6.1.4.1.3224.10.1.1.22

nsPlyActiveStatus

Show the status of one policy entry.

Enumeration

Enumerated Values:

0	inactive
1	inuse
2	hidden

.1.3.6.1.4.1.3224.10.1.1.23

nsPlyName

policy name (optional)

OctetString

Constraints:
range: 0-32

.1.3.6.1.4.1.3224.10.1.1.24

nsPlyServiceName

Sevices name that identify application protocols using
layer 4 information such as standard and accepted TCP and UDP
port numbers for application services like Telnet, FTP, SMTP
and HTTP. This object indicates all the …

SNMPv2-TCDisplayString

Textual Convention: SNMPv2-TCDisplayString OctetString

Type Constraints:
range: 0..255

.1.3.6.1.4.1.3224.10.1.1.25

nsPlyMonTable

table

.1.3.6.1.4.1.3224.10.2 · 1 row entry · 11 columns

Open in standard view

traffic information for the policy-based traffic.

nsPlyMonEntry entry .1.3.6.1.4.1.3224.10.2.1

An entry holds a set of traffic counters of a specific
policy.

Indexes

nsPlyMonId nsPlyMonVsys

Column	Syntax	OID
nsPlyMonId Policy Id, also used as index in this table	Integer32 Constraints: `range: 0-2147483647`	`.1.3.6.1.4.1.3224.10.2.1.1`
nsPlyMonVsys vsys this policy belongs to	Integer32 Constraints: `range: 0-2147483647`	`.1.3.6.1.4.1.3224.10.2.1.2`
nsPlyMonPackPerSec Packets go through this policy per second	SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 `Integer32` Type Constraints: `range: -2147483648..2147483647`	`.1.3.6.1.4.1.3224.10.2.1.3`
nsPlyMonPackPerMin Packets go through this policy per minute	SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 `Integer32` Type Constraints: `range: -2147483648..2147483647`	`.1.3.6.1.4.1.3224.10.2.1.4`
nsPlyMonTotalPacket total packets go through this policy	SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 `Unsigned32` Type Constraints: `range: 0..4294967295`	`.1.3.6.1.4.1.3224.10.2.1.5`
nsPlyMonBytePerSec Bytes go through this policy per second	SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 `Integer32` Type Constraints: `range: -2147483648..2147483647`	`.1.3.6.1.4.1.3224.10.2.1.6`
nsPlyMonBytePerMin Bytes go through this policy per minute	SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 `Integer32` Type Constraints: `range: -2147483648..2147483647`	`.1.3.6.1.4.1.3224.10.2.1.7`
nsPlyMonTotalByte Total bytes go through this policy	SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 `Unsigned32` Type Constraints: `range: 0..4294967295`	`.1.3.6.1.4.1.3224.10.2.1.8`
nsPlyMonSessionPerSec Sessions go through this policy per second	SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 `Integer32` Type Constraints: `range: -2147483648..2147483647`	`.1.3.6.1.4.1.3224.10.2.1.9`
nsPlyMonSessionPerMin Sessions go through this policy per minute	SNMPv2-SMIInteger32 Textual Convention: SNMPv2-SMIInteger32 `Integer32` Type Constraints: `range: -2147483648..2147483647`	`.1.3.6.1.4.1.3224.10.2.1.10`
nsPlyMonTotalSession Total Sessions go through this policy	SNMPv2-SMICounter32 Textual Convention: SNMPv2-SMICounter32 `Unsigned32` Type Constraints: `range: 0..4294967295`	`.1.3.6.1.4.1.3224.10.2.1.11`