CISCO-THREAT-MITIGATION-SERVICE-MIB Table View

Table-centric layout grouping table, row, and column objects.

Standard view Table view
Tables
4
Rows
4
Columns
23

ciTmsGroupTable

table
.1.3.6.1.4.1.9.9.603.1.2.1 · 1 row entry · 7 columns
Open in standard view 
Consumer can participate in one of more TIDP groups, each
group having one or more controllers. The table represents 
the list of controllers in a particular group.    
          
A row is added to the table when a controller's IP address 
is added to the list of known controllers.
A row is deleted from the table when a controller's 
IP address is removed from the list of known controllers.
ciTmsGroupEntry entry .1.3.6.1.4.1.9.9.603.1.2.1.1
Each entry represents a conceptual row in ciTmsGroupTable
and corresponds to the information about the controller
and TIDP group a consumer is registered with.
Indexes
ciTmsGroupId ciTmsControllerIpType ciTmsControllerIp
Column Syntax OID
ciTmsGroupId
This object represents the TIDP group Id.
Unsigned32
Constraints:
range: 1-4294967295
 .1.3.6.1.4.1.9.9.603.1.2.1.1.1
ciTmsControllerIpType
This object represents the type of the network address
available through ciTmsControllerIp.
INET-ADDRESS-MIBInetAddressType
Textual Convention: INET-ADDRESS-MIBInetAddressType Enumeration
Type Values:
0unknown
1ipv4
2ipv6
3ipv4z
4ipv6z
16dns
25l2vpn
 .1.3.6.1.4.1.9.9.603.1.2.1.1.2
ciTmsControllerIp
This object represents the network address of the controller.
The type of the address is represented by
ciTmsControllerIpType.
INET-ADDRESS-MIBInetAddress
Textual Convention: INET-ADDRESS-MIBInetAddress OctetString
Type Constraints:
range: 0..255
 .1.3.6.1.4.1.9.9.603.1.2.1.1.3
ciTmsGroupConsumerRegStatus
This object represents the status of consumer's registration
with the controller in a TIDP group.
CTmsConsumerRegistrationStatus
Textual Convention: CTmsConsumerRegistrationStatus Enumeration
Type Values:
1notRegistered
2registrationRequestSent
3registered
4registrationFailed
 .1.3.6.1.4.1.9.9.603.1.2.1.1.4
ciTmsGroupNotifEnable
This object indicates whether following notifications should
be generated for a group :
1. ciscoTmsControllerUnreachable
2. ciscoTmsThreatStatusChange
3. ciscoTmsMitigationActionFailed

Setting…
SNMPv2-TCTruthValuer/w
Textual Convention: SNMPv2-TCTruthValue Enumeration
Type Values:
1true
2false
 .1.3.6.1.4.1.9.9.603.1.2.1.1.5
ciTmsGroupStorageType
The storage type for this conceptual row.
SNMPv2-TCStorageTyper/w
Textual Convention: SNMPv2-TCStorageType Enumeration
Type Values:
1other
2volatile
3nonVolatile
4permanent
5readOnly
 .1.3.6.1.4.1.9.9.603.1.2.1.1.6
ciTmsGroupRowStatus
The status of this conceptual row.
An entry can be created/deleted using this object.
A row may be deleted by setting the RowStatus to 'destroy'.
SNMPv2-TCRowStatusr/w
Textual Convention: SNMPv2-TCRowStatus Enumeration
Type Values:
1active
2notInService
3notReady
4createAndGo
5createAndWait
6destroy
 .1.3.6.1.4.1.9.9.603.1.2.1.1.7

ciTmsThreatTable

table
.1.3.6.1.4.1.9.9.603.1.3.1 · 1 row entry · 9 columns
Open in standard view 
This table represents the information about the
threats the consumer has received from various   
controllers belonging to different TIDP groups it is   
registered with.  A threat received from one controller   
in a TIDP group is uniquely identified by the threat id   
and owner id.
          
A row is added to the  table when a threat notification  
message is received by the consumer from the controller in  
a TIDP group. 
A row is deleted from the table when the consumer deletes  
the information about a threat received from a controller 
in a TIDP group.
ciTmsThreatEntry entry .1.3.6.1.4.1.9.9.603.1.3.1.1
Each entry represents a conceptual row in ciTmsThreatTable
and corresponds to the information about a threat and it's
various attributes, received from a controller in a given
TIDP group.
Indexes
ciTmsThreatOwner ciTmsThreatId ciTmsGroupId ciTmsControllerIpType ciTmsControllerIp
Column Syntax OID
ciTmsThreatOwner
This object identifies the controller that has notified the
consumer about the threat.
Unsigned32
Constraints:
range: 1-4294967295
 .1.3.6.1.4.1.9.9.603.1.3.1.1.1
ciTmsThreatId
This object represents the identifier for the particular
threat.
Unsigned32
Constraints:
range: 1-65535
 .1.3.6.1.4.1.9.9.603.1.3.1.1.2
ciTmsThreatVer
This object represents the version of the
threat.
Unsigned32
Constraints:
range: 0-255
 .1.3.6.1.4.1.9.9.603.1.3.1.1.3
ciTmsThreatStatus
This object represents the current status of the threat on
the consumer. This is evaluated locally on consumer.
CTmsThreatStatus
Textual Convention: CTmsThreatStatus Enumeration
Type Values:
1unknown
2active
3inactive
4created
5pending
6activationFailed
7inactivationFailed
8deleted
 .1.3.6.1.4.1.9.9.603.1.3.1.1.4
ciTmsThreatClass
This object represents the class of threat. An example of
class is 'Worm'.
SNMP-FRAMEWORK-MIBSnmpAdminString
Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetString
Type Constraints:
range: 0..255
 .1.3.6.1.4.1.9.9.603.1.3.1.1.5
ciTmsThreatName
This object represents name of the threat. An example of
threat name is 'WittyWorm'.
SNMP-FRAMEWORK-MIBSnmpAdminString
Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetString
Type Constraints:
range: 0..255
 .1.3.6.1.4.1.9.9.603.1.3.1.1.6
ciTmsThreatActiveTimeDuration
This object represents the duration the threat has been
active for.
SNMPv2-TCDateAndTime
Textual Convention: SNMPv2-TCDateAndTime OctetString
Type Constraints:
range: 8
range: 11
 .1.3.6.1.4.1.9.9.603.1.3.1.1.7
ciTmsThreatPriority
This object represents the priority at which the consumer
responds to this threat. A higher value indicates a lower
priority for the threat and vice versa.
Unsigned32
Constraints:
range: 1-32
 .1.3.6.1.4.1.9.9.603.1.3.1.1.8
ciTmsThreatTcdf
This object represents the TCDF related information received
in the threat. For example,
<tcdf> <match> <eq field='ip.dst_addr' value='10.10.10.1'>
</eq> </match> </tcdf>.
SNMP-FRAMEWORK-MIBSnmpAdminString
Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetString
Type Constraints:
range: 0..255
 .1.3.6.1.4.1.9.9.603.1.3.1.1.9

ciTmsThreatActionTable

table
.1.3.6.1.4.1.9.9.603.1.3.2 · 1 row entry · 6 columns
Open in standard view 
This table represents mitigation action for the respective
threat. A threat is uniquely represented by the threat id,
owner id, controller IP and TIDP group ID and hence 
corresponding objects are used as indices.
A row is added to the table  when the consumer enforces a
mitigation action as a result of receiving a threat message
from a controller in a TIDP group.
A row is deleted from the table when the consumer removes
the mitigation action taken for the threat received from a 
controller in a TIDP group.
ciTmsThreatActionEntry entry .1.3.6.1.4.1.9.9.603.1.3.2.1
Each entry represents a conceptual row in
ciTmsThreatActionTable and corresponds to the
information about the mitigation action
applied for a particular threat.
Indexes
ciTmsThreatOwner ciTmsThreatId ciTmsGroupId ciTmsControllerIpType ciTmsControllerIp ciTmsThreatAction ciTmsThreatActionParamId
Column Syntax OID
ciTmsThreatAction
This object represents the mitigation action taken by
the consumer for a threat.
CTmsActionType
Textual Convention: CTmsActionType Enumeration
Type Values:
1ignore
2aclDrop
3fpmDrop
4redirect
5police
6setIPDscp
7localException
8quarantine
 .1.3.6.1.4.1.9.9.603.1.3.2.1.1
ciTmsThreatActionParamId
This object identifies an action parameter.
CTmsActionParamIdType
Textual Convention: CTmsActionParamIdType Enumeration
Type Values:
1noParams
2cir
3bir
4be
5nexthop
6dscpVal
7vlanId
 .1.3.6.1.4.1.9.9.603.1.3.2.1.2
ciTmsThreatActionParamType
This object represents the type of an action parameter.
CTmsActionParamType
Textual Convention: CTmsActionParamType Enumeration
Type Values:
1unsigned
2networkAddress
3string
 .1.3.6.1.4.1.9.9.603.1.3.2.1.3
ciTmsThreatActionParamLength
This object represents the length of the action parameter
identified by ciTmsThreatActionParamId.
Unsigned32
Constraints:
range: 1-65535
 .1.3.6.1.4.1.9.9.603.1.3.2.1.4
ciTmsThreatActionParamValue
This object represents the value of the parameter identified
by ciTmsThreatActionParamId. This value should be interpreted
using type and length of the parameter value represented by
ciTmsThreatActionParamType and ciT…
SNMP-FRAMEWORK-MIBSnmpAdminString
Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetString
Type Constraints:
range: 0..255
 .1.3.6.1.4.1.9.9.603.1.3.2.1.5
ciTmsThreatActionFailReason
This object specifies the reason for the failure of
a particular threat mitigation action. 'OER mitigation not
supported' is an example of the value populated for this
object. For successfully mitigated threats, this w…
SNMP-FRAMEWORK-MIBSnmpAdminString
Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetString
Type Constraints:
range: 0..255
 .1.3.6.1.4.1.9.9.603.1.3.2.1.6

ciTmsThreatInterfaceTable

table
.1.3.6.1.4.1.9.9.603.1.3.3 · 1 row entry · 1 columns
Open in standard view 
The application of threat mitigation is typically done on one
or more interfaces. This table represents the status of 
mitigation action applied on the respective interfaces.
          
A row is added to the table when the consumer enforces a 
mitigation action on a interface as a result of receiving 
a threat message from a controller in a TIDP group.
A row is deleted from the table when the consumer removes a
mitigation action taken on a interface as a result of threat
received from a controller in a TIDP group.
ciTmsThreatInterfaceEntry entry .1.3.6.1.4.1.9.9.603.1.3.3.1
Each entry represents a row in ciTmsThreatInterfaceTable
and corresponds to the information about the interface on
which the threat mitigation action is applied.
Indexes
ciTmsThreatId ciTmsThreatOwner ciTmsGroupId ciTmsControllerIpType ciTmsControllerIp IF-MIBifIndex
Column Syntax OID
ciThreatInterfaceMitigationApplied
This object indicates whether the mitigation action
for a particular threat has been successfully applied
on an interface or not. A value of 'true' indicates
the successful application of mitigation action, while …
SNMPv2-TCTruthValue
Textual Convention: SNMPv2-TCTruthValue Enumeration
Type Values:
1true
2false
 .1.3.6.1.4.1.9.9.603.1.3.3.1.1