EXTREME-IP-SECURITY-MIB
Extreme IP Security MIB
extremeIpSecurity
1.3.6.1.4.1.1916.1.34
Imported Objects
| EXTREME-BASE-MIB | extremeAgent |
| INET-ADDRESS-MIB | InetAddress InetAddressType InetPortNumber |
| SNMPv2-SMI | Counter64 Integer32 IpAddress MODULE-IDENTITY OBJECT-TYPE |
| SNMPv2-TC | DisplayString MacAddress RowStatus TEXTUAL-CONVENTION |
Type Definitions (6)
| HexOctet | OctetString |
range: 2 |
| IcmpAnomalyReason | Enumeration |
unknown(0)icmpOverSize(1)icmpFragmented(2) |
| IpProtocol | Enumeration |
unknown(0)icmp(1)tcp(6)udp(17) |
| TcpFlagAnomalyReason | Enumeration |
unknown(0)flagSynAndSrcPort(1)flagAndSeq(2)flagFinAndUrgAandPshandSeq(3)flagSynAndFin(4) |
| TcpFragmentAnomalyReason | Enumeration |
unknown(0)tcpHdrLessSize(1)tcpFragmented(2) |
| VlanTag | Integer32 |
range: 0..4095 |
Objects (30)
extremeIpSecurity
|
.1.3.6.1.4.1.1916.1.34 |
|
|
extremeIpSecurityTraps
|
.1.3.6.1.4.1.1916.1.34.1 |
|
|
extremeIpSecurityTrapsPrefix
|
.1.3.6.1.4.1.1916.1.34.1.0 |
|
extremeIpSecurityVlanIfIndex
|
Integer32 | .1.3.6.1.4.1.1916.1.34.1.1 |
|
extremeIpSecurityVlanDescr
|
OctetString | .1.3.6.1.4.1.1916.1.34.1.2 |
|
extremeIpSecurityPortIfIndex
|
Integer32 | .1.3.6.1.4.1.1916.1.34.1.3 |
|
extremeIpSecurityIpAddr
|
SNMPv2-SMIIpAddress | .1.3.6.1.4.1.1916.1.34.1.4 |
|
extremeIpSecurityMacAddress
|
SNMPv2-TCMacAddress | .1.3.6.1.4.1.1916.1.34.1.5 |
|
extremeIpSecurityViolationType
|
Enumeration | .1.3.6.1.4.1.1916.1.34.1.6 |
|
extremeIpSecurityAnomalyTraps
|
.1.3.6.1.4.1.1916.1.34.2 |
|
|
extremeIpSecurityAnomalyTrapsPrefix
|
.1.3.6.1.4.1.1916.1.34.2.0 |
|
|
esAnomalyPortIfIndex
|
Integer32 | .1.3.6.1.4.1.1916.1.34.2.1 |
|
esAnomalyIpProto
|
IpProtocol | .1.3.6.1.4.1.1916.1.34.2.10 |
|
esAnomalySrcL4Port
|
INET-ADDRESS-MIBInetPortNumber | .1.3.6.1.4.1.1916.1.34.2.11 |
|
esAnomalyDestL4Port
|
INET-ADDRESS-MIBInetPortNumber | .1.3.6.1.4.1.1916.1.34.2.12 |
|
esAnomalyTcpFlag
|
HexOctet | .1.3.6.1.4.1.1916.1.34.2.13 |
|
esAnomalyTcpSeq
|
Integer32 | .1.3.6.1.4.1.1916.1.34.2.14 |
|
esAnomalyTcpHdrSize
|
Integer32 | .1.3.6.1.4.1.1916.1.34.2.15 |
|
esAnomalyTcpFlagReason
|
TcpFlagAnomalyReason | .1.3.6.1.4.1.1916.1.34.2.16 |
|
esAnomalyIcmpReason
|
IcmpAnomalyReason | .1.3.6.1.4.1.1916.1.34.2.17 |
|
esAnomalyVlanTag
|
VlanTag | .1.3.6.1.4.1.1916.1.34.2.18 |
|
esAnomalyTcpFragmentReason
|
TcpFragmentAnomalyReason | .1.3.6.1.4.1.1916.1.34.2.19 |
|
esAnomalyVlanIfIndex
|
Integer32 | .1.3.6.1.4.1.1916.1.34.2.2 |
|
esAnomalyVlanDescr
|
OctetString | .1.3.6.1.4.1.1916.1.34.2.3 |
|
esAnomalySrcMacAddress
|
SNMPv2-TCMacAddress | .1.3.6.1.4.1.1916.1.34.2.4 |
|
esAnomalyDestMacAddress
|
SNMPv2-TCMacAddress | .1.3.6.1.4.1.1916.1.34.2.5 |
|
esAnomalySrcIpAddrType
|
INET-ADDRESS-MIBInetAddressType | .1.3.6.1.4.1.1916.1.34.2.6 |
|
esAnomalySrcIpAddr
|
INET-ADDRESS-MIBInetAddress | .1.3.6.1.4.1.1916.1.34.2.7 |
|
esAnomalyDestIpAddrType
|
INET-ADDRESS-MIBInetAddressType | .1.3.6.1.4.1.1916.1.34.2.8 |
|
esAnomalyDestIpAddr
|
INET-ADDRESS-MIBInetAddress | .1.3.6.1.4.1.1916.1.34.2.9 |
Notifications / Traps (6)
| Name | OID | Description |
|---|---|---|
extremeIpSecurityViolation
|
.1.3.6.1.4.1.1916.1.34.1.0.1 |
For vlans/ports on which one or more of the IP Security features have been enabled, this trap will be generated when a packet received on that vlan/port is in violation of the configured IP Security protections |
|
extremeIpSecurityAnomalyIpViolation
|
.1.3.6.1.4.1.1916.1.34.2.0.1 |
For ports on which the protocol anomaly protection IP features has been enabled, this trap will be generated when a packet received on that port if the packet's source IP == destination IP |
|
extremeIpSecurityAnomalyL4PortViolation
|
.1.3.6.1.4.1.1916.1.34.2.0.2 |
For ports on which the protocol anomaly protection L4port features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP or UDP packetr. AND 2) its source L4 port == destination port |
|
extremeIpSecurityAnomalyTcpFlagViolation
esAnomalyPortIfIndex esAnomalyVlanIfIndex esAnomalyVlanDescr esAnomalySrcMacAddress esAnomalyDestMacAddress esAnomalyVlanTag esAnomalySrcIpAddrType esAnomalySrcIpAddr esAnomalyDestIpAddrType esAnomalyDestIpAddr esAnomalySrcL4Port esAnomalyDestL4Port esAnomalyTcpFlagReason esAnomalyTcpFlag esAnomalyTcpSeq
|
.1.3.6.1.4.1.1916.1.34.2.0.3 |
For ports on which the protocol anomaly protection TCP flags features has been enabled, this trap will be generated when a TCP packet received on that port if 1) (TCP flag SYN is set) and (its TCP source port < 1024). OR 2) (TCP flag == 0) and (TCP seq # == 0). OR 3) (TCP flag FIN/URG/PSH bits sre set) and (TCP seq # == 0). OR 4) Both TCP iflag SYN and FIN are set |
|
extremeIpSecurityAnomalyTcpFragmentViolation
|
.1.3.6.1.4.1.1916.1.34.2.0.4 |
For ports on which the protocol anomaly protection TCP fragment features has been enabled, this trap will be generated when a packet received on that port if 1) the packet is a TCP, and its size of the TCP header is less than pre-configured value; or 2) the packet is a TCP and it is a IP fragmented packet (IP offset != 0) |
|
extremeIpSecurityAnomalyIcmpViolation
|
.1.3.6.1.4.1.1916.1.34.2.0.5 |
For ports on which the protocol anomaly protection ICMP features has been enabled, this trap will be generated when an ICMP packet received on that port if 1) the size of ICMP (IP payload) is large thant pre-configured value; or 2) it is a fragmented IP/ICMP packet (IP offset != 0) |